go.behindthemarkets.com Open in urlscan Pro
35.202.21.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.gritterohub.com/?qs=68cc469d9e18f0d80a4e97dd55f0c0a3d76557665c20302a551aaa162f28a95fe6014f5dcac52d8de480748e58d6...
Effective URL:
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_c...
Submission: On May 30 via manual (May 30th 2023, 4:57:08 pm UTC) from CA — Scanned from CA

Summary HTTP 106 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 25 domains to perform 106 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is go.behindthemarkets.com. The Cisco Umbrella rank of the primary domain is 974964.
TLS certificate: Issued by R3 on May 30th 2023. Valid for: 3 months.

This is the only time go.behindthemarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.245.146.52 128.245.146.52	14340 (SALESFORCE) (SALESFORCE)
1 1	2606:4700:303... 2606:4700:3036::ac43:de61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700:303... 2606:4700:3032::ac43:d48e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:804::2008	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	104.114.72.16 104.114.72.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:402... 2607:f8b0:4020:804::2001	15169 (GOOGLE) (GOOGLE)
18	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
10	2607:f8b0:402... 2607:f8b0:4020:804::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::f 2620:100:a001::f	19750 (AS-CRITEO) (AS-CRITEO)
14	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 ^_^) (CDN77 ^_^)
1 2	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
6	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1 3	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
5	34.220.132.2 34.220.132.2	16509 (AMAZON-02) (AMAZON-02)
3	107.178.211.97 107.178.211.97	15169 (GOOGLE) (GOOGLE)
3	35.190.27.197 35.190.27.197	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:d... 2600:1901:0:df23::	15169 (GOOGLE) (GOOGLE)
106	28

1 128.245.146.52 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.gritterohub.com

click.gritterohub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:de61 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.gritterohubnwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:d48e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.behindthemarkets-btm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

go.behindthemarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
btm-btm-btm.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.114.72.16 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-114-72-16.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

fast.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::f (United States)

ASN19750 (AS-CRITEO, US)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::2002 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2004 (Flushing, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.220.132.2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-220-132-2.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.211.97 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 97.211.178.107.bc.googleusercontent.com

stats.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.27.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.27.190.35.bc.googleusercontent.com

analytics-ingress-global.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:df23:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

licensing.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	vidalytics.com fast.vidalytics.com — Cisco Umbrella Rank: 156595 stats.vidalytics.com — Cisco Umbrella Rank: 133611	9 MB
19	sumo.com load.sumo.com — Cisco Umbrella Rank: 12244 sumo.com — Cisco Umbrella Rank: 11393	448 KB
6	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 33890	3 KB
6	gstatic.com fonts.gstatic.com	190 KB
5	bitmovin.com analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 30806 licensing.bitmovin.com — Cisco Umbrella Rank: 8067	957 B
5	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 243 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 715	100 KB
4	google.ca www.google.ca — Cisco Umbrella Rank: 8531	691 B
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	3 KB
4	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3487 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2837	23 KB
4	center.io js.center.io — Cisco Umbrella Rank: 40798	15 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	307 KB
4	behindthemarkets-btm.com 1 redirects www.behindthemarkets-btm.com — Cisco Umbrella Rank: 944390	22 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 47	195 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4307	2 KB
2	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 39252	29 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 174	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 885	46 KB
1	lpages.co btm-btm-btm.lpages.co	18 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 51473	15 KB
1	behindthemarkets.com go.behindthemarkets.com — Cisco Umbrella Rank: 974964	21 KB
1	gritterohubnwl.com 1 redirects www.gritterohubnwl.com	788 B
1	gritterohub.com 1 redirects click.gritterohub.com — Cisco Umbrella Rank: 952960	298 B
106	25

	Domain	Requested by
18	fast.vidalytics.com	go.behindthemarkets.com fast.vidalytics.com
14	load.sumo.com	go.behindthemarkets.com load.sumo.com
6	api.leadpages.io	embed.lpcontent.net js.center.io
6	fonts.gstatic.com	fonts.googleapis.com
5	sumo.com	load.sumo.com
5	analytics.tiktok.com	go.behindthemarkets.com analytics.tiktok.com
4	www.google.ca	go.behindthemarkets.com
4	js.center.io	go.behindthemarkets.com js.center.io btm-btm-btm.lpages.co
4	www.googletagmanager.com	go.behindthemarkets.com www.googletagmanager.com
4	www.behindthemarkets-btm.com	1 redirects go.behindthemarkets.com www.behindthemarkets-btm.com
3	analytics-ingress-global.bitmovin.com	go.behindthemarkets.com
3	stats.vidalytics.com	go.behindthemarkets.com
3	www.google.com	1 redirects go.behindthemarkets.com
3	fonts.googleapis.com	go.behindthemarkets.com btm-btm-btm.lpages.co client
2	licensing.bitmovin.com	go.behindthemarkets.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	lh3.googleusercontent.com	go.behindthemarkets.com
2	dev.visualwebsiteoptimizer.com	go.behindthemarkets.com
2	static.leadpages.net	go.behindthemarkets.com btm-btm-btm.lpages.co
1	mug.criteo.com	go.behindthemarkets.com
1	www.googleadservices.com	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	btm-btm-btm.lpages.co	embed.lpcontent.net
1	embed.lpcontent.net	go.behindthemarkets.com
1	go.behindthemarkets.com
1	www.gritterohubnwl.com	1 redirects
1	click.gritterohub.com	1 redirects
106	32

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
behindthemarkets.com

Subject Issuer	Validity	Valid
go.behindthemarkets.com R3	`2023-05-30` - `2023-08-28`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2023-04-25` - `2023-07-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
behindthemarkets-btm.com E1	`2023-05-07` - `2023-08-05`	3 months	crt.sh
embed.lpcontent.net GTS CA 1D4	`2023-04-11` - `2023-07-10`	3 months	crt.sh
js.center.io GTS CA 1D4	`2023-05-21` - `2023-08-19`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.vidalytics.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-30` - `2023-12-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.lpages.co R3	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-16` - `2024-02-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.leadpages.io Go Daddy Secure Certificate Authority - G2	`2022-10-27` - `2023-10-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.bitmovin.com Go Daddy Secure Certificate Authority - G2	`2023-05-08` - `2024-06-08`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Frame ID: 1AD7E6B0EB5A1B61716DA7A4680F33BD
Requests: 97 HTTP requests in this frame

Frame: https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&aff=94&id=&iocid=&oid=35&utm_campaign=327&utm_medium=&utm_source=94
Frame ID: 8335CEC3783C5175FFA1D1E112AFDE92
Requests: 5 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: DE057E8F50F0245504A0C02D1F001BBC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag
Frame ID: 1853D535B6866199497BC10578F1A320
Requests: 2 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 920921840BEC369D201D68E24BCA02F7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prepare for War

Page URL History Show full URLs

https://click.gritterohub.com/?qs=68cc469d9e18f0d80a4e97dd55f0c0a3d76557665c20302a551aaa162f28a95fe6014f5d... HTTP 302
https://www.gritterohubnwl.com/DFBHL/8KG5KW/?source_id=BTMPre20&sub1=1&sub2=SFSpinGH&sub3=SFSpin&sub4=Pat&s... HTTP 302
https://www.behindthemarkets-btm.com/58GQMR/2PKWQ8/?creative_id=327&sub5=f5b36002e8e74476b5ab251afa63b790 HTTP 302
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

106
Requests

95 %
HTTPS

59 %
IPv6

25
Domains

32
Subdomains

28
IPs

2
Countries

10433 kB
Transfer

15367 kB
Size

22
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://vidalytics.com/?utm_source=Powered%20By&utm_medium=Player&utm_content=PzpZ_7KZ
Title: Powered by Vidalytics

Search URL Search Domain Scan URL

URL: https://vidalytics.com/contact/?subject=Report%20an%20issue
Title: Report an issue

Search URL Search Domain Scan URL

URL: https://behindthemarkets.com/p/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://behindthemarkets.com/p/terms
Title: Terms & Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.gritterohub.com/?qs=68cc469d9e18f0d80a4e97dd55f0c0a3d76557665c20302a551aaa162f28a95fe6014f5dcac52d8de480748e58d6625e30d93695ba8f1dee HTTP 302
https://www.gritterohubnwl.com/DFBHL/8KG5KW/?source_id=BTMPre20&sub1=1&sub2=SFSpinGH&sub3=SFSpin&sub4=Pat&sub5=kbell@mun.ca HTTP 302
https://www.behindthemarkets-btm.com/58GQMR/2PKWQ8/?creative_id=327&sub5=f5b36002e8e74476b5ab251afa63b790 HTTP 302
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/?random=1561544132&cv=11&fst=1685465816985&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=517360312.1685465817&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=2Sp2ZPXKA-WcoPMP8OGIuAQ&sscte=1&crd=&pscrd=Ek5DaEVJOEwzV293WVE1X2kzNmVmSTk5V0NBUklsQUs1YzktT2tHSktUMnI2MlExS2dxUmRFQjMtN3c1Q0pLSTJBeGpFUE1qSzVGUmdsVmcaV0NoQUk4TDNXb3dZUW9vakNnUFdPbGJ3dUVpMEE4WU1reElkZWpNYlp4c3R6Qm1hSFNWRTJQMnNRckpRVy1JUXdYWndITDZEbnYxcmV6UTN6Mnk1TWhYYyITCLWburrBnf8CFWUOaAgd8DACRw HTTP 302
https://www.google.com/pagead/1p-conversion/401032603/?random=1561544132&cv=11&fst=1685465816985&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=517360312.1685465817&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEwzV293WVE1X2kzNmVmSTk5V0NBUklsQUs1YzktT2tHSktUMnI2MlExS2dxUmRFQjMtN3c1Q0pLSTJBeGpFUE1qSzVGUmdsVmcaV0NoQUk4TDNXb3dZUW9vakNnUFdPbGJ3dUVpMEE4WU1reElkZWpNYlp4c3R6Qm1hSFNWRTJQMnNRckpRVy1JUXdYWndITDZEbnYxcmV6UTN6Mnk1TWhYYyITCLWburrBnf8CFWUOaAgd8DACRw&is_vtc=1&ocp_id=2Sp2ZPXKA-WcoPMP8OGIuAQ&cid=CAQSKQBygQiDVwnbh25faYBSAERUsqoMLLTwq8vVqY5GrSY6nbNL825nYDmV&random=3280765289 HTTP 302
https://www.google.ca/pagead/1p-conversion/401032603/?random=1561544132&cv=11&fst=1685465816985&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=517360312.1685465817&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEwzV293WVE1X2kzNmVmSTk5V0NBUklsQUs1YzktT2tHSktUMnI2MlExS2dxUmRFQjMtN3c1Q0pLSTJBeGpFUE1qSzVGUmdsVmcaV0NoQUk4TDNXb3dZUW9vakNnUFdPbGJ3dUVpMEE4WU1reElkZWpNYlp4c3R6Qm1hSFNWRTJQMnNRckpRVy1JUXdYWndITDZEbnYxcmV6UTN6Mnk1TWhYYyITCLWburrBnf8CFWUOaAgd8DACRw&is_vtc=1&ocp_id=2Sp2ZPXKA-WcoPMP8OGIuAQ&cid=CAQSKQBygQiDVwnbh25faYBSAERUsqoMLLTwq8vVqY5GrSY6nbNL825nYDmV&random=3280765289&ipr=y

Request Chain 54

https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3EDaTXxnamx1dWR5UGNRZHpwYi9nWDZ1UGpKL3Z5ZUp4eVRMcmladjh6VFRHaEZsenk4VlpCODZxVjg1aUEvNTUwRXI1L3VtbUV5TEVjRzBkVHR4YVRLYUFLeG9aYnNmMmNlU1NoTU90UEpIbm04alQzRlNQbkhzQ0RrYVNkdFlqai90SmMyZ0pwVGs2dWJyalhja1pOMXNJUGI4eEhsQ3UxMWlHTjcwZFRHRkIxRFUzb3dZNlA0WVY4Q1pnSHBRQVJnOWljemNKb2cxaGk0SnlCaTlibjBYbDgxdE93NmlxVGVEVWtjTWFiOU1zSnNsM2VrZGhmcWdoZ0N2SE9vODZwVG1XYlQ1N0Y0dENSaHZ6YlpiTGRWSzhDWWV2dVRaYjcySldEY2kxd2J2VkM0QT18&cppv=2

106 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
go.behindthemarkets.com/prepare-for-war-video-1/
Redirect Chain

https://click.gritterohub.com/?qs=68cc469d9e18f0d80a4e97dd55f0c0a3d76557665c20302a551aaa162f28a95fe6014f5dcac52d8de480748e58d6625e30d93695ba8f1dee
https://www.gritterohubnwl.com/DFBHL/8KG5KW/?source_id=BTMPre20&sub1=1&sub2=SFSpinGH&sub3=SFSpin&sub4=Pat&sub5=kbell@mun.ca
https://www.behindthemarkets-btm.com/58GQMR/2PKWQ8/?creative_id=327&sub5=f5b36002e8e74476b5ab251afa63b790
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35

101 KB
21 KB

245ms
76ms

Document
text/html

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

52ad8019cb43ed33cce19f726cac0b991c5eeebaa78d18de848cc1ee06a803f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 30 May 2023 16:56:56 GMT
etag: W/"af2c3630e2d413bc0ee7f3d809242372"
last-modified: Tue, 30 May 2023 13:26:55 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cf883662cea5943-IAD
content-type: text/html; charset=utf-8
date: Tue, 30 May 2023 16:56:56 GMT
location: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6vet0JpsrUu%2FZQt08qdtEy0yVp9DpshyRwaDXeIOzT8D8UNRLsFPyp8t13I3XE%2BKkkHxQJ3dik521EInqLvv4KH2h%2B1j3laYSPNJnR06YwIbg%2FttXH1A%2FKuugfjO%2BztBSRGyKDeO9I6EFxDBPrrru6HCS50mJPfYWz5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
via: 1.1 google
x-eflow-request-id: 47af8930-9e80-40ab-80df-1cc04c60d63f

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 88ms
11ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:12:56 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 902640
etag: "S86klQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 909ca52a845d3ae370aefec99f23e352
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Sun, 19 May 2024 06:12:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 81ms
39ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Requested by

Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27d56525eda014f4e98a042c321db494c91804bb94a39de3a297b9947c8665f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 May 2023 16:56:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 May 2023 16:56:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
70 KB 113ms
67ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-401032603

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

730f28a82678723f409fc99db224a85c12a60c9180b838d30d0650bbbc2c3c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71770
x-xss-protection: 0
last-modified: Tue, 30 May 2023 16:09:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 May 2023 16:56:56 GMT

GET
H2 200 everflow.js Show response
www.behindthemarkets-btm.com/scripts/sdk/ 60 KB
19 KB 38ms
37ms Script
text/javascript 2606:4700:3032::ac43:d48e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d48e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e426e330d152fce1b2e4a53ff4062cfe1531acca6f02c9b5329009d496aad05

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 866
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 May 2023 16:42:30 GMT
accept-ch: Sec-Ch-Ua-Platform-Version
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhShzQDAjtc%2BGY6ak8XRbC2LQGwO02dh1TsWtyj%2BNpaJBYC9hNglWuU8fyZMEXWCnMESy%2BabQo%2F5tlMbARTdZPI1GeTK1r0Fkawzj11ZEConyFTJyfAfcS7zg70DE4oGM22GAlvslKmK1ZWFuxqwUXu3RHLcmPdsXryO"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 69011091-2e00-4fd9-8e36-b1cf50f074ec
cf-ray: 7cf883684e745943-IAD

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 65ms
16ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:54:00 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 176
etag: "S86klQ"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 939689d282680179cbb6df08f012fe36
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Tue, 30 May 2023 16:59:00 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 97ms
29ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:54:49 GMT
content-encoding: gzip
server: Google Frontend
age: 127
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: d249640829cfa4fe9be9b13f35cd4124
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 30 May 2023 16:59:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 255 KB
85 KB 45ms
45ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b30efb0b288f3d2bded2b09d53bc40067776a199344596bce4563b1cbe3c7f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86173
x-xss-protection: 0
last-modified: Tue, 30 May 2023 16:09:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 May 2023 16:56:56 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 69ms
28ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=601261&u=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&f=1&r=0.04020536372271266
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: eee560fdd26b14c16aae2375df7637e856e4e023e6787b3a8ddfb1be4c470459

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: gzip
via: 1.1 google
server: gnv1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 161ms
39ms Script
application/javascript 104.114.72.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCGDCQRC77UB2PF1K7AG&lib=ttq
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.114.72.16 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-114-72-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 93d668bb5f0a76b8b68d432004384a013cbb7d56678e08f763eb7f482a60093f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 43a5991a
date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-114-72-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=14
content-length: 1398
pragma: no-cache
server: nginx
x-tt-logid: 202305301656564D3B3124C3BA921E3190
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,104.114.72.12
x-tt-trace-host: 01aea78b356778cfaedf77c75b4c41ffd2c8fde013648546801d6ed43d259f43243abae5c5d6c442a5de4295c98a05972ffc906af3926efc51fb92cd2e580ad3fc0f743a66f1b1a521ad9ae887edd1ace61e2fa88b82cf148af6cf3f95c4f791de
expires: Tue, 30 May 2023 16:56:56 GMT

GET
H2 200 q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=s16
lh3.googleusercontent.com/ 534 B
834 B 60ms
16ms Image
image/jpeg 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=s16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

230ce7cbc4220c4724303b8a51e5de6f76093ac08c17af912082ab8488b32049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 14:02:49 GMT
x-content-type-options: nosniff
age: 10447
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 31 May 2023 14:02:49 GMT

GET
H2 200 loader.min.js Show response
fast.vidalytics.com/embeds/PzpZ_7KZ/P2TcgW53eVUAOUis/ 42 KB
12 KB 517ms
251ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/P2TcgW53eVUAOUis/loader.min.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: SP /
Resource Hash: 6b348750b851c4bb1fa0a06f39bebcfa924bbdf251a64649d7afb5fce495fd46

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: gzip
x-cdn: 4
x-guploader-uploadid: ADPycduS-bwkFxe4NNSxuqBqVCsV935REPjDr2KzQ8awYadjjk-0zrjJOZwJMAK8X5GWRSBamttT10UXDmvQGVetPrIGPw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Fri, 31 Mar 2023 17:17:37 GMT
server: SP
x-cdn-info: loader
etag: "659faf5480590dc8b6b787cb229f0c25"
vary: Accept-Encoding
x-goog-generation: 1680283057884994
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=JlwauA==, md5=ZZ+vVIBZDci2t4fLIp8MJQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: no-store, private, max-age=0, s-max-age=0
x-hw: 1685465816.cds007.fr8.hn,1685465816.cds007.fr8.sl
x-goog-stored-content-length: 10568
accept-ranges: bytes
expires: Tue, 30 May 2023 16:56:56 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 57ms
11ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 17:26:16 GMT
x-content-type-options: nosniff
age: 603040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 17:26:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 68ms
22ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 08:06:23 GMT
x-content-type-options: nosniff
age: 291033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 08:06:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 74ms
28ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 14:48:49 GMT
x-content-type-options: nosniff
age: 266887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 14:48:49 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 79ms
34ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 07:40:34 GMT
x-content-type-options: nosniff
age: 292582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 07:40:34 GMT

GET
H2 200 AlZy_zVFtYP12Zncg2kRcn35.woff2
fonts.gstatic.com/s/rozhaone/v13/ 18 KB
18 KB 82ms
38ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rozhaone/v13/AlZy_zVFtYP12Zncg2kRcn35.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:49:26 GMT
x-content-type-options: nosniff
age: 263250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18176
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:29:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 15:49:26 GMT

GET
H2 200 q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1600
lh3.googleusercontent.com/ 194 KB
194 KB 70ms
60ms Image
image/jpeg 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

42e6326211b739c4d83cc7899a38ec013ffacd2bba7df0fbf3c19a2989897c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198398
x-xss-protection: 0
expires: Wed, 31 May 2023 16:56:56 GMT

GET
H2 200 / Show response
btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/ Frame 8335 88 KB
18 KB 268ms
76ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&aff=94&id=&iocid=&oid=35&utm_campaign=327&utm_medium=&utm_source=94

Requested by

Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

a5a03882d6cc3420749e95a6aa750c8e73f74a2ca75f1c778efd762784dcb22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 30 May 2023 16:56:56 GMT
etag: W/"020f2e7f5de46a783fcb76a76791482c"
last-modified: Mon, 31 Jan 2022 22:51:27 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
215 B 87ms
86ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=601261&d=go.behindthemarkets.com&u=D69A99B22A485DD8F44C9320D6E64A34F&h=b0f394c937d96a379200272bf5b8e1a4&t=false&r=0.8729334704944969

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:56 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 118 KB
46 KB 130ms
58ms Script
application/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-K7WPB5K

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

621efef4efeec13480712a57d0fb0f96e9c1309ba86cf373cf67d38ccc53e8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46972
x-xss-protection: 0
last-modified: Tue, 30 May 2023 16:09:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 May 2023 16:56:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 73ms
20ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 16:11:08 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2748
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 30 May 2023 18:11:08 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 45 KB
15 KB 106ms
45ms Script
application/javascript 2620:100:a001::f
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=93258

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::f , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5403a7f681e55b4eb0eef391fe9a0e93cbf60059e67291c838f490dcbf60b961

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 144ms
32ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 18EVW9P1EYK2TDE0
cdn-cachedat: 02/28/2023 06:28:19
cdn-pullzone: 53731
x-amz-id-2: 7RmG6yOPw7jnWivW3UE3HJCn+UDCfM7m8IiRqpmrB6+Ij16mv6Hc+uF1zjju2j9amKUHrMpQ3t0=
last-modified: Wed, 05 Oct 2022 16:50:13 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"415c9608bc47ee8a16b3a2f2c0aee7b0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=600
cdn-requestid: 335d534c8acbd72f8eaef3270ef60f6f
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
82 KB 46ms
45ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0808bf052dedb54f370da6852f6021c26ed853d2aad4512dd66e3ff01f434df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 May 2023 16:56:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
70 KB 54ms
54ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-401032603&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

965f2f16c348448339708c82dabffe362b7c5b5d82104f93f105a646a32a042b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71767
x-xss-protection: 0
last-modified: Tue, 30 May 2023 16:09:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 May 2023 16:56:56 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame DE05 4 KB
2 KB 40ms
30ms Document
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 299
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Tue, 30 May 2023 16:51:57 GMT
etag: "OMWYXg"
expires: Tue, 30 May 2023 16:56:57 GMT
server: Google Frontend
x-cloud-trace-context: 9dbb42458e14e1ab294abce4d530ad6f

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/ 3 KB
2 KB 144ms
102ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/?random=1685465816956&cv=11&fst=1685465816956&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&auid=517360312.1685465817&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-401032603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bc25baa2089652e92af7170f1c60757d14b4a9983fe9ead9f62ed0d5b9a3285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1423
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/401032603/ 3 KB
2 KB 89ms
39ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/401032603/?random=1685465816985&cv=11&fst=1685465816985&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=517360312.1685465817&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-401032603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

fae2d47dae618cd63843b485166a7ef6ceb53048f217aabf85f5d56e8d601ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1668
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTY0NTk0YzcxMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 242 KB
67 KB 24ms
23ms Script
application/javascript 104.114.72.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTY0NTk0YzcxMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCGDCQRC77UB2PF1K7AG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.114.72.16 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-114-72-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 43a59cb6
date: Tue, 30 May 2023 16:56:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230530121203DAF865462C0980249622
vary: Accept-Encoding
x-cache: TCP_HIT from a104-114-72-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01b3ff55986208fe967bd4ec65e107af1511e3d60f5c487e61ac0f3bebb544260b3a0ac93ed7c2f9e755b072b3cecb0d3824d1a46526ddacf8962d5693fc2bda743cdcd38c604ba38b7aae3ba6a2b18b1f401b6ccb22f04a5b30d273008d446dab
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 67703

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame 8335 58 KB
14 KB 14ms
12ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&aff=94&id=&iocid=&oid=35&utm_campaign=327&utm_medium=&utm_source=94
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:12:56 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 902641
etag: "S86klQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 909ca52a845d3ae370aefec99f23e352
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Sun, 19 May 2024 06:12:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8335 12 KB
958 B 38ms
37ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700

Requested by

Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&aff=94&id=&iocid=&oid=35&utm_campaign=327&utm_medium=&utm_source=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d3a6577708c037836bd67cf08aecd9d1128eb69800200d343a2fb5050e5bc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 May 2023 16:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 May 2023 16:56:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 May 2023 16:56:57 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 143ms
42ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=vy3po4Te6TZVBrzEVtHgcx&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=202.5,1,RLh4RnBHt8S8rsns3Gvxq9
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 16:56:57 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 149.56.153.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 018ek6nequumgpb2nhe0

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 76ms
34ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je35o0&_p=225646946&_gaz=1&cid=510490920.1685465817&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685465817&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&dt=Prepare%20for%20War&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 90ms
34ms Ping
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8R6YNFMJ23&cid=510490920.1685465817&gtm=45je35o0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
409 B 88ms
39ms Image
image/gif 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=510490920.1685465817&gtm=45je35o0&aip=1&z=1737761001

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 click Show response
www.behindthemarkets-btm.com/sdk/ 86 B
847 B 67ms
66ms Fetch
application/json 2606:4700:3032::ac43:d48e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.behindthemarkets-btm.com/sdk/click?effp=b767754881e73e7cd24419f31350d99b&sec_ch_ua_platform=&sec_ch_ua_platform_version=&_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&oid=35&affid=94&__cc=&async=json&source_id=94&creative_id=327
Requested by: Host: www.behindthemarkets-btm.com
URL: https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d48e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97755e02d57f01e555cff7080b50b4a34473ab7d1e6bbb9b7b6d2919fdfc0097

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-Ch-Ua-Platform-Version
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn4Xav%2FfKmNg%2BpfFmK3i31YhA4PjuM7VIZ1qEZwCUH4YIohg1QDOd%2FWqaSvKaVHBhqeRPs8ztVvtHF%2BJRpFWh2LYKUnHTJklrBUc%2FJFnDezOvLu4WnAj4BjL1pV2Q%2BVk5%2BArO908W5YYmZt%2BKsbZArDOqUMJPrV0aXh5"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
x-eflow-request-id: 29693f41-97c5-497d-b54c-21392a6ad8bf
cf-ray: 7cf8836eaf4e1785-IAD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
685 B 144ms
63ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=M8m8wKU9zxEvbxyryYiQ2B&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=6BhqP9gi5pn9Agu93DWD49&sid=Pmmvspspy46TeqU2Nbafmv&cid=lp-M8m8wKU9zxEvbxyryYiQ2B&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&rf=&rx=1600&ry=1200&tz=%2B00%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 16:56:57 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 149.56.153.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 018elajingdm70akjbp0

GET
H2 200 72.0a035390359aab65eb82.js Show response
load.sumo.com/ 131 KB
44 KB 27ms
27ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:57 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: BSXQMCZE63Q2Z0R9
cdn-cachedat: 09/19/2022 12:56:02
cdn-pullzone: 53731
x-amz-id-2: DoBFOnObOvYfIgo9CKyxwmMyYwMejKx+z+NVVPPdDkEYkpHpeqChsDw77la+fbtqk93kC6hUUms=
last-modified: Tue, 13 Sep 2022 21:11:44 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"a1c4ecc2ca5bc12d61068cd427f9729f"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: fc782e8e3278d947e207534d3b0cd9a9
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 73.0a035390359aab65eb82.js Show response
load.sumo.com/ 289 KB
100 KB 73ms
73ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:57 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 51ZADA34YKSGEJG9
cdn-cachedat: 11/21/2022 14:59:42
cdn-pullzone: 53731
x-amz-id-2: Gn/+ZsuKI4+jab9ffHmSf8hH9zB0WUVUiMFr4KFwkGRJTDPglXNdNlLEqIg7es88fSh4Qff68cM=
last-modified: Wed, 05 Oct 2022 16:49:51 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"ad6f2454f01de902ffd473d51c1207bf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: d40d83dd80e61fa6f03b9bc4f513d2b5
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 33ms
33ms XHR
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=225646946&t=pageview&_s=1&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&ul=en-us&de=UTF-8&dt=Prepare%20for%20War&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAACAAI~&jid=563161442&gjid=1287035732&cid=510490920.1685465817&tid=UA-102395123-1&_gid=1260003669.1685465817&_r=1&_slc=1&gtm=45He35o0n81WNRH3TX&cd1=94&cd2=39c3eeb71fa54572bcb169c935ae26ca&cd3=false&cd4=false&cd5=false&cd6=false&cd7=false&z=1724749312

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame 8335 12 KB
5 KB 35ms
31ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&aff=94&id=&iocid=&oid=35&utm_campaign=327&utm_medium=&utm_source=94
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:55:57 GMT
content-encoding: gzip
server: Google Frontend
age: 60
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 2739235a34a92189293ee6f2fda0a4ef
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 30 May 2023 17:00:57 GMT

GET
H3 200 click Show response
www.behindthemarkets-btm.com/sdk/ 86 B
812 B 125ms
122ms Fetch
application/json 2606:4700:3032::ac43:d48e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.behindthemarkets-btm.com/sdk/click?effp=b767754881e73e7cd24419f31350d99b&sec_ch_ua_platform=&sec_ch_ua_platform_version=&_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&oid=35&affid=94&__cc=&async=json&source_id=94&creative_id=327
Requested by: Host: www.behindthemarkets-btm.com
URL: https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d48e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97755e02d57f01e555cff7080b50b4a34473ab7d1e6bbb9b7b6d2919fdfc0097

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-Ch-Ua-Platform-Version
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHd%2FC%2FASwLUPNuAOpz%2FauGpqS26tkUPZLxTq47Ipu6Ad%2F%2B0teMkIDRdGUDlF%2BM5118FLG34YF66YzVQabX08Pd5pD2%2F%2B7ygM6e9lj5vsczEaeZOlmpW49wh3Y8ttUBLCalON8O%2Fu1bPpW03Znzbvf1bqQ85UgyVsL9CM"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
x-eflow-request-id: 3c168b29-3982-4612-9dba-98b2ec6ce4d4
cf-ray: 7cf8836f88221785-IAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1853 15 KB
6 KB 112ms
26ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=93258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 16:56:57 GMT
server: Kestrel
server-processing-duration-in-ticks: 487284
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 player-dash-mse.min.js Show response
fast.vidalytics.com/embeds/PzpZ_7KZ/P2TcgW53eVUAOUis/ 2 MB
689 KB 611ms
111ms XHR
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/P2TcgW53eVUAOUis/player-dash-mse.min.js?hash=oemmkydrk
Requested by: Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/P2TcgW53eVUAOUis/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: SP /
Resource Hash: d976d90045ed04be6642a0058c93b8c2936002fcad81fd4781c66641c544a412

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: gzip
x-cdn: 4
age: 1187640
x-guploader-uploadid: ADPycdvAuymnk_JWr1TiLIYeYHw6kXosVREoNeTIPFsWTPiVh5sUD7K90a-pyjUSOdMwp3XP3tvsGrWbb7nG9cyxuyHo1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
last-modified: Fri, 31 Mar 2023 17:17:38 GMT
server: SP
x-timer: S1685465818.102618,VS0,VE3
etag: "f38c822efc42cbba2922e48214fb9c69"
vary: Accept-Encoding
x-goog-generation: 1680283058377678
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=jXTMHQ==, md5=84yCLvxCy7opIuSCFPucaQ==
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
cache-control: public, max-age=300, s-maxage=2592000
x-hw: 1685465818.cds053.fr8.hn,1685465818.cds053.fr8.sl
x-goog-stored-content-length: 617300
accept-ranges: bytes
expires: Tue, 16 May 2023 23:01:44 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/401032603/ 42 B
456 B 110ms
44ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/401032603/?random=1685465816956&cv=11&fst=1685462400000&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&frm=0&tiba=Prepare%20for%20War&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3555697311&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/401032603/ 42 B
155 B 46ms
46ms Image
image/gif 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/401032603/?random=1685465816956&cv=11&fst=1685462400000&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&frm=0&tiba=Prepare%20for%20War&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3555697311&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
152 B 41ms
38ms XHR
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-102395123-1&cid=510490920.1685465817&jid=563161442&gjid=1287035732&_gid=1260003669.1685465817&_u=aADAAEAAQAAAACAAI~&z=231780034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 May 2023 16:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.ca/pagead/1p-conversion/401032603/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/?random=1561544132&cv=11&fst=1685465816985&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.b...
https://www.google.com/pagead/1p-conversion/401032603/?random=1561544132&cv=11&fst=1685465816985&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2...
https://www.google.ca/pagead/1p-conversion/401032603/?random=1561544132&cv=11&fst=1685465816985&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2F...

42 B
64 B

43ms
42ms

Image
image/gif

2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/401032603/?random=1561544132&cv=11&fst=1685465816985&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=517360312.1685465817&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEwzV293WVE1X2kzNmVmSTk5V0NBUklsQUs1YzktT2tHSktUMnI2MlExS2dxUmRFQjMtN3c1Q0pLSTJBeGpFUE1qSzVGUmdsVmcaV0NoQUk4TDNXb3dZUW9vakNnUFdPbGJ3dUVpMEE4WU1reElkZWpNYlp4c3R6Qm1hSFNWRTJQMnNRckpRVy1JUXdYWndITDZEbnYxcmV6UTN6Mnk1TWhYYyITCLWburrBnf8CFWUOaAgd8DACRw&is_vtc=1&ocp_id=2Sp2ZPXKA-WcoPMP8OGIuAQ&cid=CAQSKQBygQiDVwnbh25faYBSAERUsqoMLLTwq8vVqY5GrSY6nbNL825nYDmV&random=3280765289&ipr=y

Requested by

Protocol

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/401032603/?random=1561544132&cv=11&fst=1685465816985&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=517360312.1685465817&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEwzV293WVE1X2kzNmVmSTk5V0NBUklsQUs1YzktT2tHSktUMnI2MlExS2dxUmRFQjMtN3c1Q0pLSTJBeGpFUE1qSzVGUmdsVmcaV0NoQUk4TDNXb3dZUW9vakNnUFdPbGJ3dUVpMEE4WU1reElkZWpNYlp4c3R6Qm1hSFNWRTJQMnNRckpRVy1JUXdYWndITDZEbnYxcmV6UTN6Mnk1TWhYYyITCLWburrBnf8CFWUOaAgd8DACRw&is_vtc=1&ocp_id=2Sp2ZPXKA-WcoPMP8OGIuAQ&cid=CAQSKQBygQiDVwnbh25faYBSAERUsqoMLLTwq8vVqY5GrSY6nbNL825nYDmV&random=3280765289&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 23ms
23ms Script
application/javascript 104.114.72.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTY0NTk0YzcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.114.72.16 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-114-72-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 43a5a209
date: Tue, 30 May 2023 16:56:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305081133240C17E23599227181514D
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-114-72-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012e134edc8e49a53c54f2a6a17a94ce33a69b4cd02114a0ddd5fc963218fc27befebe82470ac952c401724ff66ad8d3d76a94877932eea5e1fedc008e88c9ae6e868994035fbb10787b1be07b6f1691824b051dbad808ef32de59749c88d577cc
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30688

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
556 B 78ms
77ms Ping
text/plain 104.114.72.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTY0NTk0YzcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.114.72.16 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-114-72-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
x-akamai-request-id: 43a5a2a0
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230530165657AC71F555ECBD8FC72230
x-cache: TCP_MISS from a104-114-72-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 50,104.114.72.12
x-tt-trace-host: 01aea78b356778cfaedf77c75b4c41ffd2c8fde013648546801d6ed43d259f4324645c775f6e812367ea1c92f4c1f8c9f7498cd9bb54de627aad312a8164a1dcdf93422ce539f32ef7db311e73364448a77a8db97ec49b06fa7f8decb60b43cb6e
server-timing: inner; dur=38, cdn-cache; desc=MISS, edge; dur=7, origin; dur=50
content-length: 0
expires: Tue, 30 May 2023 16:56:57 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
554 B 83ms
82ms Ping
text/plain 104.114.72.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTY0NTk0YzcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.114.72.16 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-114-72-16.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
x-akamai-request-id: 43a5a2a1
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202305301656571860508056DD64A96FAC
x-cache: TCP_MISS from a104-114-72-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 45,104.114.72.12
x-tt-trace-host: 01aea78b356778cfaedf77c75b4c41ffd2c8fde013648546801d6ed43d259f4324645c775f6e812367ea1c92f4c1f8c9f70e17c2479b784ca3fb2a4363197113362438e71a76c108751d727be61d7d76637af2e0701aae89ab71d909d13ac19043
server-timing: inner; dur=35, cdn-cache; desc=MISS, edge; dur=8, origin; dur=45
content-length: 0
expires: Tue, 30 May 2023 16:56:57 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 9209 4 KB
2 KB 31ms
30ms Document
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://btm-btm-btm.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 197
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Tue, 30 May 2023 16:53:40 GMT
etag: "OMWYXg"
expires: Tue, 30 May 2023 16:58:40 GMT
server: Google Frontend
x-cloud-trace-context: 35ddc1a72797b9bc2f421c960af4b8c5

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 40ms
38ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-102395123-1&cid=510490920.1685465817&jid=563161442&_u=aADAAEAAQAAAACAAI~&z=961458672

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 37ms
36ms Image
image/gif 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-102395123-1&cid=510490920.1685465817&jid=563161442&_u=aADAAEAAQAAAACAAI~&z=961458672

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1853
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=3EDaTXxnamx1dWR5UGNRZHpwYi9nWDZ1UGpKL3Z5ZUp4eVRMcmladjh6VFRHaEZsenk4VlpCODZxVjg1aUEvNTUwRXI1L3VtbUV5TEVjRzBkVHR4YVRLYUFLeG9aYnNmMmNlU1NoTU90UEpIbm04alQzRlNQbkhzQ0RrYV...

452 B
670 B

87ms
24ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3EDaTXxnamx1dWR5UGNRZHpwYi9nWDZ1UGpKL3Z5ZUp4eVRMcmladjh6VFRHaEZsenk4VlpCODZxVjg1aUEvNTUwRXI1L3VtbUV5TEVjRzBkVHR4YVRLYUFLeG9aYnNmMmNlU1NoTU90UEpIbm04alQzRlNQbkhzQ0RrYVNkdFlqai90SmMyZ0pwVGs2dWJyalhja1pOMXNJUGI4eEhsQ3UxMWlHTjcwZFRHRkIxRFUzb3dZNlA0WVY4Q1pnSHBRQVJnOWljemNKb2cxaGk0SnlCaTlibjBYbDgxdE93NmlxVGVEVWtjTWFiOU1zSnNsM2VrZGhmcWdoZ0N2SE9vODZwVG1XYlQ1N0Y0dENSaHZ6YlpiTGRWSzhDWWV2dVRaYjcySldEY2kxd2J2VkM0QT18&cppv=2

Requested by

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

12577558a934160d62d4acb759b5e03949a9b8d0d510e05e811dcc637039a15e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1477952
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 May 2023 16:56:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=3EDaTXxnamx1dWR5UGNRZHpwYi9nWDZ1UGpKL3Z5ZUp4eVRMcmladjh6VFRHaEZsenk4VlpCODZxVjg1aUEvNTUwRXI1L3VtbUV5TEVjRzBkVHR4YVRLYUFLeG9aYnNmMmNlU1NoTU90UEpIbm04alQzRlNQbkhzQ0RrYVNkdFlqai90SmMyZ0pwVGs2dWJyalhja1pOMXNJUGI4eEhsQ3UxMWlHTjcwZFRHRkIxRFUzb3dZNlA0WVY4Q1pnSHBRQVJnOWljemNKb2cxaGk0SnlCaTlibjBYbDgxdE93NmlxVGVEVWtjTWFiOU1zSnNsM2VrZGhmcWdoZ0N2SE9vODZwVG1XYlQ1N0Y0dENSaHZ6YlpiTGRWSzhDWWV2dVRaYjcySldEY2kxd2J2VkM0QT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 295175
content-length: 0
expires: 0

POST
H2 200 / Show response
sumo.com/api/load/ 873 B
1 KB 361ms
83ms XHR
application/json 34.220.132.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-220-132-2.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e8e5e01238df717ce0a4a29d2f53dab165c53593bfc2bbd1dcbcf7edbcc3fba1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 873

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
356 B 42ms
42ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=81,87,76,246,6,252,424,426,1935,1944
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 16:56:58 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 149.56.153.184
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 018elao3uds033qi7bvg

OPTIONS
H2 204 services
sumo.com/ Frame 0
0 87ms
86ms Preflight 34.220.132.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-220-132-2.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: POST
Origin: https://go.behindthemarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://go.behindthemarkets.com
access-control-max-age: 2592000
date: Tue, 30 May 2023 16:56:58 GMT
server: nginx

POST
H2 200 services Show response
sumo.com/ 205 B
609 B 130ms
129ms XHR
application/json 34.220.132.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-220-132-2.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c5265b2a343e05fcaf0cd05b0dd03975c4d83e4168eafea7236a99ee46caf79e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

X-Sumo-Auth: LtmYnH0OXJ2N8x5bL3OteCg5
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.behindthemarkets.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-length: 205

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 44ms
42ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=vy3po4Te6TZVBrzEVtHgcx&kind=timer&label=lb_embed_leadbox_load&value=1391.5
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 16:56:58 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 149.56.153.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 018ek707jka6kj2mtsog

GET
H2 200 7.0a035390359aab65eb82.js Show response
load.sumo.com/ 97 KB
34 KB 30ms
26ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: F6DWMBEBGNFA0ZES
cdn-cachedat: 12/02/2022 23:04:54
cdn-pullzone: 53731
x-amz-id-2: 4mr6BcmAWrjq+yNshMq2rTdDxiR3Te2Alp46ywkzEEvFrnjDs7+9HtvtDAKnVIdHpFTcmEw2iGE=
last-modified: Wed, 05 Oct 2022 16:49:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"3fa9c18f727d4b42fb894fda90a374e1"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 55b2d7693c002f8dc480088d4890fe8a
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 36ms
32ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: YBG3EFV1ZH27KE7W
cdn-cachedat: 01/05/2023 20:01:14
cdn-pullzone: 53731
x-amz-id-2: y4GYpzGx8pL0V1Ss/iAm9ouxs2AOUlgg6E7ZqKuSGNYyh2xjz0e09El5rU/Q58QrS/V3YhAF0dM=
last-modified: Wed, 05 Oct 2022 16:49:25 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"a39d043b7c7bba70750cf288ee5ef71a"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 7608b019877758e0efc9fc585fdb84ea
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2.0a035390359aab65eb82.js Show response
load.sumo.com/ 3 KB
2 KB 37ms
33ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: A9TDECDZHN78QMRP
cdn-cachedat: 09/19/2022 12:56:05
cdn-pullzone: 53731
x-amz-id-2: SqV72BGfh+CkyQDwfAD99vXFEEQYt0+V/6eWRmvey0w27fMOUMQF4zcC5WxktgR3iXtGtGd2M2o=
last-modified: Tue, 13 Sep 2022 21:11:03 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6bfdf1ae8492f107706ac037915be663"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 5c90c03e4a52ffbd95c6baaebccafc72
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.0a035390359aab65eb82.js Show response
load.sumo.com/ 11 KB
5 KB 40ms
36ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: A9T490H6MERW0ZDG
cdn-cachedat: 09/19/2022 12:56:06
cdn-pullzone: 53731
x-amz-id-2: lnZVhHrnlfRv3keDpBVbULwg7Ywn5vBPPL0BPRcf3XNt/0oAQ+9TafjenPf9dPX1XTRbRyqe4l4=
last-modified: Tue, 13 Sep 2022 21:10:49 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"fc263e7087822a0b00ff93677d6df4ea"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 1fd449fbfa6618c5bd75bce242e93240
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.0a035390359aab65eb82.js Show response
load.sumo.com/ 92 KB
25 KB 41ms
37ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: A9T0XW90K3R5PGX3
cdn-cachedat: 09/19/2022 12:56:06
cdn-pullzone: 53731
x-amz-id-2: DVHGlwCjuCdeKWd6Nr+9PUjia69nUPhuIOF4wEgXKdOZeIdt9VcvpXzo2EvrHjn2c2zpsHK63Yo=
last-modified: Tue, 13 Sep 2022 21:11:05 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"8af82c4c30a069f66de02526c2f332af"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 1cc65bde10c5efea509e7fd5510543b0
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 23.0a035390359aab65eb82.js Show response
load.sumo.com/ 329 KB
94 KB 42ms
39ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: M1GFP35KPDEBT3Q0
cdn-cachedat: 12/02/2022 23:04:45
cdn-pullzone: 53731
x-amz-id-2: c54uyI+YczVJX0UY3AcEtiZg76hdowO4ktCQhbMRoOCn6Bl/GYZwKTcCjQZlQ+KYF7SGb+T8Caw=
last-modified: Wed, 05 Oct 2022 16:49:12 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"be0b945be6cafa91f6fd4efdfc8268f8"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 2f1c013e95a53eb6ca9392867123cbc0
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.0a035390359aab65eb82.js Show response
load.sumo.com/ 179 KB
51 KB 47ms
44ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: A9T3PXW6A8ETV1Y2
cdn-cachedat: 09/19/2022 12:56:06
cdn-pullzone: 53731
x-amz-id-2: peQmi/CeOjIYA9xoIRBSiBsV/J+tw13iyQ3LM7X3NX7APTOElX8sHgNr6IhS4vaBydFSZ8ci8Tc=
last-modified: Tue, 13 Sep 2022 21:11:04 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"beda094dfc3b530efd0d2d83c5a0280c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 2d8d676ec27fee759a8115350fff0654
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 64.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 KB
1 KB 47ms
45ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: A0PWBC4BDXMGBDT8
cdn-cachedat: 11/21/2022 10:57:13
cdn-pullzone: 53731
x-amz-id-2: aGHljmks3tAOGMTrqXhl21tzWdEVl6ENmwdigE+dgFj14blyW/MCv0sGBRAv+jJxlaff3aU+nb8=
last-modified: Wed, 05 Oct 2022 16:49:45 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"d200986501135078d1fbd7f480e7bb08"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: a0f5c5b6b0fded8cded0a8dc007c617b
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 awesome-log Show response
stats.vidalytics.com/ 43 B
375 B 150ms
52ms XHR
image/gif 107.178.211.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
server: istio-envoy
etag: "PzpZ_7KZ/PBmYP4uKKmaDI3Kg"
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: no-cache, public, max-age=2592000
x-envoy-upstream-service-time: 12
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
content-length: 43

POST
H2 200 licensing Show response
analytics-ingress-global.bitmovin.com/ 117 B
379 B 84ms
42ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/licensing
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 117
alt-svc: clear

GET
H2 200 preview-5_0.jpg
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/thumb/ 2 KB
2 KB 110ms
109ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/thumb/preview-5_0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 5a5dd2a57b7b197ccd1d300d64c4a54e311ff8df6e3cb2d4501fd5331bd399f2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
x-cdn: 4
x-guploader-uploadid: ADPycdsjjmqB6KpHFiJsPPkoscIbnb-VZ-iZjhHgOA-OGrRwMgMeaXjVfRkn96_dar3OEj_c0v1sPGfKLjumsswVeMpnOg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1660
last-modified: Fri, 31 Mar 2023 15:41:43 GMT
server: UploadServer
etag: "810ffbc39afbf7411fe6dc6e0d73065c"
x-goog-generation: 1680277303604464
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=O0UQaA==, md5=gQ/7w5r790Ef5txuDXMGXA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465819.cds007.fr8.hn,1685465819.cds236.fr8.c
x-goog-stored-content-length: 1660
accept-ranges: bytes

POST
H2 200 licensing Show response
licensing.bitmovin.com/ 165 B
452 B 341ms
275ms XHR
application/json 2600:1901:0:df23::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/licensing
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
via: 1.1 google
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 165

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
43 B 49ms
48ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 May 2023 16:56:58 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H2 200 stream.mpd Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/ 65 KB
66 KB 105ms
105ms XHR
application/dash+xml 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/stream.mpd
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 39e3c66a0cb3442239152027becbbc321fd3b3086b6dbbe968441dadd46cf8a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
x-cdn: 4
x-guploader-uploadid: ADPycds6t5X5_RXqQm4NAP4cPCzG_tfMz6MpiL5ZR1fzRpnmRc9lCkRQjWaHMjpzruysolC4St97hYBLoRdvt08_SmGUrQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66838
last-modified: Fri, 31 Mar 2023 15:51:50 GMT
server: UploadServer
etag: "1a994bc1bd4d3d22fa44570250ecdacb"
x-goog-generation: 1680277910894060
content-type: application/dash+xml
access-control-allow-origin: *
x-goog-hash: crc32c=PjOkMA==, md5=GplLwb1NPSL6RFcCUOzayw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465819.cds053.fr8.hn,1685465819.cds109.fr8.c
x-goog-stored-content-length: 66838
accept-ranges: bytes

GET
H2 200 0.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 27ms
27ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 2PSXK1WJDSM90MTP
cdn-cachedat: 09/19/2022 12:56:07
cdn-pullzone: 53731
x-amz-id-2: h7gcPjjnSKdfx6A2k3NthMN5cfnoHGWmR6hW/LL4lh8yedlVL6f12+oYo1rRhzL4XKkzqdng4hE=
last-modified: Tue, 13 Sep 2022 21:10:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"31baf056af3800bbd6e4f9e8b445d052"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 79b7e64fc662bd7217c8b7a008ae7cf9
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 96.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 MB
80 KB 39ms
39ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 2PSXPDRFAQKB6CF7
cdn-cachedat: 09/19/2022 12:56:07
cdn-pullzone: 53731
x-amz-id-2: 5iVSkMxmIHeMYyb4mCTl6LszPWqW6KrxW/rwWOESAvlzfX2/hXUKTdjxGLpmSUMlFShexi9XjHM=
last-modified: Tue, 13 Sep 2022 21:12:03 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"f33273f5c8e8dd3d010a11b209891b91"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: c608558e02ac0317728e89f0b8fdf876
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 97.0a035390359aab65eb82.js Show response
load.sumo.com/ 221 B
993 B 38ms
37ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 2PSHED3CD3VWSFQ3
cdn-cachedat: 09/19/2022 12:56:07
cdn-pullzone: 53731
x-amz-id-2: 4PIGVa2ca3jMWj73Q5o/3gjSDUsCD2yHpEqhH5qz4uA9EWD5VzSPAmNcmgioogU3i6oSJfk4+eM=
last-modified: Tue, 13 Sep 2022 21:12:04 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"857476cf6e94c14c223d4481353b4c19"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 7dda35ede4ce5e4b558c445f61438b53
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 696 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
83 B 43ms
42ms XHR
application/json 107.178.211.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 30 May 2023 16:56:59 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 16
access-control-allow-methods: POST,OPTIONS
content-type: application/json

GET
H2 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/480x270_h264_500000/ 876 B
1 KB 102ms
101ms XHR
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/480x270_h264_500000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 6fcdf9feaeb6478b05d9ac9c6f6ea3508fd719afc114a049b946d3bced38daec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
x-cdn: 4
x-guploader-uploadid: ADPycduhSKc5k3v0CMbkVIh_K51WYwdOn1diTTiY9Ae1adO0CoJDCDg4Rne0R7W3HsZannZj-_wkh0mHt2sJHiNAbuC7WPHp7lFo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 876
last-modified: Fri, 31 Mar 2023 15:49:11 GMT
server: UploadServer
etag: "b1569270c27dc9aa66cac0f761f54c1f"
x-goog-generation: 1680277750997625
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=eO8ayw==, md5=sVaScMJ9yapmysD3YfVMHw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465819.cds053.fr8.hn,1685465819.cds334.fr8.c
x-goog-stored-content-length: 876
accept-ranges: bytes

GET
H2 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/ 826 B
1 KB 103ms
103ms XHR
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 549750378cf422b05d2faed318f78230e3847d69885ccaa8fe5004b81fdb8254

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
x-cdn: 4
x-guploader-uploadid: ADPycdtzwmQsr4KrDeGUyxyG5efkOgC7uPZLGCffaeRakWbDCoDlGXQVfmPzkyziow1wYmjNPQ9r89-bdGi3yBCy34tF7AVmLit3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 826
last-modified: Fri, 31 Mar 2023 15:51:39 GMT
server: UploadServer
etag: "16a48b9959029e0ed7343dd60e884f50"
x-goog-generation: 1680277899849932
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=a2vbCA==, md5=FqSLmVkCng7XND3WDohPUA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465819.cds053.fr8.hn,1685465819.cds342.fr8.c
x-goog-stored-content-length: 826
accept-ranges: bytes

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
55 B 45ms
45ms XHR
application/json 107.178.211.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 30 May 2023 16:56:59 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 16
access-control-allow-methods: POST,OPTIONS
content-type: application/json

GET
H3 200 css
fonts.googleapis.com/ 32 KB
1 KB 37ms
36ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abe3a9cedd995b871be9c9dfd657cd41a58253968ec3b74d30ce2b648ed275b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 May 2023 16:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 May 2023 15:49:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 May 2023 16:56:59 GMT

GET
H2 200 features Show response
sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/ 3 KB
1 KB 87ms
87ms XHR
application/json 34.220.132.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/features?site_id=7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-220-132-2.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Sumo-Auth: LtmYnH0OXJ2N8x5bL3OteCg5

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
content-encoding: gzip
server: nginx
etag: "-362431178"
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/ Frame 0
0 114ms
113ms Preflight 34.220.132.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/features?site_id=7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-220-132-2.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: GET
Origin: https://go.behindthemarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://go.behindthemarkets.com
access-control-max-age: 2592000
date: Tue, 30 May 2023 16:56:59 GMT
server: nginx

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 12ms
11ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 17:26:16 GMT
x-content-type-options: nosniff
age: 603043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 17:26:16 GMT

GET
H2 200 1.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/480x270_h264_500000/ 237 KB
237 KB 557ms
556ms XHR
video/iso.segment 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/480x270_h264_500000/1.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 34aa4240f01644e3ca0e88857f8af01969be3502a63cd615c739a993c5b8608f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:00 GMT
x-cdn: 4
x-guploader-uploadid: ADPycduAOKGWew9uczcsZvqPPaYQHvmUPbRDcHXfdDQmixgd2iqHedj3y80zNeSGT5wXOYrDDTAZyhG5pT5Jg7XXiZqs0Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242293
last-modified: Fri, 31 Mar 2023 15:48:47 GMT
server: UploadServer
etag: "f7fc911d93a0c4184ff1994e5c2cff40"
x-hw: 1685465819.cds053.fr8.hn,1685465819.cds340.fr8.s,1685465819.dop215.la3.r,1685465820.cds285.la3.c,1685465820.cds340.fr8.p
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1680277726949293
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-goog-hash: crc32c=dxUOeg==, md5=9/yRHZOgxBhP8ZlOXCz/QA==
x-goog-stored-content-length: 242293
accept-ranges: bytes

GET
H2 200 1.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/ 50 KB
51 KB 104ms
104ms XHR
video/iso.segment 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/1.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: dbe68ad4421abbca8e46dfeb7877498508cf254424c4026db40c3e85c8446274

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:56:59 GMT
x-cdn: 4
x-guploader-uploadid: ADPycds4H2MGsE9LqBrX9aPukZ7Vlz2EipNo_iKmBL4UWqCGO_yCnT1qygyApkVpe6UGkWSfcYgCqi79PUdMr2clfNx1Yw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51399
last-modified: Fri, 31 Mar 2023 15:51:34 GMT
server: UploadServer
etag: "a7698574f5b6e823cffa8bb79ea600ec"
x-goog-generation: 1680277894273694
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-hash: crc32c=P/x2hw==, md5=p2mFdPW26CPP+ou3nqYA7A==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465819.cds053.fr8.hn,1685465819.cds279.fr8.c
x-goog-stored-content-length: 51399
accept-ranges: bytes

GET
BLOB 200
OK 4abeafc4-fb4e-45a1-a6f6-355420ba2f90
https://go.behindthemarkets.com/ 80 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.behindthemarkets.com/4abeafc4-fb4e-45a1-a6f6-355420ba2f90
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b1b4ae8f01d381a1856eb29539ef696f43a9ae59063cbc0b91c3130cf7e102a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 81800
Content-Type

GET
H2 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/640x360_h264_700000/ 877 B
1 KB 117ms
117ms XHR
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/640x360_h264_700000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: db047afb45fac4ab9565a8cf40ec552d8d7dbcd9ccebec3737eb8fac6060a861

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:00 GMT
x-cdn: 4
x-guploader-uploadid: ADPycdvQhh3lz64cSb1LMmUbEYUEFlA4hzhfg7BxY-gYSxxHodY4SEiT4NFJQ7l9ODynR8F8k8A_2lH5s_vmNUM0Ew4Mcg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
last-modified: Fri, 31 Mar 2023 15:49:55 GMT
server: UploadServer
etag: "7223b2d88bea41f1560a4491689d9c12"
x-goog-generation: 1680277795318026
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=BX2yUQ==, md5=ciOy2IvqQfFWCkSRaJ2cEg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465820.cds053.fr8.hn,1685465820.cds051.fr8.c
x-goog-stored-content-length: 877
accept-ranges: bytes

POST
H2 204 impression Show response
licensing.bitmovin.com/ 0
41 B 151ms
149ms XHR
application/json 2600:1901:0:df23::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/impression
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 30 May 2023 16:57:00 GMT
via: 1.1 google
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json

GET
H2 200 2.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/640x360_h264_700000/ 375 KB
376 KB 106ms
106ms XHR
video/iso.segment 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/640x360_h264_700000/2.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: e018c5642f6326af52b6fa7576c034d6e4b1fe6b541a510963daf0f2a220c722

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:00 GMT
x-cdn: 4
x-guploader-uploadid: ADPycdsOrsLSLvwl9-D0I7A6StLPQOBLsXjeip5-T4kBrYMmrVsctmdVU-IhxYc3lCPPyXr1gYU0YDtjP6gRbSrl_EFo4XoDTsEM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 384283
last-modified: Fri, 31 Mar 2023 15:49:32 GMT
server: UploadServer
etag: "619aaa9842a729ff082160451ed2ea3b"
x-goog-generation: 1680277772489008
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-hash: crc32c=kBhZRw==, md5=YZqqmEKnKf8IIWBFHtLqOw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465820.cds053.fr8.hn,1685465820.cds236.fr8.c
x-goog-stored-content-length: 384283
accept-ranges: bytes

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 46ms
46ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.55.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 May 2023 16:57:00 GMT
via: 1.1 google
server: v1.55.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H2 200 2.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/ 50 KB
50 KB 103ms
102ms XHR
video/iso.segment 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/2.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 4656fc07df9dabbee87684466725399fe20c4b6dc1acd9dc2467d558293c4c54

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:01 GMT
x-cdn: 4
x-guploader-uploadid: ADPycdteomImdxodoV_ObkyhLmrnf1tvQ7ALH_OJY0N0K-y2rsgRK_v_gZA2qf5eKishq59QQf9tMxZm_ecnebIetHbPkA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50700
last-modified: Fri, 31 Mar 2023 15:51:35 GMT
server: UploadServer
etag: "f1002f257f054b9a1dc16137b6b5561d"
x-goog-generation: 1680277895701124
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-hash: crc32c=Z9zFig==, md5=8QAvJX8FS5odwWE3trVWHQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465821.cds053.fr8.hn,1685465821.cds133.fr8.c
x-goog-stored-content-length: 50700
accept-ranges: bytes

GET
H2 200 3.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/ 50 KB
50 KB 101ms
100ms XHR
video/iso.segment 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/3.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 92b011b3fdfdd9725ad92780c669aef0a04bc684094043a07a18bb318e127eac

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:01 GMT
x-cdn: 4
x-guploader-uploadid: ADPycds6gFrVr7FaMBiVXPp4AowKzZDj_CZRNG9fJV8gbtb1MaKy8YCX4NNGbnRTQV4NE8hLxydqYZ9EdAt7wZkbyNXVKA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51344
last-modified: Fri, 31 Mar 2023 15:51:37 GMT
server: UploadServer
etag: "421447216a5fb12c773edab8446d339c"
x-goog-generation: 1680277896906773
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-hash: crc32c=Mycx/g==, md5=QhRHIWpfsSx3Ptq4RG0znA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465821.cds053.fr8.hn,1685465821.cds202.fr8.c
x-goog-stored-content-length: 51344
accept-ranges: bytes

GET
H2 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/1920x1080_h264_4500000/ 879 B
1 KB 105ms
103ms XHR
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/1920x1080_h264_4500000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: dd0f81e1e728a05eace028999f19b440dd746a1fdaa6f62fa489520c00880ae8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:01 GMT
x-cdn: 4
x-guploader-uploadid: ADPycduBWM5sAg3doUMGB7P9-CnUkmwG3-IktQ-ez-RxFBHlB55KPaHcvUGIhxvDRkW9K0m1s03iLxKJPdEby5WSzrWE-g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 879
last-modified: Fri, 31 Mar 2023 15:51:33 GMT
server: UploadServer
etag: "713e31a784fc1007e24c0a2f6daf086b"
x-goog-generation: 1680277893298965
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=hhrlXw==, md5=cT4xp4T8EAfiTAovba8Iaw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465821.cds053.fr8.hn,1685465821.cds328.fr8.c
x-goog-stored-content-length: 879
accept-ranges: bytes

GET
H2 200 2.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/1920x1080_h264_4500000/ 2 MB
2 MB 107ms
106ms XHR
video/iso.segment 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/1920x1080_h264_4500000/2.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 54874be5ffc14ebe4699d56a168e67723c4864b9eac55145e6616394b9bee9e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:01 GMT
x-cdn: 4
x-guploader-uploadid: ADPycdumsvM-KZ1gK8e4zI7MJzsa3ZlFIYusWhq6RomDK5PpIrjFp5ljH7imYwTy_IhtzD04y6boVYhoPELCnlaoo96Mnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2097485
last-modified: Fri, 31 Mar 2023 15:51:02 GMT
server: UploadServer
etag: "9355a8a3b0fe027a34dc2f8c491fbc88"
x-goog-generation: 1680277862813961
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-hash: crc32c=WmZeBw==, md5=k1Woo7D+Ano03C+MSR+8iA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465821.cds053.fr8.hn,1685465821.cds010.fr8.c
x-goog-stored-content-length: 2097485
accept-ranges: bytes

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 45ms
45ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=pJfQXy2bYeYy7T6fgwnWTi&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=100.5,713.2000007629395,1,145.20000076293945
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 16:57:01 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 149.56.153.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 018elbjqmfh3hshpuc10

GET
H2 200 3.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/1920x1080_h264_4500000/ 3 MB
3 MB 122ms
122ms XHR
video/iso.segment 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/1920x1080_h264_4500000/3.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 9d7c5cb087c5bc4e19b6c1ab7f6599297fc67e2941ef41f2151f78b90ccd0869

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:01 GMT
x-cdn: 4
x-guploader-uploadid: ADPycdspKS5AVq0XCOLNCPin-EZ6VGuy6Aw6ZjEld4Knf_lZRx735XJ2DZENNywuasGhCxzYM23eoVkgP3SrC13I6ph9ww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3424603
last-modified: Fri, 31 Mar 2023 15:51:09 GMT
server: UploadServer
etag: "19345c12888d3d259077e2b13d8e5a0e"
x-goog-generation: 1680277869720172
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-hash: crc32c=/sEuqg==, md5=GTRcEoiNPSWQd+KxPY5aDg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465821.cds053.fr8.hn,1685465821.cds211.fr8.c
x-goog-stored-content-length: 3424603
accept-ranges: bytes

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 8335 35 B
445 B 65ms
65ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=4rb9NFBhkDenNaMw2GL6Yw&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=36.29999923706055,267.4000015258789,1
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 30 May 2023 16:57:02 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://btm-btm-btm.lpages.co
X-Forwarded-For: 149.56.153.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 018elbn2qebgijvl8o60

GET
H2 200 4.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/ 49 KB
49 KB 104ms
102ms XHR
video/iso.segment 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/4.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash: 7985c2a6dc87a29d9f494d549ba690750ba34c58e27c8ecb3a63c34a73d679e3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:02 GMT
x-cdn: 4
x-guploader-uploadid: ADPycdscnIEWqglLAnmxYV-FLg0WBML0ID1LHV4wWY9musynjEz4NOpXqevwA7XBdeNr1_MUrR8ao3OWirUT6BpLNKqa5ft0Wrrl
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50043
last-modified: Fri, 31 Mar 2023 15:51:37 GMT
server: UploadServer
etag: "083e32e21a38cec2670d5621c30c64fe"
x-goog-generation: 1680277897673861
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-hash: crc32c=qC027w==, md5=CD4y4ho4zsJnDVYhwwxk/g==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465822.cds053.fr8.hn,1685465822.cds219.fr8.c
x-goog-stored-content-length: 50043
accept-ranges: bytes

GET
H2 200 4.m4s
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/1920x1080_h264_4500000/ 2 MB
2 MB 136ms
136ms XHR
video/iso.segment 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/1920x1080_h264_4500000/4.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:02 GMT
x-cdn: 4
x-guploader-uploadid: ADPycduSinXQnVeHulZYbNlosZx547pTnhDg5fWnkBATLB5AUKDOI81W6e4XiE6_rrTGYQBYYD-6QvEcQlAsK1OvNRr-oA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1980646
last-modified: Fri, 31 Mar 2023 15:51:16 GMT
server: UploadServer
etag: "9ead31c05a9cf9b9acff0b5a955afeaa"
x-goog-generation: 1680277876702263
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-hash: crc32c=FXMCHQ==, md5=nq0xwFqc+bms/wtalVr+qg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465822.cds053.fr8.hn,1685465822.cds334.fr8.c
x-goog-stored-content-length: 1980646
accept-ranges: bytes

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 70ms
68ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je35o0&_p=225646946&cid=510490920.1685465817&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1685465817&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D39c3eeb71fa54572bcb169c935ae26ca%26utm_source%3D94%26utm_campaign%3D327%26utm_medium%3D%26id%3D%26iocid%3D%26aff%3D94%26oid%3D35&dt=Prepare%20for%20War&en=fetch_user_data&epn.variant_id=0&_et=246&up.custom_client_id=510490920.1685465817.&upn.variant_id=0&upn.experiment_id=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 16:57:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5.m4s
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/ 51 KB
51 KB 111ms
101ms XHR
video/iso.segment 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/audio/aac_96000/5.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=39c3eeb71fa54572bcb169c935ae26ca&utm_source=94&utm_campaign=327&utm_medium=&id=&iocid=&aff=94&oid=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 16:57:03 GMT
x-cdn: 4
x-guploader-uploadid: ADPycdudJhI6MVzwRxwzoZaOvTk-o2P-RHD1yig92XXFUo3zVimQtnfh2x_AfMoJs7rpDKCiwa7fj-CwFb57N9DpTxFMUg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51791
last-modified: Fri, 31 Mar 2023 15:51:38 GMT
server: UploadServer
etag: "82248af35114b3148079ef62bf0b7e9c"
x-goog-generation: 1680277898478353
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-hash: crc32c=xoPjKA==, md5=giSK81EUsxSAee9ivwt+nA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31104000
x-hw: 1685465823.cds053.fr8.hn,1685465823.cds219.fr8.c
x-goog-stored-content-length: 51791
accept-ranges: bytes

GET 5.m4s
fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/1920x1080_h264_4500000/ 0
0

POST scribe
stats.vidalytics.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fast.vidalytics.com
URL: https://fast.vidalytics.com/video/PzpZ_7KZ/LNnI7FeeLWyjSkrP/92526/82486__FFMPEG/m4s/video/1920x1080_h264_4500000/5.m4s

Domain: stats.vidalytics.com
URL: https://stats.vidalytics.com/scribe

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 12:12:32	Name: view.bb4wMKcXKB896PwqF4vMVT-default-prop.M8m8wKU9zxEvbxyryYiQ2B Value: 1685465817000
go.behindthemarkets.com/prepare-for-war-video-1	1970-01-20 12:54:17	Name: __smVID Value: 8f8a63bab3cfe8b80c4aa460b50c6415d5dde8d9035c66c7eeb99070a937c289
www.gritterohubnwl.com/	1970-01-20 12:12:32	Name: uniqueClick_8KG5KW Value: fe2a65ca-514a-4683-ab06-419edecf7df5:1685465815
www.gritterohubnwl.com/	1970-01-20 14:20:41	Name: transaction_id Value: f5b36002e8e74476b5ab251afa63b790
.go.behindthemarkets.com/	1970-01-20 20:58:08	Name: _vwo_uuid_v2 Value: D69A99B22A485DD8F44C9320D6E64A34F\|b0f394c937d96a379200272bf5b8e1a4
.behindthemarkets.com/	1970-01-20 14:20:41	Name: _gcl_au Value: 1.1.517360312.1685465817
.tiktok.com/	1970-01-20 21:32:41	Name: _ttp Value: 2QWOLirPynCf5FvH9M7WxlQRgiV
js.center.io/	1970-01-20 21:47:05	Name: centerVisitorId Value: 6BhqP9gi5pn9Agu93DWD49
.behindthemarkets.com/	1970-01-20 21:47:05	Name: _ga Value: GA1.2.510490920.1685465817
.behindthemarkets.com/	1970-01-20 12:12:32	Name: _gid Value: GA1.2.1260003669.1685465817
.behindthemarkets.com/	1970-01-20 12:11:05	Name: _gat_UA-102395123-1 Value: 1
.behindthemarkets.com/	1970-01-20 21:47:05	Name: _ga_8R6YNFMJ23 Value: GS1.1.1685465817.1.0.1685465817.60.0.0
.criteo.com/	1970-01-20 21:32:41	Name: uid Value: 4019c88d-f03b-42ed-90a1-fdef59517a42
.behindthemarkets.com/	1970-01-20 21:32:41	Name: _tt_enable_cookie Value: 1
.behindthemarkets.com/	1970-01-20 21:32:41	Name: _ttp Value: gvIT0i-m8ZWoU658Jcvu_W6zKRL
.doubleclick.net/	1970-01-20 21:47:05	Name: IDE Value: AHWqTUl2z8lcVQx5ccwCNBWYdifWUOh88Vyrq8xPikgVjDIVXx1qmK0zXqeUuWxW
go.behindthemarkets.com/	1970-01-20 12:54:17	Name: ef_witness Value: 1
go.behindthemarkets.com/	1970-01-20 12:54:17	Name: ef_tid_c_o_35 Value: 39c3eeb71fa54572bcb169c935ae26ca\|39c3eeb71fa54572bcb169c935ae26ca
go.behindthemarkets.com/	1970-01-20 12:54:17	Name: ef_tid_c_a_2 Value: 39c3eeb71fa54572bcb169c935ae26ca\|39c3eeb71fa54572bcb169c935ae26ca
.behindthemarkets.com/	1970-01-20 21:40:29	Name: cto_bundle Value: GpC9f19mNlhQOWZuU200ZmJwWDlaRk1jMlpmJTJCR0NmeklzbThCUDJ4bGZ1QXdRaDEweUZFMlRTcXB1TWFLRkFmdCUyRmFlZVN0N1p6Z0k4YXB5MnRvMlY5aURjSERJajhHTVlvbG5BUlRYa0JjVDdVYnRtaiUyRmxtNzV5ckUzNGR0d2FRQ21LQm9VJTJGcTBCcmFUYlRyMlB2WDFZMmxNdmlWZlVsdG4yVzN5dmVGeXBtSVVBayUzRA
go.behindthemarkets.com/	1970-01-20 20:56:41	Name: __smToken Value: LtmYnH0OXJ2N8x5bL3OteCg5
go.behindthemarkets.com/	1970-01-20 21:47:05	Name: bitmovin_analytics_uuid Value: 75320487-f9e5-4f70-b6c1-06c4560d1d05

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-ingress-global.bitmovin.com
analytics.google.com
analytics.tiktok.com
api.leadpages.io
btm-btm-btm.lpages.co
click.gritterohub.com
dev.visualwebsiteoptimizer.com
dynamic.criteo.com
embed.lpcontent.net
fast.vidalytics.com
fonts.googleapis.com
fonts.gstatic.com
go.behindthemarkets.com
googleads.g.doubleclick.net
gum.criteo.com
js.center.io
lh3.googleusercontent.com
licensing.bitmovin.com
load.sumo.com
mug.criteo.com
static.leadpages.net
stats.g.doubleclick.net
stats.vidalytics.com
sumo.com
www.behindthemarkets-btm.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gritterohubnwl.com
fast.vidalytics.com
stats.vidalytics.com
104.114.72.16
107.178.211.97
128.245.146.52
142.250.65.194
151.139.128.10
2001:4860:4802:36::181
2001:4860:4802:38::15
2600:1901:0:df23::
2606:4700:3032::ac43:d48e
2606:4700:3036::ac43:de61
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:80f::2004
2607:f8b0:4006:817::200e
2607:f8b0:4006:820::200e
2607:f8b0:4020:804::2001
2607:f8b0:4020:804::2003
2607:f8b0:4020:804::2008
2607:f8b0:4020:805::2002
2607:f8b0:4020:807::200a
2620:100:a001::c
2620:100:a001::f
2a02:6ea0:c454::1
34.107.203.240
34.220.132.2
34.96.102.137
35.190.27.197
35.192.151.63
35.202.21.90
74.119.119.139
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
12577558a934160d62d4acb759b5e03949a9b8d0d510e05e811dcc637039a15e
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
230ce7cbc4220c4724303b8a51e5de6f76093ac08c17af912082ab8488b32049
27d56525eda014f4e98a042c321db494c91804bb94a39de3a297b9947c8665f4
2b1b4ae8f01d381a1856eb29539ef696f43a9ae59063cbc0b91c3130cf7e102a
2bc25baa2089652e92af7170f1c60757d14b4a9983fe9ead9f62ed0d5b9a3285
34aa4240f01644e3ca0e88857f8af01969be3502a63cd615c739a993c5b8608f
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
39e3c66a0cb3442239152027becbbc321fd3b3086b6dbbe968441dadd46cf8a4
3e426e330d152fce1b2e4a53ff4062cfe1531acca6f02c9b5329009d496aad05
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
42e6326211b739c4d83cc7899a38ec013ffacd2bba7df0fbf3c19a2989897c3f
4656fc07df9dabbee87684466725399fe20c4b6dc1acd9dc2467d558293c4c54
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
52ad8019cb43ed33cce19f726cac0b991c5eeebaa78d18de848cc1ee06a803f4
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
5403a7f681e55b4eb0eef391fe9a0e93cbf60059e67291c838f490dcbf60b961
54874be5ffc14ebe4699d56a168e67723c4864b9eac55145e6616394b9bee9e1
549750378cf422b05d2faed318f78230e3847d69885ccaa8fe5004b81fdb8254
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
5a5dd2a57b7b197ccd1d300d64c4a54e311ff8df6e3cb2d4501fd5331bd399f2
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5d3a6577708c037836bd67cf08aecd9d1128eb69800200d343a2fb5050e5bc20
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
621efef4efeec13480712a57d0fb0f96e9c1309ba86cf373cf67d38ccc53e8ea
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b348750b851c4bb1fa0a06f39bebcfa924bbdf251a64649d7afb5fce495fd46
6fcdf9feaeb6478b05d9ac9c6f6ea3508fd719afc114a049b946d3bced38daec
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
730f28a82678723f409fc99db224a85c12a60c9180b838d30d0650bbbc2c3c4e
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
7985c2a6dc87a29d9f494d549ba690750ba34c58e27c8ecb3a63c34a73d679e3
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
92b011b3fdfdd9725ad92780c669aef0a04bc684094043a07a18bb318e127eac
93d668bb5f0a76b8b68d432004384a013cbb7d56678e08f763eb7f482a60093f
965f2f16c348448339708c82dabffe362b7c5b5d82104f93f105a646a32a042b
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
97755e02d57f01e555cff7080b50b4a34473ab7d1e6bbb9b7b6d2919fdfc0097
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e
9d7c5cb087c5bc4e19b6c1ab7f6599297fc67e2941ef41f2151f78b90ccd0869
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
a5a03882d6cc3420749e95a6aa750c8e73f74a2ca75f1c778efd762784dcb22d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abe3a9cedd995b871be9c9dfd657cd41a58253968ec3b74d30ce2b648ed275b9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0808bf052dedb54f370da6852f6021c26ed853d2aad4512dd66e3ff01f434df
b30efb0b288f3d2bded2b09d53bc40067776a199344596bce4563b1cbe3c7f06
c5265b2a343e05fcaf0cd05b0dd03975c4d83e4168eafea7236a99ee46caf79e
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e
d976d90045ed04be6642a0058c93b8c2936002fcad81fd4781c66641c544a412
db047afb45fac4ab9565a8cf40ec552d8d7dbcd9ccebec3737eb8fac6060a861
dbe68ad4421abbca8e46dfeb7877498508cf254424c4026db40c3e85c8446274
dd0f81e1e728a05eace028999f19b440dd746a1fdaa6f62fa489520c00880ae8
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
e018c5642f6326af52b6fa7576c034d6e4b1fe6b541a510963daf0f2a220c722
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8e5e01238df717ce0a4a29d2f53dab165c53593bfc2bbd1dcbcf7edbcc3fba1
eee560fdd26b14c16aae2375df7637e856e4e023e6787b3a8ddfb1be4c470459
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fae2d47dae618cd63843b485166a7ef6ceb53048f217aabf85f5d56e8d601ba3
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

go.behindthemarkets.com Open in urlscan Pro 35.202.21.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

95 %HTTPS

59 %IPv6

25 Domains

32 Subdomains

28 IPs

2 Countries

10433 kBTransfer

15367 kBSize

22 Cookies

4 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.behindthemarkets.com Open in urlscan Pro
35.202.21.90 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

95 %
HTTPS

59 %
IPv6

25
Domains

32
Subdomains

28
IPs

2
Countries

10433 kB
Transfer

15367 kB
Size

22
Cookies

106 HTTP transactions
2 data transactions