go.behindthemarkets.com Open in urlscan Pro
35.202.21.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.makes.readysteadyprofit.com/?qs=9190b3379f35d8b7052066f2fca1880b409f57c193804ed0e9cb00231b0c2e768cdbf78e5135dcf03c0730c482be...
Effective URL:
https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&ut...
Submission: On December 23 via manual (December 23rd 2023, 2:25:51 pm UTC) from IN — Scanned from DE

Summary HTTP 145 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 54 IPs in 8 countries across 50 domains to perform 145 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is go.behindthemarkets.com.
TLS certificate: Issued by R3 on November 26th 2023. Valid for: 3 months.

This is the only time go.behindthemarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.245.210.67 128.245.210.67	14340 (SALESFORCE) (SALESFORCE)
1 1	2606:4700:303... 2606:4700:3035::ac43:ddfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	50.97.212.250 50.97.212.250	36351 (SOFTLAYER) (SOFTLAYER)
1 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	34.225.139.193 34.225.139.193	14618 (AMAZON-AES) (AMAZON-AES)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
37	192.229.220.49 192.229.220.49	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
4	107.178.211.97 107.178.211.97	15169 (GOOGLE) (GOOGLE)
7	35.190.27.197 35.190.27.197	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:d... 2600:1901:0:df23::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	3.66.82.152 3.66.82.152	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	89.149.192.74 89.149.192.74	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	23.50.131.84 23.50.131.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1	99.80.37.51 99.80.37.51	16509 (AMAZON-02) (AMAZON-02)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.247.25.231 54.247.25.231	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	54.78.81.45 54.78.81.45	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.93.144.24 54.93.144.24	16509 (AMAZON-02) (AMAZON-02)
1	54.165.111.121 54.165.111.121	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.158.234.201 18.158.234.201	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:b09e:1b27:866b:9422	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.214.3.70 52.214.3.70	16509 (AMAZON-02) (AMAZON-02)
1	3.13.78.215 3.13.78.215	16509 (AMAZON-02) (AMAZON-02)
145	54

1 128.245.210.67 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: ajo67.mta.exacttarget.com

click.makes.readysteadyprofit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:ddfe (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tracking.readysteadyprofit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.97.212.250 (San Jose, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com

www.clkmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.behindthemarkets-btm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

go.behindthemarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
btm-btm-btm.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.139.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-139-193.compute-1.amazonaws.com

behindthemarkets.app.optipub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 192.229.220.49 (United States)

ASN15133 (EDGECAST, US)

fast.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.211.97 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 97.211.178.107.bc.googleusercontent.com

stats.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.27.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.27.190.35.bc.googleusercontent.com

analytics-ingress-global.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:df23:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

licensing.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.82.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-82-152.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.74 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.131.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-84.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.37.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-37-51.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.25.231 (Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-25-231.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.81.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-81-45.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.144.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-144-24.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.111.121 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-111-121.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.234.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-234-201.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:b09e:1b27:866b:9422 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.3.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-3-70.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.13.78.215 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-78-215.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	vidalytics.com fast.vidalytics.com — Cisco Umbrella Rank: 183195 stats.vidalytics.com — Cisco Umbrella Rank: 164190	13 MB
17	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3138 gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 sslwidget.criteo.com — Cisco Umbrella Rank: 1761 widget.us.criteo.com — Cisco Umbrella Rank: 17950 dis.criteo.com — Cisco Umbrella Rank: 550	153 KB
9	bitmovin.com analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 27146 licensing.bitmovin.com — Cisco Umbrella Rank: 8818	1 KB
8	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 39917	3 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	4 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2954	57 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6765	884 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	356 KB
4	center.io js.center.io — Cisco Umbrella Rank: 48396	15 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	gstatic.com fonts.gstatic.com	113 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1462	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	140 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 48	68 KB
2	optipub.com behindthemarkets.app.optipub.com	9 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
2	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 45323	29 KB
2	behindthemarkets-btm.com 1 redirects www.behindthemarkets-btm.com	20 KB
2	readysteadyprofit.com 2 redirects click.makes.readysteadyprofit.com tracking.readysteadyprofit.com	1 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2253	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	338 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33110	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2462	398 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 723	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 689	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 936	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1074	880 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10023	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 666	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	921 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 656	385 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1211	163 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 866	319 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2120	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1460	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 665	789 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	lpages.co btm-btm-btm.lpages.co	18 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 57016	15 KB
1	behindthemarkets.com go.behindthemarkets.com	21 KB
1	clkmg.com 1 redirects www.clkmg.com — Cisco Umbrella Rank: 316678	1004 B
145	50

	Domain	Requested by
37	fast.vidalytics.com	go.behindthemarkets.com fast.vidalytics.com
7	analytics-ingress-global.bitmovin.com	go.behindthemarkets.com
7	dynamic.criteo.com	www.googletagmanager.com
6	api.leadpages.io	js.center.io embed.lpcontent.net
6	dev.visualwebsiteoptimizer.com	go.behindthemarkets.com dev.visualwebsiteoptimizer.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	www.google.de	go.behindthemarkets.com
5	region1.analytics.google.com	www.googletagmanager.com
4	stats.vidalytics.com	go.behindthemarkets.com
4	www.googletagmanager.com	go.behindthemarkets.com www.googletagmanager.com
4	js.center.io	go.behindthemarkets.com js.center.io btm-btm-btm.lpages.co
3	ib.adnxs.com	2 redirects
3	www.google.com	1 redirects go.behindthemarkets.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	licensing.bitmovin.com	go.behindthemarkets.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	lh3.googleusercontent.com	go.behindthemarkets.com
2	behindthemarkets.app.optipub.com	go.behindthemarkets.com
2	fonts.googleapis.com	go.behindthemarkets.com btm-btm-btm.lpages.co
2	static.leadpages.net	go.behindthemarkets.com btm-btm-btm.lpages.co
2	www.behindthemarkets-btm.com	1 redirects go.behindthemarkets.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	hb.yahoo.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com	go.behindthemarkets.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	go.behindthemarkets.com
1	btm-btm-btm.lpages.co	embed.lpcontent.net
1	www.googleadservices.com	www.googletagmanager.com
1	embed.lpcontent.net	go.behindthemarkets.com
1	go.behindthemarkets.com
1	www.clkmg.com	1 redirects
1	tracking.readysteadyprofit.com	1 redirects
1	click.makes.readysteadyprofit.com	1 redirects
145	61

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
behindthemarkets.com

Subject Issuer	Validity	Valid
go.behindthemarkets.com R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2023-12-14` - `2024-03-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
behindthemarkets-btm.com E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
embed.lpcontent.net GTS CA 1D4	`2023-12-01` - `2024-02-29`	3 months	crt.sh
js.center.io GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
optipub.com Amazon RSA 2048 M02	`2023-09-05` - `2024-10-03`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.vidalytics.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-14` - `2024-12-14`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.lpages.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.leadpages.io R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.bitmovin.com Go Daddy Secure Certificate Authority - G2	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Frame ID: 384D4E081AA8C92F9C1FFDE71127B088
Requests: 108 HTTP requests in this frame

Frame: https://btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&aff=82&creative_id=&id=jchospice08%40live.com&iocid=&link_id=&message_id=&oid=120&utm_campaign=&utm_medium=&utm_source=82
Frame ID: 0DC1FEE39B903AED1F5760E3FB9D227B
Requests: 5 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: CF76981BA76E7B357BC6481AF68B934A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag
Frame ID: 0492286525105524F74CEC4BDE43CBEC
Requests: 2 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: F11E310141CB5F9E80BE029A90BDDB90
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Qd4OdOWjM5PSyR9bWe0q9MOzpHJ2FQQs-gVw8g&google_gid=CAESEKZYUlwUra5QM5JeDaa9mIg&google_cver=1&google_ula=913071,0
Frame ID: 65DE272BB22BCC635DAF6F97E16103D3
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

"Cut & Paste"

Page URL History Show full URLs

https://click.makes.readysteadyprofit.com/?qs=9190b3379f35d8b7052066f2fca1880b409f57c193804ed0e9cb00231b0c2e768cdbf78e... HTTP 302
https://tracking.readysteadyprofit.com/RA0158/jchospice08@live.com/110RSP/K/BTCV19 HTTP 302
https://www.clkmg.com/RomanAnal/RA0158/jchospice08@live.com/110RSP/K/BTCV19 HTTP 302
https://www.behindthemarkets-btm.com/4P7M9M/6XM19T/?sub1=jchospice08@live.com&sub2=110RSP&sub3=K&sub4=BTCV19&sub5= HTTP 302
https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

145
Requests

93 %
HTTPS

30 %
IPv6

50
Domains

61
Subdomains

54
IPs

8
Countries

13864 kB
Transfer

17023 kB
Size

38
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://vidalytics.com/?utm_source=Powered%20By&utm_medium=Player&utm_content=PzpZ_7KZ
Title: Powered by Vidalytics

Search URL Search Domain Scan URL

URL: https://vidalytics.com/contact?utm_source=Report%20an%20issue&utm_medium=Player&utm_content=PzpZ_7KZ
Title: Report an issue

Search URL Search Domain Scan URL

URL: https://behindthemarkets.com/p/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://behindthemarkets.com/p/terms
Title: Terms & Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.makes.readysteadyprofit.com/?qs=9190b3379f35d8b7052066f2fca1880b409f57c193804ed0e9cb00231b0c2e768cdbf78e5135dcf03c0730c482be536b7af98fb0aa707d77 HTTP 302
https://tracking.readysteadyprofit.com/RA0158/jchospice08@live.com/110RSP/K/BTCV19 HTTP 302
https://www.clkmg.com/RomanAnal/RA0158/jchospice08@live.com/110RSP/K/BTCV19 HTTP 302
https://www.behindthemarkets-btm.com/4P7M9M/6XM19T/?sub1=jchospice08@live.com&sub2=110RSP&sub3=K&sub4=BTCV19&sub5= HTTP 302
https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/660882099/?random=1593121930&cv=11&fst=1703341545386&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812088355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=%22Cut%20%26%20Paste%22&value=0&auid=363172586.1703341545&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=6e2GZYaJHauWxdwP_ouJyAs&sscte=1&crd=&eitems=ChAIgKearAYQs7OVlp2_5sVzEh0AHr-MQXVYgP2r6yKWubA_BHWGQKCxjLdddzRkNA&pscrd=EkxDaEFJZ0tlYXJBWVFqWmFzNExTUjBma1dFaVVBVnhQb01USFdXVER3dUVNbVotSHVGMGN4Z2FxSmZkZmNjXzZENEFBRjZxSmhfOE5aGldDaEFJZ0tlYXJBWVF0T21vNXNmeWxvMUpFaTBBOUI1WFFCNUQtLUVCdmp3d25mc0xJb3hQSEltbk5mZjhsWEgxS3dFNkdkTTh5Z19vVXdTVmhFdFpOYWMiEwjGof_d4aWDAxUrS5EFHf5FArk HTTP 302
https://www.google.com/pagead/1p-conversion/660882099/?random=1593121930&cv=11&fst=1703341545386&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812088355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=%22Cut%20%26%20Paste%22&value=0&auid=363172586.1703341545&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tlYXJBWVFqWmFzNExTUjBma1dFaVVBVnhQb01USFdXVER3dUVNbVotSHVGMGN4Z2FxSmZkZmNjXzZENEFBRjZxSmhfOE5aGldDaEFJZ0tlYXJBWVF0T21vNXNmeWxvMUpFaTBBOUI1WFFCNUQtLUVCdmp3d25mc0xJb3hQSEltbk5mZjhsWEgxS3dFNkdkTTh5Z19vVXdTVmhFdFpOYWMiEwjGof_d4aWDAxUrS5EFHf5FArk&is_vtc=1&ocp_id=6e2GZYaJHauWxdwP_ouJyAs&cid=CAQSGwAvHhf_ENVw-4cOpCbcF9arPb7BZo6TIMLrdg&eitems=ChAIgKearAYQs7OVlp2_5sVzEh0AHr-MQQ4e-ZKfVu_ArMl24P5VUAoZ5Tc4MwyQyg&random=3506188877 HTTP 302
https://www.google.de/pagead/1p-conversion/660882099/?random=1593121930&cv=11&fst=1703341545386&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812088355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=%22Cut%20%26%20Paste%22&value=0&auid=363172586.1703341545&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tlYXJBWVFqWmFzNExTUjBma1dFaVVBVnhQb01USFdXVER3dUVNbVotSHVGMGN4Z2FxSmZkZmNjXzZENEFBRjZxSmhfOE5aGldDaEFJZ0tlYXJBWVF0T21vNXNmeWxvMUpFaTBBOUI1WFFCNUQtLUVCdmp3d25mc0xJb3hQSEltbk5mZjhsWEgxS3dFNkdkTTh5Z19vVXdTVmhFdFpOYWMiEwjGof_d4aWDAxUrS5EFHf5FArk&is_vtc=1&ocp_id=6e2GZYaJHauWxdwP_ouJyAs&cid=CAQSGwAvHhf_ENVw-4cOpCbcF9arPb7BZo6TIMLrdg&eitems=ChAIgKearAYQs7OVlp2_5sVzEh0AHr-MQQ4e-ZKfVu_ArMl24P5VUAoZ5Tc4MwyQyg&random=3506188877&ipr=y

Request Chain 49

https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zJzApnxBb0dhZnhjL0tQYmtzN1NMY2dDVmRQRWhlcGtVUWNDb3pGZCt4OWlxSU52cFp3VzVvOEtZN2JJcnRxQWpiNm5YS1JlcWtUUjE4ejVKQ3YyTEp3a1o1WmpPOFhpaTh5NDdtdEN0aUdOVXRmVGkyVUdObmdWanA2RFFERnFnWjZsaFc3UTJjSkR6bGxrZzBIZ29GSnJsbVRLWHU5N2VvYTRYYllhYXZaVXNwMFBBcEZuRGR6VVE0aVM3alJRemNlUXI2WnNKM3NpQms3L2pNWVB3SllBNExGMVNSamhrK05jQnpSWWwzYjNjamxlekV1UEZRWHhudTcvMkpGb2NJRHd5WEJUOEJCQXdLeXBOd3E2LzQ2NlpMbHdCb1NwYldLbmp2SUJ6RXowL2Y3RT18&cppv=2

Request Chain 52

https://sslwidget.criteo.com/event?a=93258&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26p%3D1&p2=e%3Ddis&adce=1&bundle=KcLawV9GJTJGc29uZ2VsUUhGdmZYMkFmdVJTbVV6M2RtUjRGbiUyQjROeWVnREtTN044JTJGeUVoTFNtUk5ic3IlMkJWbiUyRmxmeTA0RlFLaENzTUF3Zk4wcExsWU8yMVp1cVBlY1FNMUMxU3lLOUwxZHVHbmZWZWxPVDQ4a3haZTJ5aHVoJTJCaWxQcDZ6anpKQXpzOE15bVV1NVBZdVY4UHJLaWNBUTVTNFY4azFrTFNFN3pIMjZScEklM0Q&tld=behindthemarkets.com&dy=1&fu=https%253A%252F%252Fgo.behindthemarkets.com%252Flimited-time-offer-4-video%252F%253F_ef_transaction_id%253D6810041ce2d74367b8e61dae955ae868%2526utm_source%253D82%2526utm_campaign%253D%2526utm_medium%253D%2526id%253Djchospice08%252540live.com%2526iocid%253D%2526aff%253D82%2526creative_id%253D%2526oid%253D120%2526message_id%253D%2526link_id%253D&ceid=bd3cb9bf-b97c-4497-a857-3046e13f5bae&dtycbr=69359 HTTP 302
https://widget.us.criteo.com/event?a=93258&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26p%3D1&p2=e%3Ddis&adce=1&bundle=KcLawV9GJTJGc29uZ2VsUUhGdmZYMkFmdVJTbVV6M2RtUjRGbiUyQjROeWVnREtTN044JTJGeUVoTFNtUk5ic3IlMkJWbiUyRmxmeTA0RlFLaENzTUF3Zk4wcExsWU8yMVp1cVBlY1FNMUMxU3lLOUwxZHVHbmZWZWxPVDQ4a3haZTJ5aHVoJTJCaWxQcDZ6anpKQXpzOE15bVV1NVBZdVY4UHJLaWNBUTVTNFY4azFrTFNFN3pIMjZScEklM0Q&tld=behindthemarkets.com&dy=1&fu=https%253A%252F%252Fgo.behindthemarkets.com%252Flimited-time-offer-4-video%252F%253F_ef_transaction_id%253D6810041ce2d74367b8e61dae955ae868%2526utm_source%253D82%2526utm_campaign%253D%2526utm_medium%253D%2526id%253Djchospice08%252540live.com%2526iocid%253D%2526aff%253D82%2526creative_id%253D%2526oid%253D120%2526message_id%253D%2526link_id%253D&ceid=bd3cb9bf-b97c-4497-a857-3046e13f5bae&dtycbr=69359

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Qd4OdOWjM5PSyR9bWe0q9MOzpHJ2FQQs-gVw8g&google_cm&google_hm=ay1RZDRPZE9Xak01UFN5UjliV2UwcTlNT3pwSEoyRlFRcy1nVnc4Zw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Qd4OdOWjM5PSyR9bWe0q9MOzpHJ2FQQs-gVw8g&google_gid=CAESEKZYUlwUra5QM5JeDaa9mIg&google_cver=1&google_ula=913071,0

Request Chain 70

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2899154992268298749

Request Chain 81

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5tO84eWjM5PSyR9bWe0q9MOzpHIh4FppkXeQiw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5tO84eWjM5PSyR9bWe0q9MOzpHIh4FppkXeQiw&C=1

Request Chain 82

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=5FcW-FY_4dK43R1wLpC5alLJKhxW_9mm HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5FcW-FY_4dK43R1wLpC5alLJKhxW_9mm

Request Chain 104

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Of_m3BLcrfS9H8mq-tjFiMMk6k7mCYRW

Request Chain 111

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=1tHEIs0xqtbImDXprurzG8zJ_qnLcLOe

145 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
go.behindthemarkets.com/limited-time-offer-4-video/
Redirect Chain

https://click.makes.readysteadyprofit.com/?qs=9190b3379f35d8b7052066f2fca1880b409f57c193804ed0e9cb00231b0c2e768cdbf78e5135dcf03c0730c482be536b7af98fb0aa707d77
https://tracking.readysteadyprofit.com/RA0158/jchospice08@live.com/110RSP/K/BTCV19
https://www.clkmg.com/RomanAnal/RA0158/jchospice08@live.com/110RSP/K/BTCV19
https://www.behindthemarkets-btm.com/4P7M9M/6XM19T/?sub1=jchospice08@live.com&sub2=110RSP&sub3=K&sub4=BTCV19&sub5=
https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creat...

100 KB
21 KB

545ms
261ms

Document
text/html

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

ca78c0a9da68647d399ea96e1ae090083ee80e30421a9b99a3ec7988df904c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 14:25:44 GMT
etag: W/"58dd93b0d43c26da436e89a8a93a53ab"
last-modified: Thu, 30 Nov 2023 15:33:14 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83a1468cbfc891d7-FRA
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 14:25:44 GMT
location: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Bz2QhPoIPXx4MQwKv70T4Vqpv75HXyWWy3RuPKbJap22jxPzKQ644BK%2BYzmoZBh1UbEjDTw277PsxvmHpT1yNpPevXG6zc6yeHdZbDGQ8y5pKcxqGM8wTmeHeQi1pD6wTcxeeKc%2B7N7pDzMTnS9eMxvPu8ECc3wdvpy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
via: 1.1 google
x-eflow-request-id: dd274ac5-4708-4dc4-9644-4623e3f08fac

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 76ms
20ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:35:01 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 1187444
etag: "HsLdGg"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 6a388ad1d0805f70cfc1aed70d9e01a8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Sun, 08 Dec 2024 20:35:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 84ms
33ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700

Requested by

Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

539e17843e478a8dbd8b66ef493c594265ad4758100712815a99d6faa6cbc7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 14:25:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 14:25:45 GMT

GET
H2 200 everflow.js Show response
www.behindthemarkets-btm.com/scripts/sdk/ 60 KB
19 KB 32ms
31ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bae72ea2a056b660b2aa5a28de47d0b4758ce08079c92c10243f045c5532594d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 553
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 23 Dec 2023 14:16:32 GMT
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBBhnmFfZPZGcjcbLx2GQQ8ODeEjH5pCn3xNF8M77VoF8KC13Y%2BtH7QQl%2BpbKXd5ElzrAzIGKDW7nMBkbxbzV91%2FZ0zb1j%2BKV017%2BZ8WZjMxIvZCxvYIjkPBNNAcuTv7cGFk%2BD4XI6vry%2Bjex%2Brzl4nTy8Cn4rnCXj6G"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: dbaa985f-5258-48d4-8f2e-803a82c642dc
cf-ray: 83a146911b7391d7-FRA

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 189ms
133ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:24:32 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 73
etag: "nt2STQ"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 94a102f7f404777aa5bcca8c4d76f516
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Sat, 23 Dec 2023 14:29:32 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 204ms
146ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: gzip
server: Google Frontend
age: 0
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 6f47fc0768c087af8ded095408519d6a
cache-control: public, max-age=300
content-length: 5417
expires: Sat, 23 Dec 2023 14:30:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
95 KB 90ms
39ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fab9e1396115364c5261d831d9a026595ff056e9f82ea765a3e33ca980318c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96733
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Dec 2023 14:25:45 GMT

GET
H/1.1 200
OK sdk.js Show response
behindthemarkets.app.optipub.com/sdk/ 17 KB
7 KB 644ms
274ms Script
application/javascript 34.225.139.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://behindthemarkets.app.optipub.com/sdk/sdk.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.139.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-139-193.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.3.33 / PHP/7.3.33
Resource Hash: d59a74862cc6c91ca00868fe7af4d67ee75532aab80a7c4f9922b50a8691d81f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:45 GMT
Content-Encoding: gzip
Server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.3.33
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: application/javascript
Cache-Control: max-age=3600, private
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 6633

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 9 KB
4 KB 76ms
26ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=601261&u=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&f=1&vn=1.5
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 61a447ee32060675d1fcbc65d46f29dbae28149a3f7df1ebe00341ee644fc358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1703088000"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 loader.min.js Show response
fast.vidalytics.com/embeds/PzpZ_7KZ/HWnbJSnBilcDOZGV/ 42 KB
11 KB 617ms
505ms Script
application/javascript 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/HWnbJSnBilcDOZGV/loader.min.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (dac/9C98) /
Resource Hash: eb76a58ac33836e37289951ca7159f13a1e60bfb536c86ff2c82084d9bfe95b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: gzip
via: 1.1 google
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
x-cdn: 3
age: 302
x-cache: HIT
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10595
surrogate-key: lb-api
last-modified: Sat, 23 Dec 2023 14:20:43 GMT
server: ECAcc (dac/9C98)
x-cdn-info: loader
vary: Accept-Encoding
x-cdn-site: c3-prod
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=900, s-maxage=1800
x-lb-backend: api-prod
x-lb-cache: disabled

GET
H2 200 4GME6NJIPIHTnjzsOjfexcWeo6hgIbdckXLIW1KOHqM2j6WmpekhnI4_HbvMRAyEftfgGtXTk0OOLNZ380cflg=s16
lh3.googleusercontent.com/ 520 B
818 B 82ms
20ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/4GME6NJIPIHTnjzsOjfexcWeo6hgIbdckXLIW1KOHqM2j6WmpekhnI4_HbvMRAyEftfgGtXTk0OOLNZ380cflg=s16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e9d3ad3e03f22edbbb6bad690168cbe021e350a079a7c39e5d1338994eaa7b4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 13:29:02 GMT
x-content-type-options: nosniff
age: 3403
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 520
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 24 Dec 2023 13:29:02 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 75ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:04 GMT
x-content-type-options: nosniff
age: 365501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:54:04 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 97ms
50ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:01:29 GMT
x-content-type-options: nosniff
age: 203056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 06:01:29 GMT

GET
H2 200 AlZy_zVFtYP12Zncg2kRcn35.woff2
fonts.gstatic.com/s/rozhaone/v15/ 18 KB
18 KB 67ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rozhaone/v15/AlZy_zVFtYP12Zncg2kRcn35.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 20:11:15 GMT
x-content-type-options: nosniff
age: 411270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18176
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 20:11:15 GMT

GET
H2 200 4GME6NJIPIHTnjzsOjfexcWeo6hgIbdckXLIW1KOHqM2j6WmpekhnI4_HbvMRAyEftfgGtXTk0OOLNZ380cflg=w1600
lh3.googleusercontent.com/ 67 KB
67 KB 272ms
231ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/4GME6NJIPIHTnjzsOjfexcWeo6hgIbdckXLIW1KOHqM2j6WmpekhnI4_HbvMRAyEftfgGtXTk0OOLNZ380cflg=w1600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

33e4b1183a5b239c1b7a8e5160765664accc2929fcf49d8db574d6c56bcc2681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68243
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 24 Dec 2023 14:25:45 GMT

GET
H3 200 tag-e91c5a36c3204342d0cb896a3d55cd7e.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 181 KB
51 KB 51ms
26ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-e91c5a36c3204342d0cb896a3d55cd7e.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=601261&u=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&f=1&vn=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: a9c67bc96105a3572353b94a5153184e4203d10e64f58f895bc2dd9817d4193e

Request headers

Referer: https://go.behindthemarkets.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 23 Dec 2023 07:49:56 GMT
server: gfra1
etag: "65869124-c9f2"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51698

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
145 B 110ms
110ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=601261&d=go.behindthemarkets.com&u=D60284988D91097FBA079E1A8A6B9B2FF&h=941d75641275fd03075396b80b44176b&t=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
91 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be87735a9fe0dc9e88b7e7ded095080c70ffe0697b632fd5cb5980b5717f9059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92684
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 14:25:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4737c533bc72f928e385295d4ffe2f3ff1ffa70c1d3028c26388e102ec457fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93076
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 14:25:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 13:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2248
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 23 Dec 2023 15:48:17 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/660882099/ 3 KB
2 KB 118ms
61ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/660882099/?random=1703341545386&cv=11&fst=1703341545386&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812088355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=%22Cut%20%26%20Paste%22&value=0&bttype=purchase&auid=363172586.1703341545&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7982306e2c44cb7e0cc75b86d0bd821a51344dd0fb06eef5e087a49d7df77cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1761
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 187ms
113ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=93258

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e1593f989bc71975b054e1f520b562551eb15397a4ade1656b988a59e020dd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 227ms
154ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108898

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

007a4f37862f0939b008ddc457ce5f3ec02e6fe5cb2fb1f0f5fddc4e03170695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 109ms
37ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108895

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fbd1f6154a86a6b879f908847dcabb938d6716b66df5e0a1c0aefe8f5e58cd02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 115ms
43ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108896

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

df9dde0f6cd65bdb8fbfd852cc1a2b6a17a1600fdb29eec3ebd6d04368dd03c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 141ms
88ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108897

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

530a8eecb4ed2f70062659424d6ae1b929319154d02c665e07686ce7348f2639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 142ms
142ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=109892

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

15dea211620c6e64debe432746f4a2cb252309620aac04e97216fb3820836980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 133ms
133ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=109899

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6253792ac39f6b3058e8f784ca2df8635cc76895d5cd52987ff221f343e8243e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-660882099

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ad3d2fd40ab944ee1e1cf13f5b074f989402a1bcc94f77bdca2cc8a403a61ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80971
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Dec 2023 14:25:45 GMT

GET
H3 200 apmLib-24d179d45b6baac8aa42cd4b8ea02e83.js Show response
dev.visualwebsiteoptimizer.com/ 4 KB
2 KB 32ms
32ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/apmLib-24d179d45b6baac8aa42cd4b8ea02e83.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-e91c5a36c3204342d0cb896a3d55cd7e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 94894d4b7017896ce8762a5c2182b732dd1bfeb6dd62024074b1b836f8ec2264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 23 Dec 2023 07:49:54 GMT
server: gfra1
etag: "65869122-60e"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1550

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 2 KB
876 B 24ms
23ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=601261&settings_type=1&vn=7.0
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-e91c5a36c3204342d0cb896a3d55cd7e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 4e3db361c6f2df88d7876742ab9f16c25b1dd78f6519e6652fc939f311cd7e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1703088000"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/ Frame 0DC1 90 KB
18 KB 539ms
262ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&aff=82&creative_id=&id=jchospice08%40live.com&iocid=&link_id=&message_id=&oid=120&utm_campaign=&utm_medium=&utm_source=82

Requested by

Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

4040a23249be37ba8f08aa69ea757a96373730cfdc45fe628cc0636bfbeeba1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 14:25:45 GMT
etag: W/"9a08c7fd674e8ddd915f400dbf67ddf8"
last-modified: Wed, 20 Sep 2023 14:55:56 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 identify.html Show response
js.center.io/ Frame CF76 4 KB
2 KB 29ms
28ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 269
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Sat, 23 Dec 2023 14:21:16 GMT
etag: "OMWYXg"
expires: Sat, 23 Dec 2023 14:26:16 GMT
server: Google Frontend
x-cloud-trace-context: 4f893de04b02d34290d3d3c97d2b7f61

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 27ms
27ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1884273418&t=pageview&_s=1&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&ul=en-us&de=UTF-8&dt=%22Cut%20%26%20Paste%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=461191447&gjid=885974720&cid=433203033.1703341546&tid=UA-102395123-1&_gid=1827630194.1703341546&_r=1&_slc=1&gtm=45He3bt0n81WNRH3TXv812088355&cd1=82&cd2=6810041ce2d74367b8e61dae955ae868&cd3=false&cd4=false&cd5=false&cd6=false&cd7=false&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=723310288

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/660882099/ 3 KB
2 KB 109ms
62ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/660882099/?random=1703341545581&cv=11&fst=1703341545581&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9138725453&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&hn=www.googleadservices.com&frm=0&tiba=%22Cut%20%26%20Paste%22&auid=363172586.1703341545&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-660882099

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

222c3c35804605dc9f4a0c763c03a527c4373e176d7ddef602fb88a91493a1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 77ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDYSD5C2HD&gtm=45je3bt0v9125329637z8812088355&_p=1703341545203&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=433203033.1703341546&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703341545&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&dt=%22Cut%20%26%20Paste%22&en=page_view&_fv=1&_ss=1&tfd=2928
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 82ms
28ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDYSD5C2HD&cid=433203033.1703341546&gtm=45je3bt0v9125329637z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 97ms
47ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDYSD5C2HD&cid=433203033.1703341546&gtm=45je3bt0v9125329637z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1406318986

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 56ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444z8812088355&_p=1703341545203&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=433203033.1703341546&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703341545&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&dt=%22Cut%20%26%20Paste%22&en=page_view&_fv=1&_ss=1&epn.variant_id=0&tfd=2950
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 60ms
28ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8R6YNFMJ23&cid=433203033.1703341546&gtm=45je3bt0v874108444z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 75ms
47ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=433203033.1703341546&gtm=45je3bt0v874108444z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1191310200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/660882099/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/660882099/?random=1593121930&cv=11&fst=1703341545386&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812088355&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/660882099/?random=1593121930&cv=11&fst=1703341545386&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812088355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/660882099/?random=1593121930&cv=11&fst=1703341545386&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812088355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
108 B

37ms
37ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/660882099/?random=1593121930&cv=11&fst=1703341545386&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812088355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=%22Cut%20%26%20Paste%22&value=0&auid=363172586.1703341545&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tlYXJBWVFqWmFzNExTUjBma1dFaVVBVnhQb01USFdXVER3dUVNbVotSHVGMGN4Z2FxSmZkZmNjXzZENEFBRjZxSmhfOE5aGldDaEFJZ0tlYXJBWVF0T21vNXNmeWxvMUpFaTBBOUI1WFFCNUQtLUVCdmp3d25mc0xJb3hQSEltbk5mZjhsWEgxS3dFNkdkTTh5Z19vVXdTVmhFdFpOYWMiEwjGof_d4aWDAxUrS5EFHf5FArk&is_vtc=1&ocp_id=6e2GZYaJHauWxdwP_ouJyAs&cid=CAQSGwAvHhf_ENVw-4cOpCbcF9arPb7BZo6TIMLrdg&eitems=ChAIgKearAYQs7OVlp2_5sVzEh0AHr-MQQ4e-ZKfVu_ArMl24P5VUAoZ5Tc4MwyQyg&random=3506188877&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/660882099/?random=1593121930&cv=11&fst=1703341545386&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v812088355&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=%22Cut%20%26%20Paste%22&value=0&auid=363172586.1703341545&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0tlYXJBWVFqWmFzNExTUjBma1dFaVVBVnhQb01USFdXVER3dUVNbVotSHVGMGN4Z2FxSmZkZmNjXzZENEFBRjZxSmhfOE5aGldDaEFJZ0tlYXJBWVF0T21vNXNmeWxvMUpFaTBBOUI1WFFCNUQtLUVCdmp3d25mc0xJb3hQSEltbk5mZjhsWEgxS3dFNkdkTTh5Z19vVXdTVmhFdFpOYWMiEwjGof_d4aWDAxUrS5EFHf5FArk&is_vtc=1&ocp_id=6e2GZYaJHauWxdwP_ouJyAs&cid=CAQSGwAvHhf_ENVw-4cOpCbcF9arPb7BZo6TIMLrdg&eitems=ChAIgKearAYQs7OVlp2_5sVzEh0AHr-MQQ4e-ZKfVu_ArMl24P5VUAoZ5Tc4MwyQyg&random=3506188877&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 27ms
27ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102395123-1&cid=433203033.1703341546&jid=461191447&gjid=885974720&_gid=1827630194.1703341546&_u=YEBAAEAAAAAAACAAI~&z=1901160125

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 23 Dec 2023 14:25:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0492 14 KB
6 KB 111ms
38ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=108895

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 14:25:45 GMT
server: Kestrel
server-processing-duration-in-ticks: 393224
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444&_p=1703341545203&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=433203033.1703341546&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703341545&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&dt=%22Cut%20%26%20Paste%22&en=scroll&epn.variant_id=0&epn.percent_scrolled=90&_et=30&tfd=3010
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
685 B 413ms
138ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=rxn3K9Ww42mqevm3tZeLiZ&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=V2DmUWbPQj8FCvsiDV8Yir&sid=G3NWWiK6aKSY5yFw5TBsvi&cid=lp-rxn3K9Ww42mqevm3tZeLiZ&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:46 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 217.114.218.26
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 009cr2f4bk9pmqularo0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 94ms
47ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102395123-1&cid=433203033.1703341546&jid=461191447&_u=YEBAAEAAAAAAACAAI~&z=264218004

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
46ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102395123-1&cid=433203033.1703341546&jid=461191447&_u=YEBAAEAAAAAAACAAI~&z=264218004

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/660882099/ 42 B
455 B 67ms
33ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/660882099/?random=1703341545581&cv=11&fst=1703340000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9138725453&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&frm=0&tiba=%22Cut%20%26%20Paste%22&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_znOw0vTdaa9ekwNlpd6Y6CrLFLuqCw&random=3183807027&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/660882099/ 42 B
154 B 33ms
33ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/660882099/?random=1703341545581&cv=11&fst=1703340000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9138725453&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&frm=0&tiba=%22Cut%20%26%20Paste%22&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_znOw0vTdaa9ekwNlpd6Y6CrLFLuqCw&random=3183807027&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0492
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=zJzApnxBb0dhZnhjL0tQYmtzN1NMY2dDVmRQRWhlcGtVUWNDb3pGZCt4OWlxSU52cFp3VzVvOEtZN2JJcnRxQWpiNm5YS1JlcWtUUjE4ejVKQ3YyTEp3a1o1WmpPOFhpaTh5NDdtdEN0aUdOVXRmVGkyVUdObmdWanA2RF...

465 B
670 B

38ms
38ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zJzApnxBb0dhZnhjL0tQYmtzN1NMY2dDVmRQRWhlcGtVUWNDb3pGZCt4OWlxSU52cFp3VzVvOEtZN2JJcnRxQWpiNm5YS1JlcWtUUjE4ejVKQ3YyTEp3a1o1WmpPOFhpaTh5NDdtdEN0aUdOVXRmVGkyVUdObmdWanA2RFFERnFnWjZsaFc3UTJjSkR6bGxrZzBIZ29GSnJsbVRLWHU5N2VvYTRYYllhYXZaVXNwMFBBcEZuRGR6VVE0aVM3alJRemNlUXI2WnNKM3NpQms3L2pNWVB3SllBNExGMVNSamhrK05jQnpSWWwzYjNjamxlekV1UEZRWHhudTcvMkpGb2NJRHd5WEJUOEJCQXdLeXBOd3E2LzQ2NlpMbHdCb1NwYldLbmp2SUJ6RXowL2Y3RT18&cppv=2

Requested by

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5f9a150ebeeb2bb21f45bdc1675252fade3d8550dc8f22403e907f6be1c9adc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1290125
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=zJzApnxBb0dhZnhjL0tQYmtzN1NMY2dDVmRQRWhlcGtVUWNDb3pGZCt4OWlxSU52cFp3VzVvOEtZN2JJcnRxQWpiNm5YS1JlcWtUUjE4ejVKQ3YyTEp3a1o1WmpPOFhpaTh5NDdtdEN0aUdOVXRmVGkyVUdObmdWanA2RFFERnFnWjZsaFc3UTJjSkR6bGxrZzBIZ29GSnJsbVRLWHU5N2VvYTRYYllhYXZaVXNwMFBBcEZuRGR6VVE0aVM3alJRemNlUXI2WnNKM3NpQms3L2pNWVB3SllBNExGMVNSamhrK05jQnpSWWwzYjNjamxlekV1UEZRWHhudTcvMkpGb2NJRHd5WEJUOEJCQXdLeXBOd3E2LzQ2NlpMbHdCb1NwYldLbmp2SUJ6RXowL2Y3RT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 383368
content-length: 0
expires: 0

GET
H3 200 player-dash-mse.min.js Show response
fast.vidalytics.com/embeds/PzpZ_7KZ/HWnbJSnBilcDOZGV/ 2 MB
605 KB 67ms
24ms XHR
application/javascript 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/HWnbJSnBilcDOZGV/player-dash-mse.min.js?hash=qfomyxem
Requested by: Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/HWnbJSnBilcDOZGV/loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C94) /
Resource Hash: 9606516393d832a0aab5faf1918fa8ab4058b00d533a5423a170671ecb82cc73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: gzip
via: 1.1 google
x-cdn: 3
age: 2056479
x-guploader-uploadid: ABPtcPr2drffwxlmfe2QURE2Qdt-cvpNr8pGRSJLmyOP85TOCOD865r0aug3MMb-hP7Wu6wVNENImhRIvnzEYEBL-9jV
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 618904
last-modified: Mon, 30 Oct 2023 18:24:20 GMT
server: ECAcc (frc/4C94)
etag: "2bf05b79949e4251c9f6fbe130f8447b"
vary: Accept-Encoding
x-cdn-site: c3-prod
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-generation: 1698690260302302
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=300, s-maxage=2592000
x-goog-hash: crc32c=KlK54A==, md5=K/BbeZSeQlHJ9vvhMPhEew==
x-goog-stored-content-length: 618904
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 22 Jan 2024 14:25:45 GMT

GET
H/1.1 200
OK pixel.gif
behindthemarkets.app.optipub.com/sdk/ 1 KB
2 KB 272ms
271ms Image
image/gif 34.225.139.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://behindthemarkets.app.optipub.com/sdk/pixel.gif?page=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&referrer=&utmSource=82&counter=0.4588244350170052
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.139.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-139-193.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.3.33 / PHP/7.3.33
Resource Hash: 58d4b1bd9484ebd342399e408daeaa337b1c935091bd22c8d6ae49e1f828cb02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:45 GMT
Server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.3.33
X-Powered-By: PHP/7.3.33
Content-Type: image/gif
Cache-Control: no-cache, private
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 1101

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=93258&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26p%3D1&p2=e%3Ddis&adce=1&bundle=KcLawV9GJTJGc29uZ2VsUUhGdmZYMkFmdVJTbVV6M2RtUjRGbiUyQj...
https://widget.us.criteo.com/event?a=93258&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26p%3D1&p2=e%3Ddis&adce=1&bundle=KcLawV9GJTJGc29uZ2VsUUhGdmZYMkFmdVJTbVV6M2RtUjRGbiUyQj...

10 KB
5 KB

361ms
125ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=93258&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26p%3D1&p2=e%3Ddis&adce=1&bundle=KcLawV9GJTJGc29uZ2VsUUhGdmZYMkFmdVJTbVV6M2RtUjRGbiUyQjROeWVnREtTN044JTJGeUVoTFNtUk5ic3IlMkJWbiUyRmxmeTA0RlFLaENzTUF3Zk4wcExsWU8yMVp1cVBlY1FNMUMxU3lLOUwxZHVHbmZWZWxPVDQ4a3haZTJ5aHVoJTJCaWxQcDZ6anpKQXpzOE15bVV1NVBZdVY4UHJLaWNBUTVTNFY4azFrTFNFN3pIMjZScEklM0Q&tld=behindthemarkets.com&dy=1&fu=https%253A%252F%252Fgo.behindthemarkets.com%252Flimited-time-offer-4-video%252F%253F_ef_transaction_id%253D6810041ce2d74367b8e61dae955ae868%2526utm_source%253D82%2526utm_campaign%253D%2526utm_medium%253D%2526id%253Djchospice08%252540live.com%2526iocid%253D%2526aff%253D82%2526creative_id%253D%2526oid%253D120%2526message_id%253D%2526link_id%253D&ceid=bd3cb9bf-b97c-4497-a857-3046e13f5bae&dtycbr=69359

Requested by

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

13f18d7f9ac5a8a594178984415834fb1911f184513945fbd5b01e9a7fa770fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 21238388
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=93258&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26tms%3Dgtm-template%26p%3D1&p2=e%3Ddis&adce=1&bundle=KcLawV9GJTJGc29uZ2VsUUhGdmZYMkFmdVJTbVV6M2RtUjRGbiUyQjROeWVnREtTN044JTJGeUVoTFNtUk5ic3IlMkJWbiUyRmxmeTA0RlFLaENzTUF3Zk4wcExsWU8yMVp1cVBlY1FNMUMxU3lLOUwxZHVHbmZWZWxPVDQ4a3haZTJ5aHVoJTJCaWxQcDZ6anpKQXpzOE15bVV1NVBZdVY4UHJLaWNBUTVTNFY4azFrTFNFN3pIMjZScEklM0Q&tld=behindthemarkets.com&dy=1&fu=https%253A%252F%252Fgo.behindthemarkets.com%252Flimited-time-offer-4-video%252F%253F_ef_transaction_id%253D6810041ce2d74367b8e61dae955ae868%2526utm_source%253D82%2526utm_campaign%253D%2526utm_medium%253D%2526id%253Djchospice08%252540live.com%2526iocid%253D%2526aff%253D82%2526creative_id%253D%2526oid%253D120%2526message_id%253D%2526link_id%253D&ceid=bd3cb9bf-b97c-4497-a857-3046e13f5bae&dtycbr=69359
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3156213
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 awesome-log Show response
stats.vidalytics.com/ 43 B
419 B 409ms
134ms XHR
image/gif 107.178.211.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
server: istio-envoy
etag: "PzpZ_7KZ/7JVAJkQGZcFFGdjw"
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
content-length: 43

POST
H2 200 licensing Show response
analytics-ingress-global.bitmovin.com/ 117 B
369 B 84ms
31ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/licensing
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.59.3 /
Resource Hash: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
via: 1.1 google
server: v1.59.3
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 117
alt-svc: clear

GET
H2 200 preview-5_0.jpg
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/thumb/ 2 KB
3 KB 34ms
34ms Image
image/jpeg 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/thumb/preview-5_0.jpg
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC7) /
Resource Hash: 4adf6645be1e84aca4a55820afe02bae1ccc296a7a53fd2ddffaa0c55176474f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
x-cdn: 3
age: 4651293
x-guploader-uploadid: ABPtcPomaze2rqeIJiQuix9NqogpgbTHhhwjoy874VZL-cUNFc4seOTNlzIqsJkogMlzKoBqFL8ZJUOoyUEHsxoXTAMUJRSaEFO1
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2322
last-modified: Mon, 30 Oct 2023 17:39:36 GMT
server: ECAcc (frc/4CC7)
etag: "0b2f441552e64a82c2081e83c3dd44bb"
x-cdn-site: c3-prod
content-type: image/jpeg
access-control-allow-origin: *
x-goog-generation: 1698687576966701
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=+zzeeA==, md5=Cy9EFVLmSoLCCB6Dw91Euw==
x-goog-stored-content-length: 2322
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:46 GMT

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame 0DC1 58 KB
14 KB 21ms
21ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&aff=82&creative_id=&id=jchospice08%40live.com&iocid=&link_id=&message_id=&oid=120&utm_campaign=&utm_medium=&utm_source=82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:35:01 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 1187445
etag: "HsLdGg"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 6a388ad1d0805f70cfc1aed70d9e01a8
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Sun, 08 Dec 2024 20:35:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0DC1 23 KB
2 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700

Requested by

Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&aff=82&creative_id=&id=jchospice08%40live.com&iocid=&link_id=&message_id=&oid=120&utm_campaign=&utm_medium=&utm_source=82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6156ae539e99257a3ff54ba1e531a73b8800c443d0d7c3d38e9dcf657464944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 14:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 14:25:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 14:25:46 GMT

POST
H2 200 licensing Show response
licensing.bitmovin.com/ 165 B
442 B 201ms
148ms XHR
application/json 2600:1901:0:df23::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/licensing
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 165

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 392ms
131ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=TtCfHRE87CW6SrYWDPhTUM&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=256.30000019073486,1,zJjay9sRr7roU9gnb2NBZ7
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:46 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 217.114.218.26
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 009cr2m2pqh0ngd2uf70

GET
H3 200 stream.mpd Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/ 30 KB
30 KB 22ms
22ms XHR
application/dash+xml 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/stream.mpd
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D0B) /
Resource Hash: e172866fe7f3285ec71b5c924d8689466ad4173d55e531fa338c270b526e0111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
x-cdn: 3
age: 4651293
x-guploader-uploadid: ABPtcPqxPLyb0LoBZN0z8J5zlGWXAGnMwo6hjU3LTGQMtvR3s3bEEpP9naYgDk677JL1i4XpeypgtEncs2Vc6CsQS1U21q8TVr2L
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30769
last-modified: Mon, 30 Oct 2023 18:22:39 GMT
server: ECAcc (frc/4D0B)
etag: "7174c2dd631db84043dfcd8c3466922d"
x-cdn-site: c3-prod
content-type: application/dash+xml
access-control-allow-origin: *
x-goog-generation: 1698690159419658
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=BKBDtA==, md5=cXTC3WMduEBD382MNGaSLQ==
x-goog-stored-content-length: 30769
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:46 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame 0DC1 12 KB
5 KB 31ms
31ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&aff=82&creative_id=&id=jchospice08%40live.com&iocid=&link_id=&message_id=&oid=120&utm_campaign=&utm_medium=&utm_source=82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:24:35 GMT
content-encoding: gzip
server: Google Frontend
age: 71
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 29c3cd0f2088800b58ddd567d32e1d35
cache-control: public, max-age=300
content-length: 5417
expires: Sat, 23 Dec 2023 14:29:35 GMT

GET
DATA 200
OK truncated
/ 696 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/480x270_h264_1000000/ 875 B
910 B 22ms
22ms XHR
video/mp4 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/480x270_h264_1000000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D02) /
Resource Hash: 4ebcb4e7f3af156ac8ad1bcaac06f5d00cb2188e4d58b4d6b6e53bd6fbeb5e7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
x-cdn: 3
age: 4651252
x-guploader-uploadid: ABPtcPpdsFpok-mH8xPN9RBJLMTh9pFRjoi6tLWonzyp8Or2sW93465bRKgs6n2SZf3uUSG4Q5pm_j_YMRQ5rqt81Uw5wB1J8APs
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 875
last-modified: Mon, 30 Oct 2023 18:20:30 GMT
server: ECAcc (frc/4D02)
etag: "df030fd3e02db2bfb3a0d7f07102bcec"
x-cdn-site: c3-prod
content-type: video/mp4
access-control-allow-origin: *
x-goog-generation: 1698690030515864
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=5TYLfA==, md5=3wMP0+Atsr+zoNfwcQK87A==
x-goog-stored-content-length: 875
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:46 GMT

GET
H3 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 826 B
861 B 23ms
23ms XHR
video/mp4 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF0) /
Resource Hash: 692b8fd4b2c0b3525a161f23d1908ed0a459540dfce7e877d5fd5e7159ff679b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
x-cdn: 3
age: 4651293
x-guploader-uploadid: ABPtcPqAqkkmxYnPny07YTYJFX7yBsgQ-jSid2bwoisunp2etnfxGA7tZsgysnZN9scoK87b_qAn3AQ112N_Np1wzoCkdlhVEhdW
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 826
last-modified: Mon, 30 Oct 2023 18:22:39 GMT
server: ECAcc (frc/4CF0)
etag: "adf85bddc4d58ad9671162755f9d52b0"
x-cdn-site: c3-prod
content-type: video/mp4
access-control-allow-origin: *
x-goog-generation: 1698690159108645
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=auKRyA==, md5=rfhb3cTVitlnEWJ1X51SsA==
x-goog-stored-content-length: 826
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:46 GMT

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 33ms
32ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.59.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
via: 1.1 google
server: v1.59.3
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H2 200 identify.html Show response
js.center.io/ Frame F11E 4 KB
2 KB 29ms
29ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://btm-btm-btm.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 154
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Sat, 23 Dec 2023 14:23:12 GMT
etag: "OMWYXg"
expires: Sat, 23 Dec 2023 14:28:12 GMT
server: Google Frontend
x-cloud-trace-context: 64f1f430b05fbed34368759d5f5ee95d

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 65DE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Qd4OdOWjM5PSyR9bWe0q9MOzpHJ2FQQs-gVw8g&google_cm&google_hm=ay1RZDRPZE9Xak01UFN5UjliV2UwcTlNT3pwSEoyRlFRc...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Qd4OdOWjM5PSyR9bWe0q9MOzpHJ2FQQs-gVw8g&google_gid=CAESEKZYUlwUra5QM5JeDaa9mIg&google_cver=1&google_ula=913071,0

43 B
369 B

28ms
27ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Qd4OdOWjM5PSyR9bWe0q9MOzpHJ2FQQs-gVw8g&google_gid=CAESEKZYUlwUra5QM5JeDaa9mIg&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 719161
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Qd4OdOWjM5PSyR9bWe0q9MOzpHJ2FQQs-gVw8g&google_gid=CAESEKZYUlwUra5QM5JeDaa9mIg&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 65DE 43 B
146 B 77ms
21ms Image
image/gif 3.66.82.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-XGXNL-WjM5PSyR9bWe0q9MOzpHKKDH5tw1SfcA&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.82.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-82-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 65DE
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2899154992268298749

43 B
369 B

28ms
28ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2899154992268298749

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 914062
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
an-x-request-uuid: e6d856b6-6f59-4edd-aae3-78275f39415b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2899154992268298749
x-proxy-origin: 217.114.218.26; 217.114.218.26; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 65DE 57 B
789 B 165ms
98ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-5xlF4uWjM5PSyR9bWe0q9MOzpHI5LaCSk6Hxgw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 14:25:46 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Sat, 23 Dec 2023 14:25:46 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 65DE 0
239 B 101ms
22ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-1d1haeWjM5PSyR9bWe0q9MOzpHJfn5wxbASdwg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5e091a4bda7cb1b96cf60040ae4e8596
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 65DE 43 B
163 B 124ms
27ms Image
image/gif 89.149.192.74
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Pmg-ZuWjM5PSyR9bWe0q9MOzpHIMM9fD1rHfDA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.74 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 65DE 0
99 B 107ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-FRbahOWjM5PSyR9bWe0q9MOzpHJ-w6WcpYtIbA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28701

GET
H2 200 um
criteo-sync.teads.tv/ Frame 65DE 23 B
163 B 121ms
46ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-E04_NOWjM5PSyR9bWe0q9MOzpHLPSZUdHW_DVw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 14:25:46 GMT
pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 65DE 37 B
140 B 73ms
23ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-57IsdOWjM5PSyR9bWe0q9MOzpHIVP3Pf9I1-3Q&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 65DE 0
125 B 92ms
25ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-vRROl-WjM5PSyR9bWe0q9MOzpHIQBtsmowszDA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame 65DE 56 B
319 B 164ms
67ms Image
image/gif 23.50.131.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-vRROl-WjM5PSyR9bWe0q9MOzpHIQBtsmowszDA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-84.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 23 Dec 2023 14:25:46 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Sat, 23 Dec 2023 14:25:46 GMT

GET
H2 200 pixel
cm.adform.net/ Frame 65DE 43 B
163 B 120ms
32ms Image
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-xFdI8uWjM5PSyR9bWe0q9MOzpHKJvum2Xb6Jpw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
last-modified: Thu, 27 Jul 2023 11:18:06 GMT
server: nginx
accept-ranges: bytes
etag: "64c2526e-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 65DE 49 B
385 B 177ms
65ms Image
image/gif 99.80.37.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-2Uoxj-WjM5PSyR9bWe0q9MOzpHJpTyPpcBxKRA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.37.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-37-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 13
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 65DE
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5tO84eWjM5PSyR9bWe0q9MOzpHIh4FppkXeQiw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5tO84eWjM5PSyR9bWe0q9MOzpHIh4FppkXeQiw&C=1

43 B
324 B

64ms
64ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5tO84eWjM5PSyR9bWe0q9MOzpHIh4FppkXeQiw&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqMtDNOjFziUVrFjrgB3kpgS3%2FFYsySDbv3ML1iR9uHWOvDSMQhTGBsh%2FGygaOLpWP1wC00ZR2V5m6cDgZBXbFRYnxNOTE66yu7AHuc2q7KNq7tajXaSkINZDQsfzA4iRvyA"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a1469a1b3c58ea-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kWm88qST%2FZ%2FcjVPnvM7WXMpHotrzPwroCutP2tlUXtfFF0qOjB2UZiNfkljeXzHKbRh6nP%2BGG0VetrmI%2BnSvjZEdXZpccrIX1%2FAR%2BzxDZ9mjYs%2Bwf4Qm%2FnC5LNsp8DaxqIe"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-5tO84eWjM5PSyR9bWe0q9MOzpHIh4FppkXeQiw&C=1
cache-control: no-cache
cf-ray: 83a146999a5f58ea-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 65DE
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=5FcW-FY_4dK43R1wLpC5alLJKhxW_9mm
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5FcW-FY_4dK43R1wLpC5alLJKhxW_9mm

42 B
717 B

46ms
46ms

Image
image/gif

54.247.25.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5FcW-FY_4dK43R1wLpC5alLJKhxW_9mm

Protocol

Server

54.247.25.231 , Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-25-231.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0f7fdf65c.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: xzR5jtw1SEU=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0422bf190.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: qfy+QBzlRbM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5FcW-FY_4dK43R1wLpC5alLJKhxW_9mm
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 65DE 43 B
921 B 61ms
20ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-ELwEiOWjM5PSyR9bWe0q9MOzpHIrqI7dGHkyWA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 23 Dec 2023 14:25:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame 65DE 43 B
199 B 149ms
46ms Image
image/gif 54.78.81.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-HOkLdOWjM5PSyR9bWe0q9MOzpHI5MPyMjbOr_w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.78.81.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-81-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Dec 2023 14:25:46 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 65DE 42 B
265 B 78ms
30ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-qmMXZeWjM5PSyR9bWe0q9MOzpHLDy4djHcbH5w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 65DE 0
880 B 194ms
142ms Image
text/html 54.93.144.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Av3NJ-WjM5PSyR9bWe0q9MOzpHKtiKDTLsEShg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.144.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-144-24.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 65DE 43 B
423 B 388ms
125ms Image
image/gif 54.165.111.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-_wPq2eWjM5PSyR9bWe0q9MOzpHLdF2pHr_JFXQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.111.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-111-121.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 65DE 0
145 B 485ms
118ms Image
text/plain 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ZMFtGOWjM5PSyR9bWe0q9MOzpHKKCbUlCZiDJg&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:46 GMT
Cache-Control: no-cache
X-TraceId: eb8ab69f0e5ffe0d3cf8f3b516394fbb
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 65DE 0
225 B 118ms
32ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-pCZ_4OWjM5PSyR9bWe0q9MOzpHJm1lSArF00_A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 14:25:46 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 65DE 0
35 B 78ms
21ms Image
text/plain 18.158.234.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-WsmeEeWjM5PSyR9bWe0q9MOzpHLdPcatqJodUw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.234.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-234-201.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 65DE 43 B
398 B 351ms
113ms Image
image/gif 2600:1f18:612b:4200:b09e:1b27:866b:9422
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-e9f7oOWjM5PSyR9bWe0q9MOzpHLfgl1J7cTBVQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b09e:1b27:866b:9422 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 23 Dec 2023 14:25:46 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 65DE 43 B
153 B 105ms
38ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-T2P9r-WjM5PSyR9bWe0q9MOzpHJrAeS8gMfA6w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Dec 2023 14:25:46 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 65DE 0
235 B 116ms
57ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-s7HX_OWjM5PSyR9bWe0q9MOzpHL0sLRr_AbrUA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 14:25:46 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 22 Dec 2023 14:25:46 GMT

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
356 B 131ms
131ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,269,261,545,4,548,652,653,1754,1765
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:46 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 217.114.218.26
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 009cr2k5to8729kgk7m0

POST
H3 200 apm
dev.visualwebsiteoptimizer.com/ 0
33 B 113ms
113ms Ping
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/apm
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/apmLib-24d179d45b6baac8aa42cd4b8ea02e83.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv3c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 14:25:45 GMT
content-encoding: gzip
via: 1.1 google
server: gnv3c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/javascript; charset=UTF-8

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 65DE 0
15 B 25ms
25ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-vRROl-WjM5PSyR9bWe0q9MOzpHIQBtsmowszDA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame 65DE 43 B
857 B 27ms
27ms Image
image/gif 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-AeeuHuWjM5PSyR9bWe0q9MOzpHJH09sL_C4kVA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:46 GMT
an-x-request-uuid: 6e61e663-406a-4cce-8d7f-d053488f37a8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.26; 217.114.218.26; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 1.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/480x270_h264_1000000/ 59 KB
59 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/480x270_h264_1000000/1.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 506483c00673a966b4b90c3169c9488ae3546235380ef89c270c988aa80eef8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
x-cdn: 3
age: 4651073
x-guploader-uploadid: ABPtcPqCgITOD_w0oH9XWkInecwgM86MvnmX3vpZ34mVEvVsFnh4CPbQLtV0-JXakWCKWj9b7aRr1SmOzRri0GyMTnGbdpga91oo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
last-modified: Mon, 30 Oct 2023 18:20:21 GMT
server: ECAcc (frc/4CC2)
etag: "e1c51c4a02bab80c3b0542853df39e32"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690021052262
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=79IITg==, md5=4cUcSgK6uAw7BUKFPfOeMg==
x-goog-stored-content-length: 60178
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:46 GMT

GET
H3 200 1.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 24ms
24ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/1.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CEB) /
Resource Hash: a46b2420feae07e98e0ef37390bccf551c3307a1a409ad330a83bc8798b682cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
x-cdn: 3
age: 4651292
x-guploader-uploadid: ABPtcPoPBoSR36SH8OzCaL8fEgieNOwZmfmeZmTU8hyNgBFKL4tuN66RXImgoLqPiVzHwekNuq_QeHEfV7PT6QBTcUXhC5Gwk1xe
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37517
last-modified: Mon, 30 Oct 2023 18:22:34 GMT
server: ECAcc (frc/4CEB)
etag: "dd438f4996d127787c4599e9f3d63955"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690154103295
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=XZaG2g==, md5=3UOPSZbRJ3h8RZnp89Y5VQ==
x-goog-stored-content-length: 37517
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:46 GMT

GET
BLOB 200
OK 48f570d8-d64b-44db-8754-0f2043e059cf
https://go.behindthemarkets.com/ 80 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.behindthemarkets.com/48f570d8-d64b-44db-8754-0f2043e059cf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b1b4ae8f01d381a1856eb29539ef696f43a9ae59063cbc0b91c3130cf7e102a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 81800
Content-Type

GET
H3 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 877 B
923 B 22ms
22ms XHR
video/mp4 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CDC) /
Resource Hash: 7196c1775f446c320b40f2e845a241770ca9ba08addced7071665f1233d210e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
x-cdn: 3
age: 4651293
x-guploader-uploadid: ABPtcPqQunBeAdLMvFdLvrK2Sjx3e7GS_aRD-kyF6YXtSp9UzD9mBGSA4s6cLbfj7BgAVqdPHKFo-rfJ6E-K8AUHxTvjcvP0wZlE
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 877
last-modified: Mon, 30 Oct 2023 18:22:33 GMT
server: ECAcc (frc/4CDC)
etag: "6abf13fa6128533fd88157ecc3789fdb"
x-cdn-site: c3-prod
content-type: video/mp4
access-control-allow-origin: *
x-goog-generation: 1698690153074920
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=peorzw==, md5=ar8T+mEoUz/YgVfsw3if2w==
x-goog-stored-content-length: 877
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:46 GMT

POST
H2 204 impression Show response
licensing.bitmovin.com/ 0
41 B 37ms
35ms XHR
application/json 2600:1901:0:df23::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/impression
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
81 B 135ms
134ms XHR
application/json 107.178.211.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time: 2
content-length: 16

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 65DE
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Of_m3BLcrfS9H8mq-tjFiMMk6k7mCYRW

0
338 B

146ms
43ms

Image
text/plain

52.214.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Of_m3BLcrfS9H8mq-tjFiMMk6k7mCYRW
Protocol: H2
Server: 52.214.3.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-3-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n010-dub-prod.krxd.net
date: Sat, 23 Dec 2023 14:25:46 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1703341546
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Of_m3BLcrfS9H8mq-tjFiMMk6k7mCYRW
date: Sat, 23 Dec 2023 14:25:46 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 767522
content-length: 0

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
56 B 134ms
134ms XHR
application/json 107.178.211.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time: 2
content-length: 16

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 33ms
33ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.59.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
server: v1.59.3
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 34ms
34ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.59.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
server: v1.59.3
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 32ms
32ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.59.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
server: v1.59.3
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 52ms
51ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.59.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
server: v1.59.3
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 51ms
51ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.59.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
server: v1.59.3
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H2

200

cs
s.thebrighttag.com/ Frame 65DE
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=1tHEIs0xqtbImDXprurzG8zJ_qnLcLOe

35 B
268 B

365ms
119ms

Image
image/gif

3.13.78.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=1tHEIs0xqtbImDXprurzG8zJ_qnLcLOe
Protocol: H2
Server: 3.13.78.215 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-78-215.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:47 GMT
x-bt-requestid: 29f79ef0-a19f-11ee-96ba-0000ac1702cb
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=1tHEIs0xqtbImDXprurzG8zJ_qnLcLOe
date: Sat, 23 Dec 2023 14:25:46 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1068521
content-length: 0

GET
H3 200 2.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 935 KB
935 KB 31ms
31ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/2.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBA) /
Resource Hash: fd02891c4206d809c9821984bda7ea22c7541a2db80ffb0ccc9ec2452327dbbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
x-cdn: 3
age: 3033841
x-guploader-uploadid: ABPtcPp2H00wAjO_pcFWB13FnCDGZMFZLdpErDg9qmjDlmCxlB1_0u3-7IUeTUut_nb_sXMaECDM-sLgc-Ei6Rj2l70HkA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 957611
last-modified: Mon, 30 Oct 2023 18:22:06 GMT
server: ECAcc (frc/4CBA)
etag: "65314abb51502fd3af09aec9102f6136"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690126116534
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=FcTTrw==, md5=ZTFKu1FQL9OvCa7JEC9hNg==
x-goog-stored-content-length: 957611
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:46 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 131ms
131ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=TtCfHRE87CW6SrYWDPhTUM&kind=timer&label=lb_embed_leadbox_load&value=734
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:46 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 217.114.218.26
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 009cr2p0kk1jpna37pjg

GET
H3 200 2.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 24ms
24ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/2.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC5) /
Resource Hash: b28d34e4dda787dc50a53c1f6d7b391e9bb67630eaf5d685d9b623d78cfd094a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
x-cdn: 3
age: 4651292
x-guploader-uploadid: ABPtcPpw3YcgWjjIjsMAomhlyV-b9hApBPY32xmN55Mux9n6DkHhPfvHM93R5lrDWLNwxGEN_CoCU8dCIlvN6qDvZra2TyMBRJ2N
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38688
last-modified: Mon, 30 Oct 2023 18:22:35 GMT
server: ECAcc (frc/4CC5)
etag: "1480c01b999196a133553dcefd0e81ec"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690155049814
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=hrvfYQ==, md5=FIDAG5mRlqEzVT3O/Q6B7A==
x-goog-stored-content-length: 38688
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:46 GMT

GET
H3 200 3.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 1 MB
1 MB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/3.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C88) /
Resource Hash: 485d0a2a7c707b0f44bcd5cf9d4de4bbd49a866c284d41a89079531543d40270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:46 GMT
via: 1.1 google
x-cdn: 3
age: 4651292
x-guploader-uploadid: ABPtcPrcHb9rCAmV2RV81co8v4oCpnKEoNQV-35F8ce1EBfZwDnRYvH3w5vwIfI0OySU6Ww1rSuRPUuZrrl5ek9thfx1EgmaTGkF
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1069973
last-modified: Mon, 30 Oct 2023 18:22:09 GMT
server: ECAcc (frc/4C88)
etag: "4d2ec7c645b7acdd70ea5e7ddd2ccf17"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690129636556
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=f2gn7w==, md5=TS7HxkW3rN1w6l593SzPFw==
x-goog-stored-content-length: 1069973
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:46 GMT

GET
H3 200 3.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/3.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C95) /
Resource Hash: d9d4bc795980bac0921b01b39c6d703056a854b1f6eeb08c2a95dd81b3c44f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651292
x-guploader-uploadid: ABPtcPrV-YVD-IvjtBvJq_xFTf-iJ390Gx5uU9xqoMaHD4zONcWGIfDXvZum5gZyJhAaH7BVrmKG2Ob3A4U2IfBpBCqc594PimcU
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39329
last-modified: Mon, 30 Oct 2023 18:22:35 GMT
server: ECAcc (frc/4C95)
etag: "11830656b9d095258d1524d8e17829e4"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690155629737
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=oE/aOQ==, md5=EYMGVrnQlSWNFSTY4Xgp5A==
x-goog-stored-content-length: 39329
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 4.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 1 MB
1 MB 24ms
24ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/4.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE2) /
Resource Hash: 9aacbafe87976f7ba4b7c73c887d684bbc8b819516e3cb0d1186c2279ee8908f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651292
x-guploader-uploadid: ABPtcPqR9C_5bL7M0-eKb-w-Lk7EL61rFpptLHjRapgu3qKzk_igBU0blufXA_V-sryIKLF3vmSQo8bqo-AqHUY0sTN80EmC_S5S
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1138571
last-modified: Mon, 30 Oct 2023 18:22:13 GMT
server: ECAcc (frc/4CE2)
etag: "0fb29f839b1a36fd2f806571dc240a33"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690133803257
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=0Vb73w==, md5=D7Kfg5saNv0vgGVx3CQKMw==
x-goog-stored-content-length: 1138571
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 4.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/4.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB5) /
Resource Hash: 2b0bc550b2b7d9344115e8e48ed504bcebdada7f826153e3c3a9f5f6d41efb35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651292
x-guploader-uploadid: ABPtcPoVMvFDWfVn0OmG-XmS-5txdm2QHW79EHB9aBIkMFKF6A8NuI18zrr--XGBQLf8s8b_gAIoxk468csTqqDCXs2l943GY_rW
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38436
last-modified: Mon, 30 Oct 2023 18:22:36 GMT
server: ECAcc (frc/4CB5)
etag: "502c1888f85e3a6351c8720b991bf07f"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690156127768
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=bCUFLw==, md5=UCwYiPheOmNRyHILmRvwfw==
x-goog-stored-content-length: 38436
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 5.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 483 KB
483 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/5.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C8E) /
Resource Hash: d0ec1c852207a87c95edd39a19cd73b12115a0122305f08329f5b1d80f86037a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651292
x-guploader-uploadid: ABPtcPqBfCc8Jr_i8BFF2ITdbaBAjoV9rtYdzZF4-bGYeoCym2LdIwYQq9lOURvaRv1cgVCVLUER9YlaVft3G6S_GYOCxZqak_Ma
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 494205
last-modified: Mon, 30 Oct 2023 18:22:18 GMT
server: ECAcc (frc/4C8E)
etag: "cd4816bdcba9ab6dd447cbb2819de57e"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690138898338
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=otgahg==, md5=zUgWvcupq23UR8uygZ3lfg==
x-goog-stored-content-length: 494205
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 5.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 26ms
26ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/5.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CED) /
Resource Hash: 5286fab6b02ce50b695b21b135945ec6e4409bfc7d156e2d7ac156f3ff714cba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651291
x-guploader-uploadid: ABPtcPoAAeLB5CktgifRbJ8qZUaPMD3n0dnr5F5dbn1sWcjPRYA-E31cYtT990-D8nC56YWSMSzEUFpkatjIfBKOnn-N1oS6Hu2U
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39175
last-modified: Mon, 30 Oct 2023 18:22:36 GMT
server: ECAcc (frc/4CED)
etag: "de59f54f4e21247752c55fc5ffbbba44"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690156823693
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=WWTT/A==, md5=3ln1T04hJHdSxV/F/7u6RA==
x-goog-stored-content-length: 39175
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 6.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 606 KB
606 KB 24ms
24ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/6.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD3) /
Resource Hash: f33d40462e6fc3bf78ca609f5a7d7d7586797ac22d2cf1a59c5915974b1b4a31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651291
x-guploader-uploadid: ABPtcPpTrHJIr6kvwmdXpa5RGC1NzxD8d6BX9CWY5gjLPVq6WJmbdDAOqcNUd6WY3IFBvSftDb8g2wQHxR5q-2rhIjxeglXx1H2p
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 620575
last-modified: Mon, 30 Oct 2023 18:22:23 GMT
server: ECAcc (frc/4CD3)
etag: "bfb73f68c0f7b8e4ff41ece7914715a2"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690143995677
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=/V+uTA==, md5=v7c/aMD3uOT/QeznkUcVog==
x-goog-stored-content-length: 620575
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 6.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 39 KB
39 KB 23ms
22ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/6.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D04) /
Resource Hash: 982db6198eb915733f7321be61bb81d8c2977b1e0b62c48a6f5d7a1170980662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4099872
x-guploader-uploadid: ABPtcPrFASgsQqrypBs2KhbvGdZZFhq1WNpEakkxJUHJ2ZU5rY-GweEb8ryoPfy-U-A_JD-FLvI6n_-nhNDHjOwHvhPmOkaBpU4s
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40197
last-modified: Mon, 30 Oct 2023 18:22:37 GMT
server: ECAcc (frc/4D04)
etag: "b649ce525af6b928636db0f58ce0c333"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690157506318
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=QSAnRQ==, md5=tknOUlr2uShjbbD1jODDMw==
x-goog-stored-content-length: 40197
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: hit
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 7.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 931 KB
931 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/7.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBB) /
Resource Hash: 7f40c4189000d65cb1aec66af5224091b29a09dd0036c345903bfd7729b03ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651291
x-guploader-uploadid: ABPtcPr--KQEsjinVbkF5HBBB2vnBe8qcbacA6omOU0cMkwW_vip03Cc-SHvEVqxIYzqv41iYk_f9Uy87KC2DyYiU8Z-onfzRtDN
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 953219
last-modified: Mon, 30 Oct 2023 18:22:27 GMT
server: ECAcc (frc/4CBB)
etag: "34a578ee316a56b9ec0b7e79f398a9e3"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690147281241
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=ZHmUPg==, md5=NKV47jFqVrnsC35585ip4w==
x-goog-stored-content-length: 953219
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 7.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 24ms
24ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/7.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC7) /
Resource Hash: 2dbd2b49d1c4bcaa27f2e8f1b02ce5f8d313b8a5de7ddf887d8f072c9aad95e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651290
x-guploader-uploadid: ABPtcPo1_YqfssTN56_PpcOGuWagnAUJW0N7duk5hMoseKGTSySV3MNHBrH1Xec13hr0CLQdOeb11EdAyn4ZIZdoNn5DdQAWnalv
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37814
last-modified: Mon, 30 Oct 2023 18:22:38 GMT
server: ECAcc (frc/4CC7)
etag: "9ef2032d79a9ee6c53f3aeccbf247dea"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690158070618
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=sKFgRw==, md5=nvIDLXmp7mxT867MvyR96g==
x-goog-stored-content-length: 37814
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 8.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 1 MB
1 MB 43ms
43ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/8.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CCF) /
Resource Hash: 8642d1a52a420f927fca305679d9264b7f41b7b1422721520a39d394b933523d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651290
x-guploader-uploadid: ABPtcPpnDef8p-x62ALWO9utQ5u43fbKi_D6vtw7yxSdVwwprnucdfQC7sRgOjLyyaguomrcihVClx7JsrZPM_QBhbYanZS8qpUx
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1205246
last-modified: Mon, 30 Oct 2023 18:22:31 GMT
server: ECAcc (frc/4CCF)
etag: "5fd110f6bc427818260fea5c4890bb29"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690151491982
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=u+s7gw==, md5=X9EQ9rxCeBgmD+pcSJC7KQ==
x-goog-stored-content-length: 1205246
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 8.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 37 KB
38 KB 23ms
22ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/8.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA4) /
Resource Hash: dee08bb2a5d1e7a926522786840f4841622f88d5948aa963eb5f4466ee1192cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651290
x-guploader-uploadid: ABPtcPrKi97C5nwTQXlKMztOZksXq4aHBhILQLVDA0kabe13qW9tnFLonn9FGdnLbpElX2YSoQ0h6LbJaB3DyyU6r6cZE-BFRxap
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38376
last-modified: Mon, 30 Oct 2023 18:22:38 GMT
server: ECAcc (frc/4CA4)
etag: "480b1eed9858e9cee7d1bfaf0ea0437c"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690158592659
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=k1YC+Q==, md5=SAse7ZhY6c7n0b+vDqBDfA==
x-goog-stored-content-length: 38376
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 9.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 856 KB
856 KB 24ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/9.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CE4) /
Resource Hash: c1b1a2dab675ef9abe29f66de67232fa11dedab25f70969dc31589df2e1d1f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651290
x-guploader-uploadid: ABPtcPqmC7NLFV_zqKN_EHtx8O6rtOhmekzF4JDy-70eD9EuKWdzv9tyfFO2q3s8Iot7GKVD8zb6aPCce5bLAVwUq6lu7g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876653
last-modified: Mon, 30 Oct 2023 18:22:32 GMT
server: ECAcc (frc/4CE4)
etag: "15107c8099ff1ad4319e766b25a6368d"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690152973011
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=dQdTHQ==, md5=FRB8gJn/GtQxnnZrJaY2jQ==
x-goog-stored-content-length: 876653
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 9.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 24ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/9.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 448ed85ace521ff08cc022ead427fd0bee8d4a2c962c00f36d18405e83a65946

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651289
x-guploader-uploadid: ABPtcPrlANle3v48yZyOXIkeOyhXCzxFqLGpWBH6Kc3I_XYoqcOBTxfx-Oek8ap_evV_CovE1FuPZcQ9-TXLNTA_NTz1
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38414
last-modified: Mon, 30 Oct 2023 18:22:38 GMT
server: ECAcc (frc/4CD6)
etag: "5fe3462a172a322cc0873b0d3cbf9459"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690158974511
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=w7Y+jA==, md5=X+NGKhcqMizAhzsNPL+UWQ==
x-goog-stored-content-length: 38414
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 10.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 874 KB
874 KB 21ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/10.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C98) /
Resource Hash: 96ef51265622731160944effe121e82dd197ce8a0d15f4a53b86abb74f17582f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651289
x-guploader-uploadid: ABPtcPrL3a5Id9_O4kMuAdzC3IQwNlg-pA0IsnJ-CLOEUbYfwRG9MUayprkorfogrE5i8GzKXgnMsSOb1GEMTumg1oJKJw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 894952
last-modified: Mon, 30 Oct 2023 18:22:02 GMT
server: ECAcc (frc/4C98)
etag: "c2bd15e84c1e285e7d227a639749df2b"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690122784015
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=HP/VTw==, md5=wr0V6EweKF59Inpjl0nfKw==
x-goog-stored-content-length: 894952
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 10.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/10.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF1) /
Resource Hash: b5bbf9f792667b0e5534329b2b93b5327682e12b74be5163b1606f4a82ef882e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651289
x-guploader-uploadid: ABPtcPpwgzF0j5zXmETjlWwNvWeaftJmluVTgEGCcAOcZytLNFRyK85Q6Jf3lpkr_6hAp3O-yBohSKd6w-Jp1mCMt6NDbb6EcRiP
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38960
last-modified: Mon, 30 Oct 2023 18:22:34 GMT
server: ECAcc (frc/4CF1)
etag: "d664319318b9d40c8752893a434bfc8c"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690154171432
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=h++EgA==, md5=1mQxkxi51AyHUok6Q0v8jA==
x-goog-stored-content-length: 38960
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 11.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 709 KB
709 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/11.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CFE) /
Resource Hash: b617b1ddc40f652bb9579e193c690169647a0efac583b84a94d28b652394dc81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651289
x-guploader-uploadid: ABPtcPo2LIPGlHJCKv6l4wXhEOcfaA6uKvTzxVBOZhDnbyulmu9SYDEc8Q50eEVX04_QqAr023yMdbIkDaVzVppO2TRC6MYNudm7
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 725777
last-modified: Mon, 30 Oct 2023 18:22:02 GMT
server: ECAcc (frc/4CFE)
etag: "c51422ca8170ff8f3d19c069e63cb017"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690122793689
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=0Y+o+g==, md5=xRQiyoFw/489GcBp5jywFw==
x-goog-stored-content-length: 725777
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 11.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 22ms
22ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/11.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D04) /
Resource Hash: dcd128c8f346b3effe3ade4904eab517b440719d60af52ddcf4b90aefd9340a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651288
x-guploader-uploadid: ABPtcPq5i9n_I3DG244TsuSUMe-bDIFfKiogHfG3lk1C7Tcee6Baqf0rUiP27mbAWuzIJqZmvJrey_bJQUqyOus730QZEHboroG5
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37697
last-modified: Mon, 30 Oct 2023 18:22:34 GMT
server: ECAcc (frc/4D04)
etag: "36fc2e2bd991bb5490eecbdf0ee61772"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690154596250
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=3fcoNg==, md5=NvwuK9mRu1SQ7svfDuYXcg==
x-goog-stored-content-length: 37697
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 12.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 559 KB
559 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/12.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBD) /
Resource Hash: 98aa670b53495c75ce89fdbe5746b02d214ecd3e09e37f1ff0986d4c79e31e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651289
x-guploader-uploadid: ABPtcPotnVsnU5Mb-cqQ0HGIUKH7-hU0cbOcLS0gxnJLeKYosb9bdOlhSg7LPw6dRszE6Pnew9U0zbntOhmOPFfyq9pP9KLN4oKS
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 572414
last-modified: Mon, 30 Oct 2023 18:22:02 GMT
server: ECAcc (frc/4CBD)
etag: "bed34df65e29c777546f9a6bba0087f1"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690122791802
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=PpFsIg==, md5=vtNN9l4px3dUb5prugCH8Q==
x-goog-stored-content-length: 572414
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 12.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 28ms
28ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/12.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C90) /
Resource Hash: 3e44648046739e4b7154423ac54cf276f164c7e1be61f22c31fb40eba5dc4e67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651288
x-guploader-uploadid: ABPtcPpPv3bkLPaX9AxbTyj36EZkonHQB-XZ3xyZqfibTmSHyuIXa4m-bkpKyMUt6MX-zremEf6FdD_smCk8vPTL_FRQi7_wjKcF
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39135
last-modified: Mon, 30 Oct 2023 18:22:34 GMT
server: ECAcc (frc/4C90)
etag: "3a78e68e2c88cedd907fe7ec2a742f70"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690154680827
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=2pR/9A==, md5=OnjmjiyIzt2Qf+fsKnQvcA==
x-goog-stored-content-length: 39135
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 13.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 887 KB
887 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/13.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C97) /
Resource Hash: dd95edf2b0183e0db26418ef18f8621cce80c8b88e80a6dbdc3e821dfc460bb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:47 GMT
via: 1.1 google
x-cdn: 3
age: 4651288
x-guploader-uploadid: ABPtcPoGQ_uMhtbLhh42sevfJ5mMEE3MZz1MKeTSu6USn8IttK7wzYR_bBo6zzn5-C436Zfh68I5ZVM64qPG8INcgPaAxAYoE6NP
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 907932
last-modified: Mon, 30 Oct 2023 18:22:02 GMT
server: ECAcc (frc/4C97)
etag: "b293cf33bf4f0dd039b42bcd61c0453f"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690122823915
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=xDh5sQ==, md5=spPPM79PDdA5tCvNYcBFPw==
x-goog-stored-content-length: 907932
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:47 GMT

GET
H3 200 13.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 24ms
24ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/13.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CAC) /
Resource Hash: 523b86e839dabdb3becfab86a031b06d23ea1eaa162c2a274e3725bbb06574b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:48 GMT
via: 1.1 google
x-cdn: 3
age: 3270634
x-guploader-uploadid: ABPtcPp1Pyk9WWw4rC5lo-vKY1ySo3XioT2Fu3pqBIbFz2UNwM5LuS3QiZo5TUO2w-tmoZKOSgfm0RzmEl3dCwfOu3wZXQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38127
last-modified: Mon, 30 Oct 2023 18:22:34 GMT
server: ECAcc (frc/4CAC)
etag: "12c2db44934a942d9417398e83b70a41"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690154691395
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=qyDlNg==, md5=EsLbRJNKlC2UFzmOg7cKQQ==
x-goog-stored-content-length: 38127
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:48 GMT

GET
H3 200 14.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 733 KB
733 KB 26ms
26ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/14.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF2) /
Resource Hash: 90624be28d253f693444e9b7f1b81bc07183afe3f4c7adafbd9dcbfb9f40c701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:48 GMT
via: 1.1 google
x-cdn: 3
age: 4651288
x-guploader-uploadid: ABPtcPrRysC88bzZSP5PN2VHgwbo4TdRx2XdE3-wCGicYjw072A-ohKE2n_JJ97LseS5QFQbZDoAFErshmDBuIjs8QEE_91XiW8H
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750162
last-modified: Mon, 30 Oct 2023 18:22:02 GMT
server: ECAcc (frc/4CF2)
etag: "d7bf95b5ff2110b4e23f2128d2db1dfa"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690122823371
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=n/neag==, md5=17+Vtf8hELTiPyEo0tsd+g==
x-goog-stored-content-length: 750162
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:48 GMT

GET
H3 200 14.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 27ms
27ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/14.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB3) /
Resource Hash: 7ac306587d4e2923ea174cd591292fac1c98f661606fe7021215f26f320c1e71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:48 GMT
via: 1.1 google
x-cdn: 3
age: 4651288
x-guploader-uploadid: ABPtcPoo6zu7yGJOFXccBIKvP70Jk_ORNksiQD49QMZeVc35AwGlxKpwtVMLUJeFwRBAhMWM6qNy2q-hKDd2fOqPXzWiF4SjUJcO
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38768
last-modified: Mon, 30 Oct 2023 18:22:34 GMT
server: ECAcc (frc/4CB3)
etag: "688c8bc26a9965b767ac16e8b4d7d988"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690154645383
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=azXKLg==, md5=aIyLwmqZZbdnrBbotNfZiA==
x-goog-stored-content-length: 38768
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:48 GMT

GET
H3 200 15.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/ 766 KB
766 KB 25ms
25ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/video/1920x1080_h264_4000000/15.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA5) /
Resource Hash: 51f790270b3ab8d8694126f30bd1db23957f1b58f4aa4da376c19aca556e01b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:48 GMT
via: 1.1 google
x-cdn: 3
age: 4651288
x-guploader-uploadid: ABPtcPptPrWZfNu5x0K1mRVqrKlPg6J8RqwadNv8cnn1wLP3Me3DdauzBYfjTHAPoDQC0Jrml-x0XOIzHtytWK6NOn80br25bQbb
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 784278
last-modified: Mon, 30 Oct 2023 18:22:04 GMT
server: ECAcc (frc/4CA5)
etag: "71a96cd55888b6904fa97b15c586c2a3"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690124519334
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=FA4nPQ==, md5=cals1ViItpBPqXsVxYbCow==
x-goog-stored-content-length: 784278
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Tue, 17 Dec 2024 14:25:48 GMT

GET
H3 200 15.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 24ms
24ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/oGLMs2kTG654hsla/114447/116240__FFMPEG/m4s/audio/aac_96000/15.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB4) /
Resource Hash: f6918eef0e75adf72c3938a26e8aca349d330e702fa4ef28f85a522bfdc49e34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:25:48 GMT
via: 1.1 google
x-cdn: 3
age: 4532313
x-guploader-uploadid: ABPtcPq1lzPo77FJ-mP9TNh_k8kwJfiJrYsAn7-m-uc_upXxF46-dSZjpmIpIKxM3nT6MiKvRUPt7L9jW_v2OXQ7iFbUPw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37535
last-modified: Mon, 30 Oct 2023 18:22:34 GMT
server: ECAcc (frc/4CB4)
etag: "cd9549ec19fd2aec164a80d000cc1007"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698690154794902
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=lEAx8w==, md5=zZVJ7Bn9KuwWSoDQAMwQBw==
x-goog-stored-content-length: 37535
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: hit
expires: Tue, 17 Dec 2024 14:25:48 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 131ms
131ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=SYD3myB6hTeFZCyH4AWiYP&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=211.10000038146973,119,1,414.3999996185303
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:50 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 217.114.218.26
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 009cr3frg6ds46olrea0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 0DC1 35 B
445 B 132ms
132ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=b3m7bwbuzGSH7mPH3qPv66&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=36.299999713897705,34.700000286102295,1
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 14:25:50 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://btm-btm-btm.lpages.co
X-Forwarded-For: 217.114.218.26
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 009cr3gtanvaaeob067g

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 28ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDYSD5C2HD&gtm=45je3bt0v9125329637&_p=1703341545203&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=433203033.1703341546&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703341545&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&dt=%22Cut%20%26%20Paste%22&en=scroll&epn.percent_scrolled=90&_et=49&tfd=7979
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444z8812088355&_p=1703341545203&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=433203033.1703341546&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1703341545&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D6810041ce2d74367b8e61dae955ae868%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Djchospice08%2540live.com%26iocid%3D%26aff%3D82%26creative_id%3D%26oid%3D120%26message_id%3D%26link_id%3D&dt=%22Cut%20%26%20Paste%22&en=fetch_user_data&epn.variant_id=0&_et=26&up.custom_client_id=433203033.1703341546.&upn.variant_id=0&upn.experiment_id=0&tfd=8010
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 14:25:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
79 B 134ms
133ms XHR
application/json 107.178.211.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=6810041ce2d74367b8e61dae955ae868&utm_source=82&utm_campaign=&utm_medium=&id=jchospice08%40live.com&iocid=&aff=82&creative_id=&oid=120&message_id=&link_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 14:25:51 GMT
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time: 2
content-length: 16

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 17:10:27	Name: view.bb4wMKcXKB896PwqF4vMVT-default-prop.rxn3K9Ww42mqevm3tZeLiZ Value: 1703341546000
.clkmg.com/	1970-01-21 01:54:37	Name: vid Value: 936463747
.go.behindthemarkets.com/	1970-01-21 01:56:03	Name: _vwo_uuid_v2 Value: D60284988D91097FBA079E1A8A6B9B2FF\|941d75641275fd03075396b80b44176b
.behindthemarkets.com/	1970-01-20 19:18:37	Name: _gcl_au Value: 1.1.363172586.1703341545
.behindthemarkets.com/	1970-01-20 19:33:01	Name: _vis_opt_s Value: 1%7C
.behindthemarkets.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.behindthemarkets.com/	1970-01-20 17:10:27	Name: _gid Value: GA1.2.1827630194.1703341546
.behindthemarkets.com/	1970-01-20 17:09:01	Name: _gat_UA-102395123-1 Value: 1
.behindthemarkets.com/	1970-01-21 02:45:01	Name: _ga Value: GA1.1.433203033.1703341546
.behindthemarkets.com/	1970-01-21 02:45:01	Name: _ga_KDYSD5C2HD Value: GS1.1.1703341545.1.0.1703341545.60.0.0
js.center.io/	1970-01-21 02:45:01	Name: centerVisitorId Value: V2DmUWbPQj8FCvsiDV8Yir
.behindthemarkets.com/	1970-01-21 02:45:01	Name: _ga_8R6YNFMJ23 Value: GS1.1.1703341545.1.0.1703341545.60.0.0
.criteo.com/	1970-01-21 02:30:37	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:30:37	Name: uid Value: ffad09c6-4116-4811-ac3e-60b99b902266
.behindthemarkets.com/	1970-01-21 02:38:25	Name: cto_bundle Value: KcLawV9GJTJGc29uZ2VsUUhGdmZYMkFmdVJTbVV6M2RtUjRGbiUyQjROeWVnREtTN044JTJGeUVoTFNtUk5ic3IlMkJWbiUyRmxmeTA0RlFLaENzTUF3Zk4wcExsWU8yMVp1cVBlY1FNMUMxU3lLOUwxZHVHbmZWZWxPVDQ4a3haZTJ5aHVoJTJCaWxQcDZ6anpKQXpzOE15bVV1NVBZdVY4UHJLaWNBUTVTNFY4azFrTFNFN3pIMjZScEklM0Q
behindthemarkets.app.optipub.com/	1970-01-20 17:52:13	Name: optipub Value: eyJpdiI6Ink5cnhLL0NPQlNLVGlBNUFNWkpUTHc9PSIsInZhbHVlIjoiUlZnOGEyRDZxRnJoVnRhWjdzOFVWRUNwdUJCaS9vQU92amloWWlscEZGdzRWYlEzYXpJdmR0NDdtWUFHWlBOc0N6YlVGVjZVcUw2ci9NcUZTeU1kbEVnWXRZOWlaQkxocnl1NFU0RDVwN1NmZXl2eUhjU3g4OVlrWlV4VFFid1RvWG9KZDhPVUtTeVAzbmdoUTVRSm5FaFJlaDRCNHZGQ05MNWRmZEVrTVpwYldvL0tkUUw0ME1seWQySjZNUWhwOGpLbytIanJDMHdaeUU3NWRveHVGUHBmM01DYnU0Tzh4MlVoM1RqUWozY1V3Z3QzQUJoS1pYV0libktUWmxmSU1RTFFFNG1hZStUR3lvdHdoSG4xNlB4SFhZZEdLNW8zd1E1Wm11ZlFpVEdMVkpRcXNCZW1pRTNzbmV5dnQ3djduN1pPdnhKemtsMmNMTzJHK1Z5Smt4TlFxZTAzL2pBV2xKVUoyV05IaVBjVSsvdjEwdzRoazJnZS9kYzFLUTdZclEzSjRnd1R2SXc5N3FTL0tvWEpsK2NTbGJNTDE5aGVTVk4zeFpTbWh6cW1TYWQ0Y1FOSXptUHhTMVNGZHhUU3l5QzQwc0tubitoMzBvVEF1akZUQzhiZlFLWmVFWnoydzg5cVYveGtudFpjQWMrSFpRWGZpUnR3U2xqSEh1MkdTb3lnYWdJR1dxYzNibHFiSUNLc2JWMlFSWDQ5VklxTzRoRTMvUEs3TndFPSIsIm1hYyI6Ijk3OTRkMzA4ZmZhMjY5YTJiYTFiMzI2ZjQyOTY3MTUxNmE4NmUxOGEwMThjYTRhMjE5MjMyMjIyMWI5NWEyY2YifQ%3D%3D
go.behindthemarkets.com/	1970-01-21 02:45:01	Name: bitmovin_analytics_uuid Value: e3911e1d-e041-4381-a34e-770f585f35f3
.adnxs.com/	1970-01-20 19:18:37	Name: uuid2 Value: 2899154992268298749
.doubleclick.net/	1970-01-21 02:30:37	Name: IDE Value: AHWqTUnCMGyLS7IVKvMNaoN_3lwDamhxmIs0CLY83SGv12EVMe2W205TmWACB0mZvFA
.media.net/	1970-01-21 01:54:37	Name: visitor-id Value: 3463431468281016000V10
.media.net/	1970-01-20 17:52:13	Name: data-c-ts Value: 1703341546
.media.net/	1970-01-20 17:52:13	Name: data-c Value: k-5xlF4uWjM5PSyR9bWe0q9MOzpHI5LaCSk6Hxgw~~3
.adnxs.com/	1970-01-20 19:18:37	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E>5vy>xp!]tbPl@/D!9hy6]/CwgW5:>w24i(y84f)>efB/5/j^>?kB#C%dttx8_MlTbki(_)??l!qkpb7hbpRzqF1`bc#j+[Pjy
.demdex.net/	1970-01-20 21:28:13	Name: demdex Value: 08174520589519599603581979227335538502
.casalemedia.com/	1970-01-21 01:54:37	Name: CMID Value: ZYbt6l83Q9w5CJRZz1VoMQAA
.casalemedia.com/	1970-01-20 19:18:37	Name: CMPS Value: 2201
.casalemedia.com/	1970-01-20 19:18:37	Name: CMPRO Value: 2201
.dpm.demdex.net/	1970-01-20 21:28:13	Name: dpm Value: 08174520589519599603581979227335538502
.omnitagjs.com/	1970-01-20 17:52:13	Name: ayl_visitor Value: 29558065aacdc8082e082a4e272475a2
exchange.mediavine.com/	1970-01-20 17:29:11	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2229a7aa30-a19f-11ee-a303-791f30422319%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:29:11	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2229a7aa30-a19f-11ee-a303-791f30422319%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:29:11	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2229a7aa30-a19f-11ee-a303-791f30422319%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:29:11	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2229a7aa30-a19f-11ee-a303-791f30422319%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:29:11	Name: criteo Value: %7B%22id%22%3A%22k-Av3NJ-WjM5PSyR9bWe0q9MOzpHKtiKDTLsEShg%22%2C%22version%22%3A%22criteo%22%7D
.krxd.net/	1970-01-20 21:28:13	Name: _kuid_ Value: P_fyTg71
.postrelease.com/	1970-01-21 01:54:37	Name: opt_out Value: 1
.tremorhub.com/	1970-01-21 01:54:58	Name: tvid Value: a3d733a100c04107bbca25c70bb36353
.tremorhub.com/	1970-01-20 17:52:13	Name: tv_UICR Value: k-e9f7oOWjM5PSyR9bWe0q9MOzpHLfgl1J7cTBVQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
analytics-ingress-global.bitmovin.com
api.leadpages.io
beacon.krxd.net
behindthemarkets.app.optipub.com
btm-btm-btm.lpages.co
click.makes.readysteadyprofit.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dev.visualwebsiteoptimizer.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
embed.lpcontent.net
exchange.mediavine.com
fast.vidalytics.com
fonts.googleapis.com
fonts.gstatic.com
go.behindthemarkets.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
js.center.io
lh3.googleusercontent.com
licensing.bitmovin.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.leadpages.net
stats.g.doubleclick.net
stats.vidalytics.com
sync-t1.taboola.com
sync.outbrain.com
tracking.readysteadyprofit.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.behindthemarkets-btm.com
www.clkmg.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
107.178.211.97
128.245.210.67
13.248.245.213
141.226.228.48
141.95.98.65
142.250.186.130
142.250.186.98
172.64.151.101
178.250.1.9
18.158.234.201
185.64.191.210
192.229.220.49
2.16.97.41
2001:4860:4802:34::36
2001:4860:4802:36::15
23.35.237.75
23.50.131.84
2600:1901:0:df23::
2600:1f18:612b:4200:b09e:1b27:866b:9422
2606:4700:3035::ac43:ddfe
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9b
2a02:2638:3::c
2a02:2638:3::e
2a06:98c1:3120::3
3.13.78.215
3.66.82.152
3.75.62.37
34.107.203.240
34.117.157.22
34.225.139.193
34.96.102.137
35.190.27.197
35.192.151.63
35.202.21.90
37.157.6.232
37.252.171.149
50.97.212.250
52.214.3.70
54.165.111.121
54.247.25.231
54.78.81.45
54.93.144.24
64.202.112.191
69.173.144.138
74.119.119.150
85.215.5.31
89.149.192.74
95.101.148.20
99.80.37.51
007a4f37862f0939b008ddc457ce5f3ec02e6fe5cb2fb1f0f5fddc4e03170695
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
13f18d7f9ac5a8a594178984415834fb1911f184513945fbd5b01e9a7fa770fd
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
15dea211620c6e64debe432746f4a2cb252309620aac04e97216fb3820836980
222c3c35804605dc9f4a0c763c03a527c4373e176d7ddef602fb88a91493a1b8
2b0bc550b2b7d9344115e8e48ed504bcebdada7f826153e3c3a9f5f6d41efb35
2b1b4ae8f01d381a1856eb29539ef696f43a9ae59063cbc0b91c3130cf7e102a
2dbd2b49d1c4bcaa27f2e8f1b02ce5f8d313b8a5de7ddf887d8f072c9aad95e9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e4b1183a5b239c1b7a8e5160765664accc2929fcf49d8db574d6c56bcc2681
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e44648046739e4b7154423ac54cf276f164c7e1be61f22c31fb40eba5dc4e67
4040a23249be37ba8f08aa69ea757a96373730cfdc45fe628cc0636bfbeeba1a
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
448ed85ace521ff08cc022ead427fd0bee8d4a2c962c00f36d18405e83a65946
4737c533bc72f928e385295d4ffe2f3ff1ffa70c1d3028c26388e102ec457fa2
485d0a2a7c707b0f44bcd5cf9d4de4bbd49a866c284d41a89079531543d40270
4ad3d2fd40ab944ee1e1cf13f5b074f989402a1bcc94f77bdca2cc8a403a61ff
4adf6645be1e84aca4a55820afe02bae1ccc296a7a53fd2ddffaa0c55176474f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3db361c6f2df88d7876742ab9f16c25b1dd78f6519e6652fc939f311cd7e6b
4ebcb4e7f3af156ac8ad1bcaac06f5d00cb2188e4d58b4d6b6e53bd6fbeb5e7f
506483c00673a966b4b90c3169c9488ae3546235380ef89c270c988aa80eef8c
51f790270b3ab8d8694126f30bd1db23957f1b58f4aa4da376c19aca556e01b0
523b86e839dabdb3becfab86a031b06d23ea1eaa162c2a274e3725bbb06574b5
5286fab6b02ce50b695b21b135945ec6e4409bfc7d156e2d7ac156f3ff714cba
530a8eecb4ed2f70062659424d6ae1b929319154d02c665e07686ce7348f2639
539e17843e478a8dbd8b66ef493c594265ad4758100712815a99d6faa6cbc7c7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58d4b1bd9484ebd342399e408daeaa337b1c935091bd22c8d6ae49e1f828cb02
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5f9a150ebeeb2bb21f45bdc1675252fade3d8550dc8f22403e907f6be1c9adc9
6156ae539e99257a3ff54ba1e531a73b8800c443d0d7c3d38e9dcf657464944a
61a447ee32060675d1fcbc65d46f29dbae28149a3f7df1ebe00341ee644fc358
6253792ac39f6b3058e8f784ca2df8635cc76895d5cd52987ff221f343e8243e
692b8fd4b2c0b3525a161f23d1908ed0a459540dfce7e877d5fd5e7159ff679b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
7196c1775f446c320b40f2e845a241770ca9ba08addced7071665f1233d210e5
7982306e2c44cb7e0cc75b86d0bd821a51344dd0fb06eef5e087a49d7df77cc9
7ac306587d4e2923ea174cd591292fac1c98f661606fe7021215f26f320c1e71
7f40c4189000d65cb1aec66af5224091b29a09dd0036c345903bfd7729b03ce9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8642d1a52a420f927fca305679d9264b7f41b7b1422721520a39d394b933523d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
90624be28d253f693444e9b7f1b81bc07183afe3f4c7adafbd9dcbfb9f40c701
94894d4b7017896ce8762a5c2182b732dd1bfeb6dd62024074b1b836f8ec2264
9606516393d832a0aab5faf1918fa8ab4058b00d533a5423a170671ecb82cc73
96ef51265622731160944effe121e82dd197ce8a0d15f4a53b86abb74f17582f
982db6198eb915733f7321be61bb81d8c2977b1e0b62c48a6f5d7a1170980662
98aa670b53495c75ce89fdbe5746b02d214ecd3e09e37f1ff0986d4c79e31e3f
9aacbafe87976f7ba4b7c73c887d684bbc8b819516e3cb0d1186c2279ee8908f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a46b2420feae07e98e0ef37390bccf551c3307a1a409ad330a83bc8798b682cd
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
a9c67bc96105a3572353b94a5153184e4203d10e64f58f895bc2dd9817d4193e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28d34e4dda787dc50a53c1f6d7b391e9bb67630eaf5d685d9b623d78cfd094a
b5bbf9f792667b0e5534329b2b93b5327682e12b74be5163b1606f4a82ef882e
b617b1ddc40f652bb9579e193c690169647a0efac583b84a94d28b652394dc81
bae72ea2a056b660b2aa5a28de47d0b4758ce08079c92c10243f045c5532594d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be87735a9fe0dc9e88b7e7ded095080c70ffe0697b632fd5cb5980b5717f9059
c1b1a2dab675ef9abe29f66de67232fa11dedab25f70969dc31589df2e1d1f5c
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a
ca78c0a9da68647d399ea96e1ae090083ee80e30421a9b99a3ec7988df904c90
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d0ec1c852207a87c95edd39a19cd73b12115a0122305f08329f5b1d80f86037a
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e
d59a74862cc6c91ca00868fe7af4d67ee75532aab80a7c4f9922b50a8691d81f
d9d4bc795980bac0921b01b39c6d703056a854b1f6eeb08c2a95dd81b3c44f3b
dcd128c8f346b3effe3ade4904eab517b440719d60af52ddcf4b90aefd9340a0
dd95edf2b0183e0db26418ef18f8621cce80c8b88e80a6dbdc3e821dfc460bb0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee08bb2a5d1e7a926522786840f4841622f88d5948aa963eb5f4466ee1192cd
df9dde0f6cd65bdb8fbfd852cc1a2b6a17a1600fdb29eec3ebd6d04368dd03c3
e1593f989bc71975b054e1f520b562551eb15397a4ade1656b988a59e020dd0e
e172866fe7f3285ec71b5c924d8689466ad4173d55e531fa338c270b526e0111
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d3ad3e03f22edbbb6bad690168cbe021e350a079a7c39e5d1338994eaa7b4d
eb76a58ac33836e37289951ca7159f13a1e60bfb536c86ff2c82084d9bfe95b5
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33d40462e6fc3bf78ca609f5a7d7d7586797ac22d2cf1a59c5915974b1b4a31
f6918eef0e75adf72c3938a26e8aca349d330e702fa4ef28f85a522bfdc49e34
fab9e1396115364c5261d831d9a026595ff056e9f82ea765a3e33ca980318c83
fbd1f6154a86a6b879f908847dcabb938d6716b66df5e0a1c0aefe8f5e58cd02
fd02891c4206d809c9821984bda7ea22c7541a2db80ffb0ccc9ec2452327dbbb

go.behindthemarkets.com Open in urlscan Pro 35.202.21.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

93 %HTTPS

30 %IPv6

50 Domains

61 Subdomains

54 IPs

8 Countries

13864 kBTransfer

17023 kBSize

38 Cookies

4 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.behindthemarkets.com Open in urlscan Pro
35.202.21.90 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

93 %
HTTPS

30 %
IPv6

50
Domains

61
Subdomains

54
IPs

8
Countries

13864 kB
Transfer

17023 kB
Size

38
Cookies

145 HTTP transactions
2 data transactions