go.behindthemarkets.com Open in urlscan Pro
35.202.21.90  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

• https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=XMuXN3xDVStscXlSMWlNTnJDN25EMWMrRDEzaGxScGVHZU0xZUd2YXdmcGhncUpvV1dJaWh0dFNxSzR6V1kvN1JUNVZNYStwZ0RFcmVTWUsvcFU3eXF2TEFmVnV1Q1pySDE5NFVLbWp2d01rYUJPb3VHNDZqQjBIZnVvbXhsWmprb1FacGR0OVVtQzZoU1NPNFRtZ3VPNGVTL25jSHErRlRyT3RjaU5FRW5LM1lpL3BwVkNJbzByR2NsL3Q1R0lOU04wZTd1S0dJb2h3bjVBK01GTGNXTEovMmgzTTVkWmNOZlJSVDNJTHhMSm1SSFFoS1ZmcnpDRkUzQk1NWjFRZzRJbkRaV3VpR245RkdFVXNlNzJaL1Flby9oRWsyaVdVSzdiWVVHTzR1REhobEYwYz18&cppv=2

Request Chain 57

• https://sslwidget.criteo.com/event?a=93258&v=5.13.0&p0=e%3Dce%26m%3D%255Bnull%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dnull%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Is7XWF9ETFlhMXBaemZOMXhHMHozem5wV29ieERDa0x0T1pZR1JSNlZPMmszblhHcnlkdDhLcSUyQnZTc3hmV1VTbGFwd0dGTVRZcWVzYUR0WkZnMFlaUm9qMXBGam04YlBSNEclMkJJYmtCeUZaczA5YVZVVCUyQk40elVMVEI2a1dDeW5DaVVnQnkyQVMlMkZLMDQzSzRCOHVLNEplVSUyQk1kYVZlSlg0cUx1Tk9ZTEF2JTJCUVhta2MlM0Q&tld=behindthemarkets.com&dy=1&fu=https%253A%252F%252Fgo.behindthemarkets.com%252Flimited-time-offer-4-video%252F%253F_ef_transaction_id%253D503c7149854d4f239257d3a9ea272aa3%2526utm_source%253D82%2526utm_campaign%253D%2526utm_medium%253D%2526id%253Dadrienne.dicecco%252540cna.com%2526iocid%253D%2526aff%253D82%2526creative_id%253D%2526sub3%253DB%2526sub2%253Dthedailylaunch.com%2526sub4%253DBTCV20%2526sub5%253D%2526oid%253D22&dtycbr=55148 HTTP 302
• https://widget.us.criteo.com/event?a=93258&v=5.13.0&p0=e%3Dce%26m%3D%255Bnull%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dnull%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Is7XWF9ETFlhMXBaemZOMXhHMHozem5wV29ieERDa0x0T1pZR1JSNlZPMmszblhHcnlkdDhLcSUyQnZTc3hmV1VTbGFwd0dGTVRZcWVzYUR0WkZnMFlaUm9qMXBGam04YlBSNEclMkJJYmtCeUZaczA5YVZVVCUyQk40elVMVEI2a1dDeW5DaVVnQnkyQVMlMkZLMDQzSzRCOHVLNEplVSUyQk1kYVZlSlg0cUx1Tk9ZTEF2JTJCUVhta2MlM0Q&tld=behindthemarkets.com&dy=1&fu=https%253A%252F%252Fgo.behindthemarkets.com%252Flimited-time-offer-4-video%252F%253F_ef_transaction_id%253D503c7149854d4f239257d3a9ea272aa3%2526utm_source%253D82%2526utm_campaign%253D%2526utm_medium%253D%2526id%253Dadrienne.dicecco%252540cna.com%2526iocid%253D%2526aff%253D82%2526creative_id%253D%2526sub3%253DB%2526sub2%253Dthedailylaunch.com%2526sub4%253DBTCV20%2526sub5%253D%2526oid%253D22&dtycbr=55148

Request Chain 70

• https://x.bidswitch.net/sync?dsp_id=46&user_id=k-sSH3dhDqKl0nChJsns5SejUyWy2qsG1BFFxu3g&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-sSH3dhDqKl0nChJsns5SejUyWy2qsG1BFFxu3g&expires=30

Request Chain 71

• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-h3dUNBDqKl0nChJsns5SejUyWy19COHbAs5BKg&google_cm&google_hm=ay1oM2RVTkJEcUtsMG5DaEpzbnM1U2VqVXlXeTE5Q09IYkFzNUJLZw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-h3dUNBDqKl0nChJsns5SejUyWy19COHbAs5BKg&google_cm=&google_hm=ay1oM2RVTkJEcUtsMG5DaEpzbnM1U2VqVXlXeTE5Q09IYkFzNUJLZw&google_tc= HTTP 302
• https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-h3dUNBDqKl0nChJsns5SejUyWy19COHbAs5BKg&google_gid=CAESEPDKK7aEB2xfhMdmIp18xlk&google_cver=1&google_ula=913071,0

Request Chain 72

• https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
• https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1747222215194780235

Request Chain 73

• https://secure.adnxs.com/setuid?entity=52&code=k-wWW94xDqKl0nChJsns5SejUyWy1wwAw0qa_2Eg HTTP 307
• https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-wWW94xDqKl0nChJsns5SejUyWy1wwAw0qa_2Eg

Request Chain 81

• https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IJ10txDqKl0nChJsns5SejUyWy3R4PvQd7y4iA HTTP 302
• https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IJ10txDqKl0nChJsns5SejUyWy3R4PvQd7y4iA&verify=true

Request Chain 84

• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_Mmx2hDqKl0nChJsns5SejUyWy087skatWoNpg HTTP 302
• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_Mmx2hDqKl0nChJsns5SejUyWy087skatWoNpg&C=1

Request Chain 85

• https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
• https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Dnr6vDp6ymNdh-_aZ-QYU5QNIsNl8i5D HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Dnr6vDp6ymNdh-_aZ-QYU5QNIsNl8i5D

Request Chain 87

• https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Ud7ncRDqKl0nChJsns5SejUyWy1hV_3zNS23Vw HTTP 302
• https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Ud7ncRDqKl0nChJsns5SejUyWy1hV_3zNS23Vw

Request Chain 103

• https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OYriJhHgTlWHWqYogVecfgr71T3sVXxj

Request Chain 110

• https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
• https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=lqvELrCxgQrvVJz4vb06ildMwiQDV_LC

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response go.behindthemarkets.com/limited-time-offer-4-video/	94 KB 19 KB	671ms 284ms	Document text/html	35.202.21.90 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 90.21.202.35.bc.googleusercontent.com Software Leadpages / Resource Hash 60ba272945d613eb945c1febd2840d305d589cff76b72b40ceb06af6c580d3c3 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding br content-type text/html date Fri, 03 Mar 2023 20:51:38 GMT etag W/"4bdd92065862e965dbcc954daae86f61" last-modified Tue, 21 Feb 2023 15:00:40 GMT server Leadpages strict-transport-security max-age=15768000 vary Accept-Encoding x-cache MISS, HIT
GET H2	200	all.min.css static.leadpages.net/fonts/font-awesome/5.14.0/css/	58 KB 15 KB	166ms 40ms	Stylesheet text/css	34.107.203.240 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 240.203.107.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 00:01:16 GMT content-encoding gzip via 1.1 google server Google Frontend age 75023 etag "FTvmgg" vary Accept-Encoding content-type text/css access-control-allow-origin * x-cloud-trace-context 3f89b57e3ec2e77e5d4290df867358e2 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14628 expires Sat, 02 Mar 2024 00:01:16 GMT
GET H2	200	css fonts.googleapis.com/	17 KB 1 KB	203ms 76ms	Stylesheet text/css	2a00:1450:400d:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700 Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e521a829429ec1a0cc8cb3083f82969686196aae31a198e680e360517aaf18a8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 03 Mar 2023 20:51:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 03 Mar 2023 20:51:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 03 Mar 2023 20:51:39 GMT
GET H2	200	embed.js Show response embed.lpcontent.net/leadboxes/current/	42 KB 15 KB	204ms 40ms	Script application/javascript	34.107.203.240 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://embed.lpcontent.net/leadboxes/current/embed.js Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 240.203.107.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:50:55 GMT content-encoding gzip via 1.1 google server Google Frontend age 44 etag "FTvmgg" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-cloud-trace-context 8eaf9eaed1bdb6737b540f7c859aefdd cache-control public, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14811 expires Fri, 03 Mar 2023 20:55:55 GMT
GET H2	200	center.js Show response js.center.io/	12 KB 5 KB	211ms 48ms	Script application/javascript	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://js.center.io/center.js Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:50:52 GMT content-encoding gzip server Google Frontend age 47 etag "OMWYXg" content-type application/javascript x-cloud-trace-context c57551ce82f170f41ee18e67306a27f6 cache-control public, max-age=300 content-length 5417 expires Fri, 03 Mar 2023 20:55:52 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	247 KB 82 KB	217ms 90ms	Script application/javascript	2a00:1450:400d:80d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 995487a85297927bc382ba46219895387cd8846ef10b9609752dc232fad27538 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83436 x-xss-protection 0 last-modified Fri, 03 Mar 2023 18:36:12 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 03 Mar 2023 20:51:39 GMT
GET H2	200	4GME6NJIPIHTnjzsOjfexcWeo6hgIbdckXLIW1KOHqM2j6WmpekhnI4_HbvMRAyEftfgGtXTk0OOLNZ380cflg=s16 lh3.googleusercontent.com/	520 B 818 B	178ms 52ms	Image image/jpeg	2a00:1450:400d:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/4GME6NJIPIHTnjzsOjfexcWeo6hgIbdckXLIW1KOHqM2j6WmpekhnI4_HbvMRAyEftfgGtXTk0OOLNZ380cflg=s16 Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e9d3ad3e03f22edbbb6bad690168cbe021e350a079a7c39e5d1338994eaa7b4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 19:35:12 GMT x-content-type-options nosniff age 4587 content-disposition inline;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 520 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 15 Feb 2023 22:45:10 GMT
GET H2	200	loader.min.js Show response fast.vidalytics.com/embeds/PzpZ_7KZ/w120zZAFZVu7eHuU/	42 KB 12 KB	565ms 359ms	Script application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/embeds/PzpZ_7KZ/w120zZAFZVu7eHuU/loader.min.js Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software SP / Resource Hash 782d49cbc8b2c3b4d85101e5ba97a5f86c74fc40fbcfda6a543b6f623acee493 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:39 GMT via 1.1 varnish, 1.1 varnish content-encoding gzip x-cdn 4 age 0 x-guploader-uploadid ADPycds1VOX47rAv_0HoQzXA6i4KRjWifijyX8qo1U7CkNRIfwO685-NcKsB-cfMKLgf8H5Uk_w28LEYXJVwB7K9fPJ5X9Cq4p1R x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 last-modified Thu, 12 Jan 2023 02:22:09 GMT server SP x-timer S1677876700.649634,VS0,VE144 x-cdn-info loader etag "752e7f0258a181b11fc8a168426e254c" vary Accept-Encoding x-goog-generation 1673490129279560 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=OQDeJg==, md5=dS5/AlihgbEfyKFoQm4lTA== access-control-expose-headers Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by cache-control public, max-age=180, s-maxage=180 x-hw 1677876699.cds273.fr8.hn,1677876699.cds273.fr8.sl x-goog-stored-content-length 10529 accept-ranges bytes expires Fri, 03 Mar 2023 19:16:59 GMT
GET H2	200	4GME6NJIPIHTnjzsOjfexcWeo6hgIbdckXLIW1KOHqM2j6WmpekhnI4_HbvMRAyEftfgGtXTk0OOLNZ380cflg=w1600 lh3.googleusercontent.com/	67 KB 67 KB	176ms 80ms	Image image/jpeg	2a00:1450:400d:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/4GME6NJIPIHTnjzsOjfexcWeo6hgIbdckXLIW1KOHqM2j6WmpekhnI4_HbvMRAyEftfgGtXTk0OOLNZ380cflg=w1600 Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 33e4b1183a5b239c1b7a8e5160765664accc2929fcf49d8db574d6c56bcc2681 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:39 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68243 x-xss-protection 0 expires Sat, 04 Mar 2023 20:51:39 GMT
GET H2	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v28/	45 KB 46 KB	271ms 144ms	Font font/woff2	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://go.behindthemarkets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 12:08:31 GMT x-content-type-options nosniff age 117788 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46524 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:58:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Mar 2024 12:08:31 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	180ms 52ms	Font font/woff2	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://go.behindthemarkets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 19:34:57 GMT x-content-type-options nosniff age 91002 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Mar 2024 19:34:57 GMT
GET H2	200	AlZy_zVFtYP12Zncg2kRcn35.woff2 fonts.gstatic.com/s/rozhaone/v13/	18 KB 18 KB	252ms 127ms	Font font/woff2	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rozhaone/v13/AlZy_zVFtYP12Zncg2kRcn35.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Open+Sans:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://go.behindthemarkets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 12:59:27 GMT x-content-type-options nosniff age 114732 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18176 x-xss-protection 0 last-modified Wed, 27 Apr 2022 15:29:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Mar 2024 12:59:27 GMT
GET H2	200	/ Show response btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/ Frame A372	87 KB 18 KB	641ms 284ms	Document text/html	35.202.21.90 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&aff=82&creative_id=&id=adrienne.dicecco%40cna.com&iocid=&oid=22&sub2=thedailylaunch.com&sub3=B&sub4=BTCV20&sub5=&utm_campaign=&utm_medium=&utm_source=82 Requested by Host: embed.lpcontent.net URL: https://embed.lpcontent.net/leadboxes/current/embed.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 90.21.202.35.bc.googleusercontent.com Software Leadpages / Resource Hash 3652968ae523db986de0345fd116926abfa0bbf2ef48c57ed6ecc93973ede842 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://go.behindthemarkets.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding br content-type text/html date Fri, 03 Mar 2023 20:51:39 GMT etag W/"67463d53098fcd958662a22599491154" last-modified Fri, 01 Oct 2021 20:54:56 GMT server Leadpages strict-transport-security max-age=15768000 vary Accept-Encoding x-cache MISS, HIT
GET H2	200	identify.html Show response js.center.io/ Frame B37E	4 KB 2 KB	49ms 48ms	Document text/html	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://js.center.io/identify.html Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110 Request headers Referer https://go.behindthemarkets.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 236 cache-control public, max-age=300 content-encoding gzip content-length 2016 content-type text/html date Fri, 03 Mar 2023 20:47:43 GMT etag "OMWYXg" expires Fri, 03 Mar 2023 20:52:43 GMT server Google Frontend x-cloud-trace-context e3ab4d17e31b0750d4157f489639a47f
GET H/1.1	200 OK	capture Show response api.leadpages.io/analytics/v1/events/	35 B 683 B	491ms 150ms	XHR image/gif	35.192.151.63 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=rxn3K9Ww42mqevm3tZeLiZ&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=d4X2nC6vJ6SPB7HEka9B5i&sid=AqB4b34RAhBAA24MqmByGm&cid=lp-rxn3K9Ww42mqevm3tZeLiZ&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D503c7149854d4f239257d3a9ea272aa3%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dadrienne.dicecco%2540cna.com%26iocid%3D%26aff%3D82%26creative_id%3D%26sub3%3DB%26sub2%3Dthedailylaunch.com%26sub4%3DBTCV20%26sub5%3D%26oid%3D22&rf=&rx=1600&ry=1200&tz=%2B00%3A00 Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 03 Mar 2023 20:51:39 GMT Server Stargate Transfer-Encoding chunked access-control-max-age 600 Content-Type image/gif access-control-allow-origin https://go.behindthemarkets.com X-Forwarded-For 80.255.7.106 access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 07b2sp4uuvtvk5us9s70
GET H2	200	optimize.js Show response www.googleoptimize.com/	112 KB 44 KB	231ms 78ms	Script application/javascript	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=OPT-K7WPB5K Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d1ac193eae2c6cf805d871246ee83d634f135e74c7b2917a8ea19bbbe9376810 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45029 x-xss-protection 0 last-modified Fri, 03 Mar 2023 18:36:12 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 03 Mar 2023 20:51:39 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	179ms 52ms	Script text/javascript	2a00:1450:400d:805::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 03 Mar 2023 19:17:30 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 5649 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Fri, 03 Mar 2023 21:17:30 GMT
GET H2	200	everflow.js Show response www.behindthemarkets-btm.com/scripts/sdk/	58 KB 19 KB	152ms 50ms	Script text/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc4cae14b015c903e03c64ff7591076902d2140bd0da5ea9115c5ec9783f6872 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:39 GMT via 1.1 google content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 16 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 03 Mar 2023 20:51:23 GMT accept-ch Sec-Ch-Ua-Platform-Version server cloudflare vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZzU8AWnRCmxZxMPhLxG0TT%2BZAm9xUgnzIY6OMh8uC%2F%2BydAOJ3tBr93gtlLuLhUELbFAcpY9k%2FhJSzZFN%2BjHJhBkrSPeBIF1mFpxgfmF3bwVDgI%2FtXqloJ14cVpHpBtHOJhB8SZ5bR4xS%2B0m0yFO%2FEoCP8JNhnFWF%2Buu"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 x-eflow-request-id 99e7b820-ba46-4724-8af4-961c03b4babd cf-ray 7a24c23d3804bba1-FRA
GET H2	200	ld.js Show response dynamic.criteo.com/js/ld/	43 KB 15 KB	686ms 83ms	Script application/javascript	2a02:2638:3::e ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dynamic.criteo.com/js/ld/ld.js?a=93258 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash a460a51220ab87ae657802f94b4898b11ec1cf6e3053a949bebfcd689cb5b83f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:39 GMT content-encoding br strict-transport-security max-age=31536000; preload; server Kestrel vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public,max-age=10800 cross-origin-resource-policy cross-origin timing-allow-origin *
GET H2	200	/ Show response load.sumo.com/	2 KB 2 KB	203ms 45ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/ Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash 75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:39 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id EPG7GP8WPG63FZT2 cdn-cachedat 02/11/2023 19:24:49 cdn-pullzone 53731 x-amz-id-2 o7ZrL++ogcCCWxmGu5SuAMvJREO0AqJMzOCWGaJZ6fHthbVMXCv0vY1kkN16FKZt4ckGhdmXG3c= last-modified Wed, 05 Oct 2022 16:50:13 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"415c9608bc47ee8a16b3a2f2c0aee7b0" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=600 cdn-requestid 8331ca1e1f66758526addd962b496ae3 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	240 KB 80 KB	90ms 90ms	Script application/javascript	2a00:1450:400d:80d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6c31d217ce7a6891bac931ee86f48603c6f1a165e9f67a7a311b1c8c4ed5df89 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81657 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 03 Mar 2023 20:51:39 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 259 B	164ms 48ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3310&_p=7249313&_gaz=1&cid=1103588713.1677876700&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677876699&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D503c7149854d4f239257d3a9ea272aa3%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dadrienne.dicecco%2540cna.com%26iocid%3D%26aff%3D82%26creative_id%3D%26sub3%3DB%26sub2%3Dthedailylaunch.com%26sub4%3DBTCV20%26sub5%3D%26oid%3D22&dt=%22Cut%20%26%20Paste%22&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.behindthemarkets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 259 B	144ms 48ms	Ping text/plain	2a00:1450:4025:402::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8R6YNFMJ23&cid=1103588713.1677876700&gtm=45je3310&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.behindthemarkets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	215ms 89ms	Image image/gif	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=1103588713.1677876700&gtm=45je3310&aip=1&z=1561557561 Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:39 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	72.0a035390359aab65eb82.js Show response load.sumo.com/	131 KB 44 KB	123ms 122ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/72.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:39 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id QXYXK3VKEV2M3BKY cdn-cachedat 02/11/2023 19:24:51 cdn-pullzone 53731 x-amz-id-2 BsCIHIFV2zLGYi+3JA8aSIVluV2O/2IeSXYKey4cAhJsxlHgIZgrTdSW6PwGO+TY2AasBRQl9SY= last-modified Wed, 05 Oct 2022 16:49:50 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"a1c4ecc2ca5bc12d61068cd427f9729f" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 3742822cccb0d6b4ad74b4186bf83901 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	73.0a035390359aab65eb82.js Show response load.sumo.com/	289 KB 100 KB	45ms 44ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/73.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:39 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id 2WC38M39DG12FQMM cdn-cachedat 02/11/2023 19:24:50 cdn-pullzone 53731 x-amz-id-2 TP2NWbkjgphosi+ODgQJ3o+Jjcmy6JvrQyECyEE5L/6/wP87n8Bkq7fB7GYVJZL/EdLrKuBoI0A= last-modified Wed, 05 Oct 2022 16:49:51 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"ad6f2454f01de902ffd473d51c1207bf" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid ec30220ae2b04a65a73db65643fc91f7 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	player-dash-mse.min.js Show response fast.vidalytics.com/embeds/PzpZ_7KZ/w120zZAFZVu7eHuU/	2 MB 580 KB	442ms 59ms	XHR application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/embeds/PzpZ_7KZ/w120zZAFZVu7eHuU/player-dash-mse.min.js?hash=bwanznwu Requested by Host: fast.vidalytics.com URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/w120zZAFZVu7eHuU/loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software SP / Resource Hash e35c26198f8c51fcacd76b77bd2477e7a71c919b9e051d828c2b1e544116f2dc Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:40 GMT via 1.1 varnish, 1.1 varnish content-encoding gzip x-cdn 4 age 2096527 x-guploader-uploadid ADPycdu--u6KyvX-BNuKl0En8GdCHNLsUp289bIMr2YoWgxmC__6IIqkjeaWnl4JaMpXPcT6G9OOVH9erkKFUF3tiDNT7A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 last-modified Thu, 12 Jan 2023 02:22:09 GMT server SP x-timer S1677876700.252421,VS0,VE9 etag "29c502ef1185b507dd45771baadce9de" vary Accept-Encoding x-goog-generation 1673490129679532 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=h9R9nQ==, md5=KcUC7xGFtQfdRXcbqtzp3g== access-control-expose-headers Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by cache-control public, max-age=300, s-maxage=2592000 x-hw 1677876700.cds324.fr8.hn,1677876700.cds324.fr8.sl x-goog-stored-content-length 509674 accept-ranges bytes expires Thu, 09 Mar 2023 14:29:33 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 214 B	74ms 73ms	XHR text/plain	2a00:1450:400d:805::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=7249313&t=pageview&_s=1&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D503c7149854d4f239257d3a9ea272aa3%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dadrienne.dicecco%2540cna.com%26iocid%3D%26aff%3D82%26creative_id%3D%26sub3%3DB%26sub2%3Dthedailylaunch.com%26sub4%3DBTCV20%26sub5%3D%26oid%3D22&ul=en-us&de=UTF-8&dt=%22Cut%20%26%20Paste%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAACAAI~&jid=1570244929&gjid=1283774697&cid=1103588713.1677876700&tid=UA-102395123-1&_gid=1841976399.1677876700&_r=1&_slc=1&gtm=45He3310n81WNRH3TX&cd1=82&cd3=false&cd4=false&cd5=false&cd6=false&cd7=false&z=1542497072 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:39 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.behindthemarkets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	capture Show response api.leadpages.io/analytics/v1/observations/	35 B 445 B	432ms 144ms	XHR image/gif	35.192.151.63 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=QGZzTmDd3SUJEbBzXUExfp&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=386.8999996185303,1,zJjay9sRr7roU9gnb2NBZ7 Requested by Host: embed.lpcontent.net URL: https://embed.lpcontent.net/leadboxes/current/embed.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 03 Mar 2023 20:51:40 GMT Server Stargate Transfer-Encoding chunked access-control-max-age 600 Content-Type image/gif access-control-allow-origin https://go.behindthemarkets.com X-Forwarded-For 80.255.7.106 access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 07b2l2a8ut98d7g6pgkg
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	49ms 48ms	XHR text/plain	2a00:1450:4025:402::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-102395123-1&cid=1103588713.1677876700&jid=1570244929&gjid=1283774697&_gid=1841976399.1677876700&_u=aADAAEAAQAAAACAAI~&z=50505764 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 03 Mar 2023 20:51:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.behindthemarkets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	all.min.css static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame A372	58 KB 14 KB	41ms 40ms	Stylesheet text/css	34.107.203.240 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css Requested by Host: btm-btm-btm.lpages.co URL: https://btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&aff=82&creative_id=&id=adrienne.dicecco%40cna.com&iocid=&oid=22&sub2=thedailylaunch.com&sub3=B&sub4=BTCV20&sub5=&utm_campaign=&utm_medium=&utm_source=82 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 240.203.107.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 00:01:16 GMT content-encoding gzip via 1.1 google server Google Frontend age 75024 etag "FTvmgg" vary Accept-Encoding content-type text/css access-control-allow-origin * x-cloud-trace-context 3f89b57e3ec2e77e5d4290df867358e2 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14628 expires Sat, 02 Mar 2024 00:01:16 GMT
GET H2	200	css fonts.googleapis.com/ Frame A372	11 KB 906 B	76ms 75ms	Stylesheet text/css	2a00:1450:400d:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700 Requested by Host: btm-btm-btm.lpages.co URL: https://btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&aff=82&creative_id=&id=adrienne.dicecco%40cna.com&iocid=&oid=22&sub2=thedailylaunch.com&sub3=B&sub4=BTCV20&sub5=&utm_campaign=&utm_medium=&utm_source=82 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6b4320f64ed958970e7b5e545371627de694ec93a21c716ea27dce7c388339fa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://btm-btm-btm.lpages.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 03 Mar 2023 20:51:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 03 Mar 2023 20:51:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 03 Mar 2023 20:51:40 GMT
GET H2	200	click Show response www.behindthemarkets-btm.com/sdk/	86 B 686 B	177ms 175ms	Fetch application/json	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.behindthemarkets-btm.com/sdk/click?effp=5ef58b1e9373fd162ccb371793837f06&_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&oid=22&affid=82&__cc=&async=json&sub2=thedailylaunch.com&sub3=B&sub4=BTCV20&sub5=&source_id=82&creative_id= Requested by Host: www.behindthemarkets-btm.com URL: https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53d8d74393ab92446b51cbf3bd4d6320f2fd9279b37335e5031e8854c923c1cb Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:40 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ch Sec-Ch-Ua-Platform-Version server cloudflare vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbVKtrgA5mcRX1MkLcncgye6AJZYifCax8IZN4PTDBKwlReSZd5bth4z2SeO3KSAXarsMEkZ%2Byr8doUPDth1OUp9Gr2LGbu8NNsq%2B%2FIAY4JLYBu36Mr1eqp9D77%2FlE1BkcFUSR4Zl2Hk8HHdUfTN2zZ1UIjcioo%2B6wz8"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://go.behindthemarkets.com access-control-allow-credentials true x-eflow-request-id b38e8ce6-c0d6-48c7-a0fa-c39fe7b0d745 cf-ray 7a24c2402cbbbba1-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	217ms 89ms	Image image/gif	2a00:1450:400d:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102395123-1&cid=1103588713.1677876700&jid=1570244929&_u=aADAAEAAQAAAACAAI~&z=655121617 Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:40 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	91ms 90ms	Image image/gif	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102395123-1&cid=1103588713.1677876700&jid=1570244929&_u=aADAAEAAQAAAACAAI~&z=655121617 Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:40 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	center.js Show response js.center.io/ Frame A372	12 KB 5 KB	49ms 49ms	Script application/javascript	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://js.center.io/center.js Requested by Host: btm-btm-btm.lpages.co URL: https://btm-btm-btm.lpages.co/serve-leadbox/zJjay9sRr7roU9gnb2NBZ7/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&aff=82&creative_id=&id=adrienne.dicecco%40cna.com&iocid=&oid=22&sub2=thedailylaunch.com&sub3=B&sub4=BTCV20&sub5=&utm_campaign=&utm_medium=&utm_source=82 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42 Request headers accept-language de-DE,de;q=0.9 Referer https://btm-btm-btm.lpages.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:22 GMT content-encoding gzip server Google Frontend age 18 etag "OMWYXg" content-type application/javascript x-cloud-trace-context f8cabe0a568f15a2384d909e36b71b52 cache-control public, max-age=300 content-length 5417 expires Fri, 03 Mar 2023 20:56:22 GMT
GET H2	200	identify.html Show response js.center.io/ Frame 72A4	4 KB 2 KB	49ms 49ms	Document text/html	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://js.center.io/identify.html Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110 Request headers Referer https://btm-btm-btm.lpages.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 158 cache-control public, max-age=300 content-encoding gzip content-length 2016 content-type text/html date Fri, 03 Mar 2023 20:49:02 GMT etag "OMWYXg" expires Fri, 03 Mar 2023 20:54:02 GMT server Google Frontend x-cloud-trace-context cd31704687c584fb29b2758005c7377c
GET H2	200	syncframe Show response gum.criteo.com/ Frame 3048	15 KB 6 KB	318ms 51ms	Document text/html	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag Requested by Host: dynamic.criteo.com URL: https://dynamic.criteo.com/js/ld/ld.js?a=93258 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://go.behindthemarkets.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 03 Mar 2023 20:51:40 GMT server Kestrel server-processing-duration-in-ticks 931852 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	awesome-log Show response stats.vidalytics.com/	43 B 373 B	477ms 155ms	XHR image/gif	107.178.211.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 97.211.178.107.bc.googleusercontent.com Software istio-envoy / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:41 GMT server istio-envoy etag "PzpZ_7KZ/oqRbz0Wwxq2aqJs3" access-control-allow-methods GET, POST, PUT, OPTIONS content-type image/gif access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin, Cache-Control, ETag, etag cache-control no-cache, public, max-age=2592000 x-envoy-upstream-service-time 11 access-control-allow-headers Accept, Content-Type, Origin, Range, X-Requested-With content-length 43
POST H2	200	licensing Show response analytics-ingress-global.bitmovin.com/	117 B 378 B	236ms 49ms	XHR application/json	35.190.27.197 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics-ingress-global.bitmovin.com/licensing Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 197.27.190.35.bc.googleusercontent.com Software v1.55.1 / Resource Hash 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Mar 2023 20:51:40 GMT via 1.1 google server v1.55.1 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization content-length 117 alt-svc clear
POST H2	200	licensing Show response licensing.bitmovin.com/	165 B 451 B	317ms 159ms	XHR application/json	2600:1901:0:df23:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://licensing.bitmovin.com/licensing Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 03 Mar 2023 20:51:40 GMT via 1.1 google access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization content-length 165
GET H2	200	sid Show response mug.criteo.com/ Frame 3048 Redirect Chain https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=XMuXN3xDVStscXlSMWlNTnJDN25EMWMrRDEzaGxScGVHZU0xZUd2YXdmcGhncUpvV1dJaWh0dFNxSzR6V1kvN1JUNVZNYStwZ0RFcmVTWUsvcFU3eXF2TEFmVnV1Q1pySDE5NFVLbWp2d01rYUJPb3VHNDZqQjBIZnVvbX...	457 B 674 B	518ms 44ms	Fetch application/json	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=XMuXN3xDVStscXlSMWlNTnJDN25EMWMrRDEzaGxScGVHZU0xZUd2YXdmcGhncUpvV1dJaWh0dFNxSzR6V1kvN1JUNVZNYStwZ0RFcmVTWUsvcFU3eXF2TEFmVnV1Q1pySDE5NFVLbWp2d01rYUJPb3VHNDZqQjBIZnVvbXhsWmprb1FacGR0OVVtQzZoU1NPNFRtZ3VPNGVTL25jSHErRlRyT3RjaU5FRW5LM1lpL3BwVkNJbzByR2NsL3Q1R0lOU04wZTd1S0dJb2h3bjVBK01GTGNXTEovMmgzTTVkWmNOZlJSVDNJTHhMSm1SSFFoS1ZmcnpDRkUzQk1NWjFRZzRJbkRaV3VpR245RkdFVXNlNzJaL1Flby9oRWsyaVdVSzdiWVVHTzR1REhobEYwYz18&cppv=2 Protocol H2 Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 428708017d7591105864cae776e804f4acadce6add0154434836aba9f2c6b485 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:40 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1425021 expires 0 Redirect headers pragma no-cache date Fri, 03 Mar 2023 20:51:40 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=XMuXN3xDVStscXlSMWlNTnJDN25EMWMrRDEzaGxScGVHZU0xZUd2YXdmcGhncUpvV1dJaWh0dFNxSzR6V1kvN1JUNVZNYStwZ0RFcmVTWUsvcFU3eXF2TEFmVnV1Q1pySDE5NFVLbWp2d01rYUJPb3VHNDZqQjBIZnVvbXhsWmprb1FacGR0OVVtQzZoU1NPNFRtZ3VPNGVTL25jSHErRlRyT3RjaU5FRW5LM1lpL3BwVkNJbzByR2NsL3Q1R0lOU04wZTd1S0dJb2h3bjVBK01GTGNXTEovMmgzTTVkWmNOZlJSVDNJTHhMSm1SSFFoS1ZmcnpDRkUzQk1NWjFRZzRJbkRaV3VpR245RkdFVXNlNzJaL1Flby9oRWsyaVdVSzdiWVVHTzR1REhobEYwYz18&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 792253 content-length 0 expires 0
POST H2	200	/ Show response sumo.com/api/load/	873 B 1 KB	2343ms 211ms	XHR application/json	35.86.95.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sumo.com/api/load/ Requested by Host: load.sumo.com URL: https://load.sumo.com/73.0a035390359aab65eb82.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-86-95-232.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 677b3c87a797a8c8a4066ec98d942710e1937879130935e5c360d41cfdd51b17 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 03 Mar 2023 20:51:42 GMT server nginx x-frame-options SAMEORIGIN vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://go.behindthemarkets.com access-control-allow-credentials true x-robots-tag noindex, nofollow content-length 873
GET H2	200	stream.mpd Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/	2 KB 3 KB	50ms 50ms	XHR application/dash+xml	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/stream.mpd Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 14eb047d0aed701ce35c25b8a92c93192e3721aa9ba8965de191e6200825e3c5 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:40 GMT x-cdn 4 x-guploader-uploadid ADPycdumbOS5NvisZZSPqm5ITaEsOQLxaHhMDI4GVQmP9bIRWIH_5pNqL5_fed7tJVK0uJ-yI20wSjjTQSS6NkgynhsJK_5Tzlxr x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2231 last-modified Fri, 24 Sep 2021 13:39:11 GMT server UploadServer etag "a6148bb3b0b9e20b1608e937bc391953" x-goog-generation 1632490751652085 content-type application/dash+xml access-control-allow-origin * x-goog-hash crc32c=N7MQHg==, md5=phSLs7C54gsWCOk3vDkZUw== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876700.cds324.fr8.hn,1677876700.cds290.fr8.c x-goog-stored-content-length 2231 accept-ranges bytes
GET H/1.1	200 OK	capture api.leadpages.io/analytics/v1/observations/	35 B 354 B	146ms 146ms	Image image/gif	35.192.151.63 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=39,347,284,671,4,675,876,876,2329,2333 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 03 Mar 2023 20:51:40 GMT Server Stargate Transfer-Encoding chunked X-Forwarded-For 80.255.7.106 Content-Type image/gif access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 07b2spbh94sq092gj1pg
GET H/1.1	200 OK	capture Show response api.leadpages.io/analytics/v1/observations/	35 B 445 B	145ms 145ms	XHR image/gif	35.192.151.63 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=QGZzTmDd3SUJEbBzXUExfp&kind=timer&label=lb_embed_leadbox_load&value=645.8000011444092 Requested by Host: embed.lpcontent.net URL: https://embed.lpcontent.net/leadboxes/current/embed.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 03 Mar 2023 20:51:40 GMT Server Stargate Transfer-Encoding chunked access-control-max-age 600 Content-Type image/gif access-control-allow-origin https://go.behindthemarkets.com X-Forwarded-For 80.255.7.106 access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 07b2l2eusku99hjp9nv0
GET DATA	200 OK	truncated /	696 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 567847dda0d03e716aa690ca39bee668daed1bbaa2c7de46c41cd6349e49e0a6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 716904b02ae9903fba4da3668a114eb5b843f4567fb2eab2c165a4727393272e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	init.mp4 Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/480x270_h264_157500/	674 B 954 B	47ms 46ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/480x270_h264_157500/init.mp4 Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 18f275957b6f226d23e8fb49f6e8f4160c4168a438cd3ff27bcf0ec3e898536c Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:40 GMT x-cdn 4 x-guploader-uploadid ADPycdu5OtJMsWQghKZVCP8WI6yaZWxKU5Nita1uV1W5qlucKEyaff_9QjDi69UkJvpgHF_4hOcoVYnUzXwmP_OoTaRGGeUu1aKX x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 674 last-modified Fri, 24 Sep 2021 13:32:51 GMT server UploadServer etag "7099939c78e5268b5c4c52082de0ad66" x-goog-generation 1632490371895640 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=AaV1KQ==, md5=cJmTnHjlJotcTFIILeCtZg== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876700.cds324.fr8.hn,1677876700.cds207.fr8.c x-goog-stored-content-length 674 accept-ranges bytes
GET H2	200	init.mp4 Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	606 B 882 B	48ms 47ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/init.mp4 Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:40 GMT x-cdn 4 x-guploader-uploadid ADPycdtc0uHrIWNwsoaZPDLbVYZjIOhWuV6rJCd2FvINSnL_ykrcp9INOr7F4TThKbQM5mwf6M5S4R9tHbw-2KiWBfAN6A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 606 last-modified Fri, 24 Sep 2021 13:32:45 GMT server UploadServer etag "af3d86596c83ba8ac236796a59f6d6dc" x-goog-generation 1632490365475797 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876700.cds324.fr8.hn,1677876700.cds330.fr8.c x-goog-stored-content-length 606 accept-ranges bytes
POST H2	204	analytics Show response analytics-ingress-global.bitmovin.com/	0 42 B	52ms 52ms	XHR application/json	35.190.27.197 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics-ingress-global.bitmovin.com/analytics Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 197.27.190.35.bc.googleusercontent.com Software v1.55.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Mar 2023 20:51:40 GMT via 1.1 google server v1.55.1 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization alt-svc clear
POST H2	200	scribe Show response stats.vidalytics.com/	16 B 83 B	145ms 145ms	XHR application/json	107.178.211.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.vidalytics.com/scribe Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 97.211.178.107.bc.googleusercontent.com Software istio-envoy / Resource Hash 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 03 Mar 2023 20:51:41 GMT x-envoy-upstream-service-time 1 server istio-envoy content-length 16 access-control-allow-methods POST,OPTIONS content-type application/json
GET H2	200	s_0.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/480x270_h264_157500/	73 KB 73 KB	46ms 45ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/480x270_h264_157500/s_0.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 17f537326ca7185b06bc320d471eafe983ed23ac2c9170ba5268208401b942ce Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:41 GMT x-cdn 4 x-guploader-uploadid ADPycdvY5Vuq6WW1mPrsB-Juztt_ZvkobZdgX_4O7GgJ2FsgHJ5zJgoMMpvSDbyykdKsJXcW59Y8RBIfTqmMZurt4oj_1acIUjeE x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 74933 last-modified Fri, 24 Sep 2021 13:32:52 GMT server UploadServer etag "48f8ead26aac7557404f29233b45a397" x-goog-generation 1632490372090246 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=o51s3Q==, md5=SPjq0mqsdVdATykjO0Wjlw== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876701.cds324.fr8.hn,1677876701.cds279.fr8.c x-goog-stored-content-length 74933 accept-ranges bytes
GET H2	200	s_0.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	47 KB 47 KB	45ms 44ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_0.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 7c6d25899b4c438047a12e7e146e1cb823fc638aed52fe56f4a3d903a5f1dca8 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:41 GMT x-cdn 4 x-guploader-uploadid ADPycdsfpUqPfglstdtHfXxnYYaHvRKlLYJ49NKZ_M94__zblOoieTvMDkz4ZaRUZXlQHSv5PFiu_AbwDjBfSMMALcdl x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48132 last-modified Fri, 24 Sep 2021 13:32:45 GMT server UploadServer etag "17fd86bec2059790ab450017cf6bcf83" x-goog-generation 1632490365633759 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=N9w/UQ==, md5=F/2GvsIFl5CrRQAXz2vPgw== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876701.cds324.fr8.hn,1677876701.cds203.fr8.c x-goog-stored-content-length 48132 accept-ranges bytes
GET H2	200	s_1.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	47 KB 47 KB	44ms 44ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_1.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash e46d9b165ff02257e6a74bfb06946352d6b04a667bad7223ba43e4e9b6fc7052 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:41 GMT x-cdn 4 x-guploader-uploadid ADPycdsFM8jA661c8owAqv1j0hrX5fzefeYwqQRZKr4MnyU9JbhrJhBwyx-uQiKPj7cUhGBEhAhXZvKU3nyLmpVMUMxDDTbodvuu x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47878 last-modified Fri, 24 Sep 2021 13:32:45 GMT server UploadServer etag "594ecd86fd22b7a458ba2eac68014878" x-goog-generation 1632490365606816 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=8JiPVg==, md5=WU7Nhv0it6RYui6saAFIeA== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876701.cds324.fr8.hn,1677876701.cds212.fr8.c x-goog-stored-content-length 47878 accept-ranges bytes
POST H2	204	impression Show response licensing.bitmovin.com/	0 41 B	48ms 48ms	XHR application/json	2600:1901:0:df23:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://licensing.bitmovin.com/impression Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 03 Mar 2023 20:51:41 GMT via 1.1 google access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json
POST H2	200	scribe Show response stats.vidalytics.com/	16 B 55 B	145ms 145ms	XHR application/json	107.178.211.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.vidalytics.com/scribe Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 97.211.178.107.bc.googleusercontent.com Software istio-envoy / Resource Hash 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 03 Mar 2023 20:51:41 GMT x-envoy-upstream-service-time 1 server istio-envoy content-length 16 access-control-allow-methods POST,OPTIONS content-type application/json
GET H2	200	init.mp4 Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	674 B 939 B	46ms 46ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/init.mp4 Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 64ad00507c17e5e8f6fc9bc5c9f136a494e615573a512c9b95f71fbab7a5ec69 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:41 GMT x-cdn 4 x-guploader-uploadid ADPycduVSS_i1ojkr7f1eLWzv8EvrhOmqrC87tocRWJC3AcoEqsoCsAec5K9LFYxi0_eTDbhOUQNLccQ-xPqeBi-E-MkjpRUkeu_ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 674 last-modified Fri, 24 Sep 2021 13:32:54 GMT server UploadServer etag "b240127fac044036400bc0d043b85641" x-goog-generation 1632490374200391 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=2oGlVw==, md5=skASf6wEQDZAC8DQQ7hWQQ== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876701.cds324.fr8.hn,1677876701.cds235.fr8.c x-goog-stored-content-length 674 accept-ranges bytes
GET H2	200	event Show response widget.us.criteo.com/ Redirect Chain https://sslwidget.criteo.com/event?a=93258&v=5.13.0&p0=e%3Dce%26m%3D%255Bnull%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dnull%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle... https://widget.us.criteo.com/event?a=93258&v=5.13.0&p0=e%3Dce%26m%3D%255Bnull%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dnull%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle...	8 KB 4 KB	756ms 160ms	Script application/x-javascript	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://widget.us.criteo.com/event?a=93258&v=5.13.0&p0=e%3Dce%26m%3D%255Bnull%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dnull%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Is7XWF9ETFlhMXBaemZOMXhHMHozem5wV29ieERDa0x0T1pZR1JSNlZPMmszblhHcnlkdDhLcSUyQnZTc3hmV1VTbGFwd0dGTVRZcWVzYUR0WkZnMFlaUm9qMXBGam04YlBSNEclMkJJYmtCeUZaczA5YVZVVCUyQk40elVMVEI2a1dDeW5DaVVnQnkyQVMlMkZLMDQzSzRCOHVLNEplVSUyQk1kYVZlSlg0cUx1Tk9ZTEF2JTJCUVhta2MlM0Q&tld=behindthemarkets.com&dy=1&fu=https%253A%252F%252Fgo.behindthemarkets.com%252Flimited-time-offer-4-video%252F%253F_ef_transaction_id%253D503c7149854d4f239257d3a9ea272aa3%2526utm_source%253D82%2526utm_campaign%253D%2526utm_medium%253D%2526id%253Dadrienne.dicecco%252540cna.com%2526iocid%253D%2526aff%253D82%2526creative_id%253D%2526sub3%253DB%2526sub2%253Dthedailylaunch.com%2526sub4%253DBTCV20%2526sub5%253D%2526oid%253D22&dtycbr=55148 Protocol H2 Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 3659218bf1376aabac37e9434ea0d5772e0e3fadc9f9f1cd16c5a480ab9be346 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:41 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel content-type application/x-javascript access-control-allow-origin * p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 28977324 timing-allow-origin * expires 0 Redirect headers pragma no-cache date Fri, 03 Mar 2023 20:51:40 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel location https://widget.us.criteo.com/event?a=93258&v=5.13.0&p0=e%3Dce%26m%3D%255Bnull%255D%26h%3Dsha256&p1=e%3Dexd%26z%3Dnull%26site_type%3Dd&p2=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p3=e%3Ddis&adce=1&bundle=Is7XWF9ETFlhMXBaemZOMXhHMHozem5wV29ieERDa0x0T1pZR1JSNlZPMmszblhHcnlkdDhLcSUyQnZTc3hmV1VTbGFwd0dGTVRZcWVzYUR0WkZnMFlaUm9qMXBGam04YlBSNEclMkJJYmtCeUZaczA5YVZVVCUyQk40elVMVEI2a1dDeW5DaVVnQnkyQVMlMkZLMDQzSzRCOHVLNEplVSUyQk1kYVZlSlg0cUx1Tk9ZTEF2JTJCUVhta2MlM0Q&tld=behindthemarkets.com&dy=1&fu=https%253A%252F%252Fgo.behindthemarkets.com%252Flimited-time-offer-4-video%252F%253F_ef_transaction_id%253D503c7149854d4f239257d3a9ea272aa3%2526utm_source%253D82%2526utm_campaign%253D%2526utm_medium%253D%2526id%253Dadrienne.dicecco%252540cna.com%2526iocid%253D%2526aff%253D82%2526creative_id%253D%2526sub3%253DB%2526sub2%253Dthedailylaunch.com%2526sub4%253DBTCV20%2526sub5%253D%2526oid%253D22&dtycbr=55148 access-control-allow-origin * cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 5710273 timing-allow-origin * content-length 0 expires 0
POST H2	204	analytics Show response analytics-ingress-global.bitmovin.com/	0 42 B	52ms 51ms	XHR application/json	35.190.27.197 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics-ingress-global.bitmovin.com/analytics Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 197.27.190.35.bc.googleusercontent.com Software v1.55.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Mar 2023 20:51:40 GMT via 1.1 google server v1.55.1 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization alt-svc clear
POST H2	204	analytics Show response analytics-ingress-global.bitmovin.com/	0 42 B	53ms 53ms	XHR application/json	35.190.27.197 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics-ingress-global.bitmovin.com/analytics Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 197.27.190.35.bc.googleusercontent.com Software v1.55.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Mar 2023 20:51:41 GMT via 1.1 google server v1.55.1 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization alt-svc clear
POST H2	204	analytics Show response analytics-ingress-global.bitmovin.com/	0 42 B	51ms 51ms	XHR application/json	35.190.27.197 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics-ingress-global.bitmovin.com/analytics Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 197.27.190.35.bc.googleusercontent.com Software v1.55.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Mar 2023 20:51:41 GMT via 1.1 google server v1.55.1 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization alt-svc clear
POST H2	204	analytics Show response analytics-ingress-global.bitmovin.com/	0 42 B	87ms 87ms	XHR application/json	35.190.27.197 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics-ingress-global.bitmovin.com/analytics Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 197.27.190.35.bc.googleusercontent.com Software v1.55.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Mar 2023 20:51:41 GMT via 1.1 google server v1.55.1 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization alt-svc clear
POST H2	204	analytics Show response analytics-ingress-global.bitmovin.com/	0 42 B	88ms 87ms	XHR application/json	35.190.27.197 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics-ingress-global.bitmovin.com/analytics Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 197.27.190.35.bc.googleusercontent.com Software v1.55.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Mar 2023 20:51:41 GMT via 1.1 google server v1.55.1 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization alt-svc clear
GET H2	200	s_1.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	972 KB 973 KB	44ms 44ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_1.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 769534b0044380c41f2cec307c08a60a9e3d535d0abe206b2010b3351e92b24d Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:41 GMT x-cdn 4 x-guploader-uploadid ADPycdujTO6co86BZ2ymYjOewOIp1W7E_p3Vi7J2sa0Q9th1w3oV9A7bjLxEEn3p6G-43XdPtZa_7zPORaDIMakKUiNL x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 995078 last-modified Fri, 24 Sep 2021 13:33:06 GMT server UploadServer etag "f148dae9eecd989d8d0854dccfdcf48f" x-goog-generation 1632490386279310 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=ltRz+w==, md5=8Uja6e7NmJ2NCFTcz9z0jw== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876701.cds324.fr8.hn,1677876701.cds168.fr8.c x-goog-stored-content-length 995078 accept-ranges bytes
GET H2	200	s_2.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	46 KB 47 KB	44ms 43ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_2.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 83a7f919819358594b43e0558d9ffb2a0cc87694217e35e8908a0e4a8dc51a3c Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:41 GMT x-cdn 4 x-guploader-uploadid ADPycdu7N_0LprpD3g4e3AvHn4MEu1M8TKCaGctqDbAnQddNQ4kxNuDWxUOvOLKb8WXzKAYuqfV-mRTmZPi8mAHczLLwX9xWLksM x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47366 last-modified Fri, 24 Sep 2021 13:32:45 GMT server UploadServer etag "9ae61f9a8476bede3218ef1cb89f632c" x-goog-generation 1632490365768990 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=VSHWfg==, md5=muYfmoR2vt4yGO8cuJ9jLA== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876701.cds324.fr8.hn,1677876701.cds208.fr8.c x-goog-stored-content-length 47366 accept-ranges bytes
GET H2	200	s_2.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	966 KB 967 KB	275ms 274ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_2.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 6554cd7c6546cef8fd315a05511255c5c20ee760b06c3d34c8eb53497aacb51f Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:41 GMT x-cdn 4 x-guploader-uploadid ADPycdt643qkNhr0hAJsDlpgpwWcKlGQGmt-gVaBC_vjHO55Ir6wGHuxljUAZbDOGjU_q_EVVA7G1RTMBa2L7YaPaJxQzs_YCq6y x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 989662 last-modified Fri, 24 Sep 2021 13:33:16 GMT server UploadServer etag "45fa72805942042e28f21fa5720332f2" x-goog-generation 1632490396864209 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=FHUdXg==, md5=RfpygFlCBC4o8h+lcgMy8g== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876701.cds324.fr8.hn,1677876701.cds234.fr8.c x-goog-stored-content-length 989662 accept-ranges bytes
GET H2	200	s_3.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	47 KB 47 KB	45ms 45ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_3.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 844e76cf17b9d3ca943c648c04c354e395c96b5ad4e98802e27d75f858523d07 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdtKEAgNWdAfNwJ51sd96EvFr87K4xHy4738ab1wY1KILOiXKHlBr9hvCEYeeRqT_1igAaVJhZaHzQZSC_h1zsyFWw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47842 last-modified Fri, 24 Sep 2021 13:32:46 GMT server UploadServer etag "2a3830df521187b3e79f5371b097a003" x-goog-generation 1632490365945835 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=BmpBlQ==, md5=Kjgw31IRh7Pnn1NxsJegAw== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds276.fr8.c x-goog-stored-content-length 47842 accept-ranges bytes
GET H2	200	s_3.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	958 KB 959 KB	50ms 50ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_3.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 340263d4a71ae2270a2aa1032cfa3b75c5bcc1b8f6fbd6795b24c6b715d0c855 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdvzOMHIelNDRqfmFeEI1jQS1D-PQaJ-otKqpoeokqO2XrFo-MuqG4YH5LsroKC-gYUOEZR_pMMfVk6SDSR3mA6QDw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 980703 last-modified Fri, 24 Sep 2021 13:33:09 GMT server UploadServer etag "d737b7e09864aea0538c8c6cea96a3c6" x-goog-generation 1632490389868970 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=rZ5JKw==, md5=1ze34JhkrqBTjIxs6pajxg== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds320.fr8.c x-goog-stored-content-length 980703 accept-ranges bytes
GET H2	200	s_4.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	46 KB 47 KB	45ms 45ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_4.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 4876f09b51bfe5b7adee3e2c771504a76bf0991f1d9c9486f185315b6a55e3ff Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdsNhCywCcT0sGfQk4cn7ET8NUFwcm5SsHM0FRL6ZKLSE0WsmxAjWGYMsRj1zu-M7JS1tEedQlJTlVVO12na9_xaAQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47444 last-modified Fri, 24 Sep 2021 13:32:46 GMT server UploadServer etag "c5fa971513740865838443fe7c098bb9" x-goog-generation 1632490366130704 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=FPXaWg==, md5=xfqXFRN0CGWDhEP+fAmLuQ== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds266.fr8.c x-goog-stored-content-length 47444 accept-ranges bytes
GET H2	200	s_4.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	948 KB 949 KB	45ms 45ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_4.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 556d64f72e4a392752b92197b8859eeb731428330c7287171aa3480678de5beb Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycds8EdJcLhmEARwQgCZ_a6YZYZHetM_xSjfBfaP-G30KlW93OPg9atA1zfJZGPcweLEh0hkaE5EbgrDYA1TIKDDQFQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 970925 last-modified Fri, 24 Sep 2021 13:33:04 GMT server UploadServer etag "c97a7018a8b7b00c6405f3bc9203df5b" x-goog-generation 1632490384824643 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=zVVwdQ==, md5=yXpwGKi3sAxkBfO8kgPfWw== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds253.fr8.c x-goog-stored-content-length 970925 accept-ranges bytes
GET H2	200	sync x.bidswitch.net/ul_cb/ Frame 95F8 Redirect Chain https://x.bidswitch.net/sync?dsp_id=46&user_id=k-sSH3dhDqKl0nChJsns5SejUyWy2qsG1BFFxu3g&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-sSH3dhDqKl0nChJsns5SejUyWy2qsG1BFFxu3g&expires=30	43 B 344 B	42ms 42ms	Image image/gif	3.64.174.171 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-sSH3dhDqKl0nChJsns5SejUyWy2qsG1BFFxu3g&expires=30 Protocol H2 Server 3.64.174.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-174-171.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers location https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-sSH3dhDqKl0nChJsns5SejUyWy2qsG1BFFxu3g&expires=30 date Fri, 03 Mar 2023 20:51:42 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/google/ Frame 95F8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-h3dUNBDqKl0nChJsns5SejUyWy19COHbAs5BKg&google_cm&google_hm=ay1oM2RVTkJEcUtsMG5DaEpzbnM1U2VqVXlXeTE5Q09IY... https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-h3dUNBDqKl0nChJsns5SejUyWy19COHbAs5BKg&google_cm=&google_hm=ay1oM2RVTkJEcUtsMG5DaEpzbnM1U2VqVXlXeTE5Q09... https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-h3dUNBDqKl0nChJsns5SejUyWy19COHbAs5BKg&google_gid=CAESEPDKK7aEB2xfhMdmIp18xlk&google_cver=1&google_ula=913071,0	43 B 370 B	366ms 50ms	Image image/gif	178.250.0.163 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-h3dUNBDqKl0nChJsns5SejUyWy19COHbAs5BKg&google_gid=CAESEPDKK7aEB2xfhMdmIp18xlk&google_cver=1&google_ula=913071,0 Protocol H2 Server 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:42 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1572560 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 03 Mar 2023 20:51:42 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-h3dUNBDqKl0nChJsns5SejUyWy19COHbAs5BKg&google_gid=CAESEPDKK7aEB2xfhMdmIp18xlk&google_cver=1&google_ula=913071,0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 398 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/appnexus/ Frame 95F8 Redirect Chain https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1747222215194780235	43 B 370 B	475ms 52ms	Image image/gif	178.250.0.163 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1747222215194780235 Protocol H2 Server 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:42 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 3025895 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Date Fri, 03 Mar 2023 20:51:42 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.7.106; 80.255.7.106; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 23bb3192-a238-46ee-8ab5-4d56def2d593 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1747222215194780235 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	bounce secure.adnxs.com/ Frame 95F8 Redirect Chain https://secure.adnxs.com/setuid?entity=52&code=k-wWW94xDqKl0nChJsns5SejUyWy1wwAw0qa_2Eg https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-wWW94xDqKl0nChJsns5SejUyWy1wwAw0qa_2Eg	43 B 1 KB	45ms 45ms	Image image/gif	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-wWW94xDqKl0nChJsns5SejUyWy1wwAw0qa_2Eg Protocol HTTP/1.1 Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Pragma no-cache Date Fri, 03 Mar 2023 20:51:42 GMT AN-X-Request-Uuid c6c4f4cc-fd27-4f1c-bc3d-e05bfbcd9660 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 80.255.7.106; 80.255.7.106; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 03 Mar 2023 20:51:42 GMT AN-X-Request-Uuid 5544ffa1-9edf-4316-a62d-31d179238eb3 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-wWW94xDqKl0nChJsns5SejUyWy1wwAw0qa_2Eg Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 80.255.7.106; 80.255.7.106; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Frame 95F8	237 B 978 B	280ms 116ms	Image image/gif	92.123.38.97 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-5AVlJBDqKl0nChJsns5SejUyWy1o06HWmOtctg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-38-97.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Fri, 03 Mar 2023 20:51:42 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 237 x-mnet-hl2 E expires Fri, 03 Mar 2023 20:51:42 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 95F8	0 239 B	203ms 42ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-lEifFBDqKl0nChJsns5SejUyWy0uDR4NJVMMsw&expires=30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 5b959e9b7aef6dd90a6fa539ca64ac62 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	v1 match.sharethrough.com/sync/ Frame 95F8	0 35 B	216ms 41ms	Image text/plain	3.75.124.87 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-YfoD8xDqKl0nChJsns5SejUyWy07gIGjyPWP_Q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.75.124.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-124-87.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame 95F8	43 B 163 B	274ms 52ms	Image image/gif	185.86.138.154 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-bfdyuRDqKl0nChJsns5SejUyWy20l6mkKL0CKw Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT transfer-encoding chunked content-type image/gif
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 95F8	0 99 B	357ms 43ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-W2aJKRDqKl0nChJsns5SejUyWy0GzT7RHoKBBQ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 41765
GET H2	200	um criteo-sync.teads.tv/ Frame 95F8	23 B 172 B	293ms 87ms	Image image/gif	23.35.209.30 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-sync.teads.tv/um?eid=80&uid=k-C0YEuhDqKl0nChJsns5SejUyWy3uGL5FTF8TrQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-209-30.deploy.static.akamaitechnologies.com Software akka-http/10.2.9 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers expires Fri, 03 Mar 2023 20:51:42 GMT pragma no-cache date Fri, 03 Mar 2023 20:51:42 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.9 content-length 23 content-type image/gif
GET H2	200	xuid eb2.3lift.com/ Frame 95F8	37 B 140 B	180ms 41ms	Image image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2711&xuid=k-J2UewhDqKl0nChJsns5SejUyWy1l2d7QArrzCw&dongle=013b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif
GET H2	204	sync ups.analytics.yahoo.com/ups/58301/ Frame 95F8 Redirect Chain https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IJ10txDqKl0nChJsns5SejUyWy3R4PvQd7y4iA https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IJ10txDqKl0nChJsns5SejUyWy3R4PvQd7y4iA&verify=true	0 121 B	44ms 44ms	Image text/plain	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IJ10txDqKl0nChJsns5SejUyWy3R4PvQd7y4iA&verify=true Protocol H2 Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.25 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IJ10txDqKl0nChJsns5SejUyWy3R4PvQd7y4iA&verify=true date Fri, 03 Mar 2023 20:51:42 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	pixel cm.adform.net/ Frame 95F8	43 B 163 B	161ms 39ms	Image image/gif	37.157.4.23 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-MtpFHhDqKl0nChJsns5SejUyWy2QQwHw7yK3ow Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT last-modified Wed, 11 Oct 2017 13:40:08 GMT server nginx accept-ranges bytes etag "59de1f38-2b" content-length 43 content-type image/gif
GET H2	200	sync visitor.omnitagjs.com/visitor/ Frame 95F8	49 B 235 B	193ms 58ms	Image image/gif	185.255.84.152 IGUANE-
General Check archive.org Show headers Download Go to Show image Full URL https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-WL8n6RDqKl0nChJsns5SejUyWy1YRt7C4dYbEQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.255.84.152 , France, ASN200271 (IGUANE-, FR), Reverse DNS Software ayl-lb-fra02 / Resource Hash d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:42 GMT x-content-type-options nosniff server ayl-lb-fra02 vary Accept-Encoding content-type image/gif cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 8 content-length 49 expires 0
GET H/1.1	200 OK	rum r.casalemedia.com/ Frame 95F8 Redirect Chain https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_Mmx2hDqKl0nChJsns5SejUyWy087skatWoNpg https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_Mmx2hDqKl0nChJsns5SejUyWy087skatWoNpg&C=1	43 B 766 B	41ms 41ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_Mmx2hDqKl0nChJsns5SejUyWy087skatWoNpg&C=1 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Pragma no-cache Date Fri, 03 Mar 2023 20:51:42 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Fri, 03 Mar 2023 20:51:42 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=20&external_user_id=k-_Mmx2hDqKl0nChJsns5SejUyWy087skatWoNpg&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 95F8 Redirect Chain https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Dnr6vDp6ymNdh-_aZ-QYU5QNIsNl8i5D https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Dnr6vDp6ymNdh-_aZ-QYU5QNIsNl8i5D	42 B 942 B	60ms 59ms	Image image/gif	54.154.235.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Dnr6vDp6ymNdh-_aZ-QYU5QNIsNl8i5D Protocol HTTP/1.1 Server 54.154.235.81 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-235-81.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v046-006ebecd7.edge-irl1.demdex.com 1 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID nfW8UG40RyI= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-2-v046-068347ed8.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID POF/fxvDSKE= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Dnr6vDp6ymNdh-_aZ-QYU5QNIsNl8i5D Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200	9.gif id5-sync.com/s/966/ Frame 95F8	43 B 1 KB	137ms 40ms	Image image/gif	162.19.138.119 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/s/966/9.gif?puid=k-Vra5phDqKl0nChJsns5SejUyWy2OsqGeeq6LdQ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.119 , France, ASN16276 (OVH, FR), Reverse DNS ns31533570.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Fri, 03 Mar 2023 20:51:41 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers transfer-encoding chunked p3p CP="CAO PSA OUR"
GET H2	200	match ad.360yield.com/ul_cb/ Frame 95F8 Redirect Chain https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Ud7ncRDqKl0nChJsns5SejUyWy1hV_3zNS23Vw https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Ud7ncRDqKl0nChJsns5SejUyWy1hV_3zNS23Vw	43 B 447 B	43ms 43ms	Image image/gif	3.73.186.215 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Ud7ncRDqKl0nChJsns5SejUyWy1hV_3zNS23Vw Protocol H2 Server 3.73.186.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-73-186-215.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-origin * date Fri, 03 Mar 2023 20:51:42 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers location https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Ud7ncRDqKl0nChJsns5SejUyWy1hV_3zNS23Vw date Fri, 03 Mar 2023 20:51:42 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	sync matching.ivitrack.com/ Frame 95F8	42 B 274 B	174ms 49ms	Image image/gif	34.117.157.22 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://matching.ivitrack.com/sync?realm=criteo&uid=k-orW-hBDqKl0nChJsns5SejUyWy2sWUI8ZoeHEg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 22.157.117.34.bc.googleusercontent.com Software istio-envoy / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-envoy-decorator-operation tag-manager.programmatic.svc.cluster.local:3000/* via 1.1 google server istio-envoy content-type image/gif cache-control public, max-age=86400 x-envoy-upstream-service-time 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H2	200	push exchange.mediavine.com/usersync/ Frame 95F8	0 881 B	142ms 42ms	Image text/html	52.58.18.60 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-KVjZiRDqKl0nChJsns5SejUyWy3xXR1R6KZCyA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.18.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-18-60.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT cache-control private, no-cache access-control-allow-credentials true content-encoding gzip vary Origin, Accept-Encoding content-type text/html; charset=utf-8
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Frame 95F8	0 145 B	231ms 46ms	Image text/plain	20.13.96.71 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-A5mnLhDqKl0nChJsns5SejUyWy3px_cHnEN23Q&initiator=partner Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 03 Mar 2023 20:51:42 GMT Cache-Control no-cache X-TraceId b07a46adaaad872856ada9b5046dd144 Content-Length 0
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 95F8	42 B 576 B	275ms 48ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-4-mjHhDqKl0nChJsns5SejUyWy1vfqMeahDiig Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Fri, 03 Mar 2023 20:51:43 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sync criteo-partners.tremorhub.com/ Frame 95F8	43 B 183 B	442ms 128ms	Image image/gif	2600:1f18:612b:4232:9c9c:4e0f:e14a:ea49 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-partners.tremorhub.com/sync?UICR=k-VMhP5xDqKl0nChJsns5SejUyWy12kwt644nPsA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4232:9c9c:4e0f:e14a:ea49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Fri, 03 Mar 2023 20:51:43 GMT server Apache-Coyote/1.1 content-type image/gif
GET H2	200	getusermatch.php a.twiago.com/rtb/ Frame 95F8	43 B 153 B	176ms 39ms	Image image/gif	85.215.5.31 CRONON-BERLIN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-M6fwIhDqKl0nChJsns5SejUyWy1Tn3e3aHmMlw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE), Reverse DNS Software Apache / PHP/7.3.29 Resource Hash 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-origin * date Fri, 03 Mar 2023 20:51:42 GMT server Apache x-powered-by PHP/7.3.29 content-length 43 content-type image/gif
GET H/1.1	204 No Content	m ad.yieldlab.net/ Frame 95F8	0 525 B	232ms 49ms	Image text/plain	184.24.4.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-VFD85xDqKl0nChJsns5SejUyWy3P6wSDxnPHcg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.24.4.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-4-64.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Pragma no-cache Date Fri, 03 Mar 2023 20:51:43 GMT x-content-type-options nosniff x-frame-options DENY Cache-Control no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0 Connection keep-alive x-xss-protection 1; mode=block x-application-context application Expires Thu, 02 Mar 2023 20:51:43 GMT
GET H2	200	sync sync-criteo.ads.yieldmo.com/ Frame 95F8	0 38 B	298ms 54ms	Image text/plain	52.49.84.227 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync-criteo.ads.yieldmo.com/sync?id=k-yRRX-RDqKl0nChJsns5SejUyWy2QWbwUzFyTTA&pn_id=criteo&ext=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.84.227 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-84-227.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT content-length 0
GET H2	200	s_5.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	47 KB 47 KB	45ms 45ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_5.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash cc2d1cccbb97962dbb830bf26c856ed5fb04de9d6a1bfc01a472687b9d3a5445 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdun8LaJUX896kmDv665oj42ldpKLSI8XQYsItdfuoEnW2-6hHVJo8qv2quyWnjhp8KW2cuA9-n3Fb7equnc1hbCLawgUlZS x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47618 last-modified Fri, 24 Sep 2021 13:32:46 GMT server UploadServer etag "8325462622b800df70f3346afb3ba29a" x-goog-generation 1632490366294393 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=Cq3gUg==, md5=gyVGJiK4AN9w8zRq+zuimg== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds004.fr8.c x-goog-stored-content-length 47618 accept-ranges bytes
GET H2	200	s_5.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	940 KB 941 KB	43ms 43ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_5.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash c9505c55968d5ce146e30c278d115fb9c78c360cccd966ff33145c8dce7bc958 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdtYB8uR8ZK4WgCxtWX7zxVGGKvFdwYWuPC1QmTJEuLT_Nnszzf1cIPbFgJ0xrkQkaPYlDbfSnNQzP74NJGm0eGrPhIGL48n x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 962893 last-modified Fri, 24 Sep 2021 13:33:05 GMT server UploadServer etag "d7a1071285ed756b623462c697c286ab" x-goog-generation 1632490385252656 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=hkUuuw==, md5=16EHEoXtdWtiNGLGl8KGqw== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds290.fr8.c x-goog-stored-content-length 962893 accept-ranges bytes
GET H2	200	s_6.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	46 KB 47 KB	77ms 76ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_6.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash f9c09e75044a1bd25529bc384537c49d60c7cb21350d0b05340aee4b26d2ad8a Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdswGO7ZpBo2WUZsQ5YCVMHfim7y6n16iHO7_KT1a3agB67afxz80Bw-fsLHhfJLCL9Ze3KuC8Y9V3mnEpQaZZTeJm3uL2zB x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47523 last-modified Fri, 24 Sep 2021 13:32:46 GMT server UploadServer etag "0997bae9ba428f8e9aadcaf018cc3610" x-goog-generation 1632490366460090 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=ytKihw==, md5=CZe66bpCj46arcrwGMw2EA== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds332.fr8.c x-goog-stored-content-length 47523 accept-ranges bytes
GET H2	200	s_6.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	1006 KB 1007 KB	43ms 43ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_6.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash bfcdb44604e03a05781db93afdf9a4a2307e175fd00bb1ce1536473d735517f2 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdvdJW9vrOeBy5SVNxGck2IY-Tx6guQtWRKo8vA8SsXj9RDPLZY9xR7T_seNcLLOsH9grxEWWZHRE-ITz3JNHMtI46hXAzLW x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1030387 last-modified Fri, 24 Sep 2021 13:33:05 GMT server UploadServer etag "299fc32fbaf4cb0742a83cc63cc1afa1" x-goog-generation 1632490385210701 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=gCzjOQ==, md5=KZ/DL7r0ywdCqDzGPMGvoQ== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds221.fr8.c x-goog-stored-content-length 1030387 accept-ranges bytes
GET H2	200	s_7.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	47 KB 47 KB	43ms 42ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_7.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash fce5ea463a88be4424821530ae3a9ccc65dd37a5c1a847cba91693d2731e0099 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdvf-Nd6aypxIXSft2ZQ1J-cIXtRygONrqBnIDixB-t-S_cn1ZEQGwukmtUFlKBJVTQhEBCH1cp16b38a4DRyFxR93TRydDU x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47781 last-modified Fri, 24 Sep 2021 13:32:46 GMT server UploadServer etag "210e4a39a4069e0786ed1a6f7632ffa9" x-goog-generation 1632490366592642 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=/i9NSw==, md5=IQ5KOaQGngeG7RpvdjL/qQ== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds168.fr8.c x-goog-stored-content-length 47781 accept-ranges bytes
GET H2	200	s_7.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	991 KB 992 KB	44ms 43ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_7.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash c8c028a92c6d5d0b438589c72bea5df0c0b09eefff4b6861556dd88b49ca41de Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdvkOgQd6uZ-c8DrfRrhzMhSbszvgNcwi3Vpoa1wOAcvHEx3pFQyiTcBLPmaVtca25ali8m7mCYNAEmnTLuqLgwmmcpas4Nt x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1015191 last-modified Fri, 24 Sep 2021 13:33:05 GMT server UploadServer etag "ba5f0398460e9934303da09567a0628f" x-goog-generation 1632490385903453 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=ncPwrg==, md5=ul8DmEYOmTQwPaCVZ6Bijw== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds246.fr8.c x-goog-stored-content-length 1015191 accept-ranges bytes
GET H2	200	s_8.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	46 KB 47 KB	44ms 44ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_8.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 8883e3fdee0b70cf7b19b21633290f5391fba3e7f93545899a108928569b0e1a Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdtfHFFyGTrnoruOebU_Do_qf1adYoJzuFJ3rvCocb9enm1WEiXegl-CInwdfsoOIjlTgeQMqdzvXq3AAeTYJAY5qQE7aJLg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47407 last-modified Fri, 24 Sep 2021 13:32:46 GMT server UploadServer etag "db6293976c90621b24560d480aba161f" x-goog-generation 1632490366786931 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=eI3RFw==, md5=22KTl2yQYhskVg1ICroWHw== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds338.fr8.c x-goog-stored-content-length 47407 accept-ranges bytes
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 95F8 Redirect Chain https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OYriJhHgTlWHWqYogVecfgr71T3sVXxj	0 337 B	265ms 55ms	Image text/plain	54.75.60.155 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OYriJhHgTlWHWqYogVecfgr71T3sVXxj Protocol H2 Server 54.75.60.155 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-75-60-155.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-served-by beacon-n024-dub-prod.krxd.net date Fri, 03 Mar 2023 20:51:43 GMT cache-control private, no-cache, no-store x-request-time D=28 t=1677876703 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=OYriJhHgTlWHWqYogVecfgr71T3sVXxj date Fri, 03 Mar 2023 20:51:42 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 1797925 content-length 0
GET H2	200	s_8.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	980 KB 981 KB	43ms 43ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_8.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash f0fc933079bcc8c59750469556a74366d7d06d2116bf84ec707a370e233d6664 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:42 GMT x-cdn 4 x-guploader-uploadid ADPycdslNauvGrpTjdUT5erq-v1f_F3-OEQ6Ynyu_BdyQ5jexci7RoANm8ltni6PhevVE7RvH_81ZAHIErzhxA677cjA_S98YIoc x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1003211 last-modified Fri, 24 Sep 2021 13:33:04 GMT server UploadServer etag "2ca4f806dd17c4969056d102fde23229" x-goog-generation 1632490384918103 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=/EZoxQ==, md5=LKT4Bt0XxJaQVtEC/eIyKQ== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876702.cds324.fr8.hn,1677876702.cds330.fr8.c x-goog-stored-content-length 1003211 accept-ranges bytes
GET H2	200	s_9.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	46 KB 47 KB	44ms 43ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_9.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 976deb0bee39694b9664f14eb19d2b48fdfa5ca627fcdea1e0751fb546fab9cc Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT x-cdn 4 x-guploader-uploadid ADPycdszoDfLpQYR_cbTPDNvrCSC1hOKD0aHM6Pi2wURUUwzULwF0S5qg09bFugndrJAcRzEGpP-vFZv_udQZPYtSx4yYDnQ_HCi x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47557 last-modified Fri, 24 Sep 2021 13:32:46 GMT server UploadServer etag "bd930cf0384fcef268087ffa6ccf1dbd" x-goog-generation 1632490366914596 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=nadHAQ==, md5=vZMM8DhPzvJoCH/6bM8dvQ== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876703.cds324.fr8.hn,1677876703.cds137.fr8.c x-goog-stored-content-length 47557 accept-ranges bytes
OPTIONS H2	204	services sumo.com/ Frame	0 0	431ms 431ms	Preflight	35.86.95.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sumo.com/services Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-86-95-232.us-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-sumo-auth Access-Control-Request-Method POST Origin https://go.behindthemarkets.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type access-control-allow-methods GET,HEAD,PUT,POST,DELETE access-control-allow-origin https://go.behindthemarkets.com access-control-max-age 2592000 date Fri, 03 Mar 2023 20:51:43 GMT server nginx
POST H2	200	services Show response sumo.com/	205 B 605 B	351ms 350ms	XHR application/json	35.86.95.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sumo.com/services Requested by Host: load.sumo.com URL: https://load.sumo.com/73.0a035390359aab65eb82.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-86-95-232.us-west-2.compute.amazonaws.com Software nginx / Resource Hash c5265b2a343e05fcaf0cd05b0dd03975c4d83e4168eafea7236a99ee46caf79e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers X-Sumo-Auth 59evFIdL2roO5XqltpSzmtB5 Accept application/json, text/javascript, */*; q=0.01 Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 03 Mar 2023 20:51:43 GMT server nginx x-frame-options SAMEORIGIN vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://go.behindthemarkets.com p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true content-length 205
GET H2	200	s_9.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	962 KB 963 KB	44ms 44ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_9.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash a5dfda4afd1b27a129c8a8de36496cceb171e7f2da2b06beef018ff1a13b55c0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT x-cdn 4 x-guploader-uploadid ADPycdsFYIgN0EkKnYPJrhwf_JXFOHr-HcTvpGz94hwGzThAy8F9SqXAs3CNMsCjQK3cxrgDJHhs5BbHiCFHjvW8W64Wnlvgz9x_ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 985435 last-modified Fri, 24 Sep 2021 13:33:10 GMT server UploadServer etag "e3468d8bc2122458d89e70c72db7877c" x-goog-generation 1632490390370910 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=vTxfdw==, md5=40aNi8ISJFjYnnDHLbeHfA== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876703.cds324.fr8.hn,1677876703.cds321.fr8.c x-goog-stored-content-length 985435 accept-ranges bytes
GET H2	200	s_10.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	46 KB 47 KB	50ms 50ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_10.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash d22618761fd269e28de8846bb335b956b93c20b82f998e660a7dd8fbb2e32886 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT x-cdn 4 x-guploader-uploadid ADPycdujJoflHEXsX7SRXtHVZsUImzOoe9lJ1PZztiyEN-cC5PtCowX7tHPGrWvZZOezryAoq9aUzxzfKholX-N54201Ykz1YBvU x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47497 last-modified Fri, 24 Sep 2021 13:32:47 GMT server UploadServer etag "98f10490a367c1836c7268acc5a0e692" x-goog-generation 1632490367076963 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=b2GTrA==, md5=mPEEkKNnwYNscmisxaDmkg== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876703.cds324.fr8.hn,1677876703.cds249.fr8.c x-goog-stored-content-length 47497 accept-ranges bytes
GET H2	200	cs s.thebrighttag.com/ Frame 95F8 Redirect Chain https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=lqvELrCxgQrvVJz4vb06ildMwiQDV_LC	35 B 268 B	530ms 128ms	Image image/gif	3.132.205.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=lqvELrCxgQrvVJz4vb06ildMwiQDV_LC Protocol H2 Server 3.132.205.45 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-132-205-45.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:43 GMT x-bt-requestid 348ca9f1-ba05-11ed-965d-0000ac170313 server nginx content-type image/gif access-control-allow-origin p3p CP=NOI DSP COR NID cache-control private, must-revalidate content-length 35 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=lqvELrCxgQrvVJz4vb06ildMwiQDV_LC date Fri, 03 Mar 2023 20:51:43 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 1142755 content-length 0
GET H2	200	s_10.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	999 KB 1000 KB	47ms 45ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_10.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash db82a802a783961d743ae04334b1acca3275668847a556a764a4b40835738856 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT x-cdn 4 x-guploader-uploadid ADPycdvVo7MZpErvnbDnpkjeV6vlgQ52jcEPBTTzrVF1b3Sz7BpjU9DrKuYBt0M1Tj8GeLVwt5DYTjJILUzor7wy-0Po x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1022967 last-modified Fri, 24 Sep 2021 13:33:11 GMT server UploadServer etag "f39d4a94e26586fa9c9b1097ad96e347" x-goog-generation 1632490391293681 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=ldEC5A==, md5=851KlOJlhvqcmxCXrZbjRw== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876703.cds324.fr8.hn,1677876703.cds235.fr8.c x-goog-stored-content-length 1022967 accept-ranges bytes
GET H2	200	7.0a035390359aab65eb82.js Show response load.sumo.com/	97 KB 34 KB	46ms 45ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/7.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id JRV19C7BDTZQBKT2 cdn-cachedat 02/11/2023 19:24:54 cdn-pullzone 53731 x-amz-id-2 gGEbA+XgM4kRM1GEIoPOg4OkVQjxfWoZcviSQiWtfMoWmksM4JvP5EwJ+wrj/W2kNGp1PTkDQJM= last-modified Wed, 05 Oct 2022 16:49:48 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"3fa9c18f727d4b42fb894fda90a374e1" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 3776cb14d19ac8cca2f18bfe5fff6f89 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	4.0a035390359aab65eb82.js Show response load.sumo.com/	5 KB 3 KB	52ms 52ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/4.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id JRV3AWYKPJSBVG35 cdn-cachedat 02/11/2023 19:24:54 cdn-pullzone 53731 x-amz-id-2 x2ZgFPl8lObC6yWzdh4fnUNsC9wsuRETb62lXx3kjmhgdu7B/0RPl3IUpAhn9Fi9RKy5xiCBZ1s= last-modified Wed, 05 Oct 2022 16:49:25 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"a39d043b7c7bba70750cf288ee5ef71a" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid fbd9f13ff98acfa7aad00a7aa2e2e5ae cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	2.0a035390359aab65eb82.js Show response load.sumo.com/	3 KB 2 KB	53ms 53ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/2.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id JRVBFK5QV6V5CTX2 cdn-cachedat 02/11/2023 19:24:54 cdn-pullzone 53731 x-amz-id-2 KjdMPUXmB3Chr/Ta7R3fwKDEXbNsLw8w2l1BtggrErQTufbr6WJrqsR2nYl6tMsluA25MpZAiHs= last-modified Wed, 05 Oct 2022 16:49:10 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"6bfdf1ae8492f107706ac037915be663" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 8c4bc200f24c0392e0dddb2dd15dc6b9 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	10.0a035390359aab65eb82.js Show response load.sumo.com/	11 KB 5 KB	53ms 53ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/10.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id JRV0D1PWMC6FFZKK cdn-cachedat 02/11/2023 19:24:54 cdn-pullzone 53731 x-amz-id-2 GRhrK8kLxCq6yAJU++Gk07uoxoL3o2VgdKyOMhedQJt7U4z1XfLjGQED5jXr1i3o5atO/S/IQow= last-modified Wed, 05 Oct 2022 16:48:57 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"fc263e7087822a0b00ff93677d6df4ea" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 9c16d26ce0e403657c9a86cd8bb8550f cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	22.0a035390359aab65eb82.js Show response load.sumo.com/	92 KB 25 KB	55ms 55ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/22.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id JRVAX1DZ050V0WW8 cdn-cachedat 02/11/2023 19:24:54 cdn-pullzone 53731 x-amz-id-2 EJUTDJIx5oWJ0GOvWv6lq+k8qHiNl9Z+UtOaENHWa5dU1dvFI8GNwBaWJOsZ0060lR9Sh2ODMBE= last-modified Wed, 05 Oct 2022 16:49:12 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"8af82c4c30a069f66de02526c2f332af" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 791ced474fd773f9295030c4bed5145a cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	23.0a035390359aab65eb82.js Show response load.sumo.com/	329 KB 94 KB	59ms 59ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/23.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id JRV84PWK7RQYDKAE cdn-cachedat 02/11/2023 19:24:54 cdn-pullzone 53731 x-amz-id-2 bXbZhM00rzndr3wnzy2MVR4gYAwQQMlXad3CpCApz2m5ozZ3wPTyBUmV/guScb01kI56D8Zhu3k= last-modified Wed, 05 Oct 2022 16:49:12 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"be0b945be6cafa91f6fd4efdfc8268f8" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 750d1a99a22f2316df908743537e169c cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	21.0a035390359aab65eb82.js Show response load.sumo.com/	179 KB 51 KB	155ms 155ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/21.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id JRV21GT6VC0K18XM cdn-cachedat 02/11/2023 19:24:54 cdn-pullzone 53731 x-amz-id-2 Hrurc44twTM6NqoqxZvEduVUk9jg6DSeKb/hiKruemQueEoJ2H9IDVOXtUIjCODLEr2L3YqI8KE= last-modified Wed, 05 Oct 2022 16:49:11 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"beda094dfc3b530efd0d2d83c5a0280c" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 3b7a80dd112cc268f3ac4e1547a42ad7 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	64.0a035390359aab65eb82.js Show response load.sumo.com/	1 KB 1 KB	154ms 154ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/64.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:43 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id JRVF2S43E2W438XY cdn-cachedat 02/11/2023 19:24:54 cdn-pullzone 53731 x-amz-id-2 ZtLH+WxsvEC7cFPi75HNnpmV9c6ZdpOO3CXRervl1ZSnjUbzZ0aXXsH0r2822l3Jq+mpEhrvCOQ= last-modified Wed, 05 Oct 2022 16:49:45 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"d200986501135078d1fbd7f480e7bb08" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 72a08337c34199e869c154842eb586f8 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	0.0a035390359aab65eb82.js Show response load.sumo.com/	5 KB 3 KB	45ms 44ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/0.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:44 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id JRV0VYNBQRMRJ9YE cdn-cachedat 02/11/2023 19:24:54 cdn-pullzone 53731 x-amz-id-2 1vCyhoeb2TwcMfTReDsQRoYTNKiph6vwZKD9O3LG3XCgzfhHjLRgf20BFOuhN/8oqbueLhE5Tf4= last-modified Wed, 05 Oct 2022 16:48:56 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"31baf056af3800bbd6e4f9e8b445d052" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 07b75d8ae9c4c06e29259059bb1e0f25 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	96.0a035390359aab65eb82.js Show response load.sumo.com/	1 MB 80 KB	46ms 45ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/96.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:44 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id TVGTD0SQBVJ8EQY8 cdn-cachedat 02/11/2023 19:24:55 cdn-pullzone 53731 x-amz-id-2 905lJ6IAIvZt0cYYdXxw68diwl6TsZhVbjvhIja7jX60IiLkWtlUkNV2cpk9o39ULyVMILVjfy8= last-modified Wed, 05 Oct 2022 16:50:09 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"f33273f5c8e8dd3d010a11b209891b91" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid cb48bd9195253b59be61b9ef7f8840e3 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	97.0a035390359aab65eb82.js Show response load.sumo.com/	221 B 994 B	48ms 48ms	Script text/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/97.0a035390359aab65eb82.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT1-731 / Resource Hash 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:44 GMT content-encoding br cdn-edgestorageid 731 x-amz-request-id TVGNR8KNZBFNTXR8 cdn-cachedat 02/11/2023 19:24:55 cdn-pullzone 53731 x-amz-id-2 AyYNrDO8CXvNCuHYP2N7LaekNMOCObd1S8X/Z9EMR7NOVBIwyOLjsFfEusqV75v4Bej+C4rMpms= last-modified Wed, 05 Oct 2022 16:50:09 GMT server BunnyCDN-AT1-731 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"857476cf6e94c14c223d4481353b4c19" vary Accept-Encoding, Accept-Encoding content-type text/javascript access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid cd0c868f82a4c3c543e89e13a19e2f9e cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	capture Show response api.leadpages.io/analytics/v1/observations/	35 B 445 B	146ms 145ms	XHR image/gif	35.192.151.63 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=h2DktTD289vhBxWkSzdefy&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=217.70000076293945,73.79999923706055,1,492.1000003814697 Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 03 Mar 2023 20:51:44 GMT Server Stargate Transfer-Encoding chunked access-control-max-age 600 Content-Type image/gif access-control-allow-origin https://go.behindthemarkets.com X-Forwarded-For 80.255.7.106 access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 07b2sq5r85phkif3lpmg
GET H3	200	css fonts.googleapis.com/	31 KB 1 KB	76ms 76ms	Stylesheet text/css	2a00:1450:400d:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800 Requested by Host: client URL: about:client Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f62057301cbebb6162864bdcbafc8c452cea3925b02b963acdf0324997c11625 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 03 Mar 2023 20:51:44 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 03 Mar 2023 20:29:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 03 Mar 2023 20:51:44 GMT
GET H2	200	features Show response sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/	3 KB 1 KB	252ms 252ms	XHR application/json	35.86.95.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/features?site_id=7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794 Requested by Host: load.sumo.com URL: https://load.sumo.com/73.0a035390359aab65eb82.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-86-95-232.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 X-Sumo-Auth 59evFIdL2roO5XqltpSzmtB5 Response headers date Fri, 03 Mar 2023 20:51:44 GMT content-encoding gzip server nginx etag "-362431178" x-frame-options SAMEORIGIN vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://go.behindthemarkets.com access-control-allow-credentials true x-robots-tag noindex, nofollow
GET H2	200	memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 fonts.gstatic.com/s/opensans/v34/	47 KB 47 KB	67ms 66ms	Font font/woff2	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://go.behindthemarkets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 19:37:29 GMT x-content-type-options nosniff age 90855 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47952 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:22:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Mar 2024 19:37:29 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	53ms 53ms	Font font/woff2	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://go.behindthemarkets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 19:34:57 GMT x-content-type-options nosniff age 91007 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Mar 2024 19:34:57 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	74ms 73ms	Font font/woff2	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://go.behindthemarkets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 19:34:57 GMT x-content-type-options nosniff age 91007 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Mar 2024 19:34:57 GMT
GET H/1.1	200 OK	capture Show response api.leadpages.io/analytics/v1/observations/ Frame A372	35 B 443 B	145ms 145ms	XHR image/gif	35.192.151.63 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=f3GSiGsDD8UenX6NbLv6dw&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=54.29999923706055,63.10000038146973,1 Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://btm-btm-btm.lpages.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 03 Mar 2023 20:51:44 GMT Server Stargate Transfer-Encoding chunked access-control-max-age 600 Content-Type image/gif access-control-allow-origin https://btm-btm-btm.lpages.co X-Forwarded-For 80.255.7.106 access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 07b2sq7ku5uaeslduo00
OPTIONS H2	204	features sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/ Frame	0 0	206ms 205ms	Preflight	35.86.95.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/features?site_id=7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-86-95-232.us-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-sumo-auth Access-Control-Request-Method GET Origin https://go.behindthemarkets.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type access-control-allow-methods GET,HEAD,PUT,POST,DELETE access-control-allow-origin https://go.behindthemarkets.com access-control-max-age 2592000 date Fri, 03 Mar 2023 20:51:44 GMT server nginx
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	48ms 47ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3310&_p=7249313&cid=1103588713.1677876700&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1677876699&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Flimited-time-offer-4-video%2F%3F_ef_transaction_id%3D503c7149854d4f239257d3a9ea272aa3%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dadrienne.dicecco%2540cna.com%26iocid%3D%26aff%3D82%26creative_id%3D%26sub3%3DB%26sub2%3Dthedailylaunch.com%26sub4%3DBTCV20%26sub5%3D%26oid%3D22&dt=%22Cut%20%26%20Paste%22&_s=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 03 Mar 2023 20:51:44 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.behindthemarkets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	analytics Show response analytics-ingress-global.bitmovin.com/	0 42 B	52ms 52ms	XHR application/json	35.190.27.197 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics-ingress-global.bitmovin.com/analytics Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 197.27.190.35.bc.googleusercontent.com Software v1.55.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Mar 2023 20:51:45 GMT via 1.1 google server v1.55.1 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization alt-svc clear
POST H2	204	analytics Show response analytics-ingress-global.bitmovin.com/	0 42 B	53ms 53ms	XHR application/json	35.190.27.197 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics-ingress-global.bitmovin.com/analytics Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 197.27.190.35.bc.googleusercontent.com Software v1.55.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Fri, 03 Mar 2023 20:51:45 GMT via 1.1 google server v1.55.1 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization alt-svc clear
GET H2	200	s_11.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/	47 KB 47 KB	50ms 49ms	XHR audio/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/audio/h264_96000/s_11.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 526479d554f0f97167f699b8c1c6f6fc1173c592bde2c8c83c61fba96145d0c0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:45 GMT x-cdn 4 x-guploader-uploadid ADPycdsptv3rZTng_0DeXeZMfBUP0kUEUZYv56vQgcMwyW4UR86xjNbrI-Dg_6_CliUd0XuBYqmcql6cJUemBlTMLcdCkWwFMBSy x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47804 last-modified Fri, 24 Sep 2021 13:32:47 GMT server UploadServer etag "a299857a1d22a3d155c7dd86c8e4bebc" x-goog-generation 1632490367244228 content-type audio/mp4 access-control-allow-origin * x-goog-hash crc32c=++Sr2Q==, md5=opmFeh0io9FVx92GyOS+vA== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876705.cds324.fr8.hn,1677876705.cds286.fr8.c x-goog-stored-content-length 47804 accept-ranges bytes
GET H2	200	s_11.m4s Show response fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/	973 KB 974 KB	44ms 44ms	XHR video/mp4	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://fast.vidalytics.com/video/PzpZ_7KZ/rU3MZCJszqAFYF8V/45536/37823/fmp4/video/1280x720_h264_2000000/s_11.m4s Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software UploadServer / Resource Hash 1ec0ee17911aad83ff13b33cde24aa2d2b2e6ccac6ed831737040f8ac3700bff Request headers accept-language de-DE,de;q=0.9 Referer https://go.behindthemarkets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 20:51:45 GMT x-cdn 4 x-guploader-uploadid ADPycdsGycWDAk8kc0e48ICZVsXiNMwVth9Vzktj9BEGOe67Wq2lyAgV6OBdqwdiybk1U0hSYZBNP5dCkcNoMGsVivvPjMbt2oan x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 996746 last-modified Fri, 24 Sep 2021 13:33:06 GMT server UploadServer etag "0eed8a1c85a29855ec2f3019690574f7" x-goog-generation 1632490386723853 content-type video/mp4 access-control-allow-origin * x-goog-hash crc32c=fyW7Xw==, md5=Du2KHIWimFXsLzAZaQV09w== access-control-expose-headers Content-Type cache-control public, max-age=31104000 x-hw 1677876705.cds324.fr8.hn,1677876705.cds161.fr8.c x-goog-stored-content-length 996746 accept-ranges bytes
POST H2	200	scribe Show response stats.vidalytics.com/	16 B 81 B	273ms 272ms	XHR application/json	107.178.211.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.vidalytics.com/scribe Requested by Host: go.behindthemarkets.com URL: https://go.behindthemarkets.com/limited-time-offer-4-video/?_ef_transaction_id=503c7149854d4f239257d3a9ea272aa3&utm_source=82&utm_campaign=&utm_medium=&id=adrienne.dicecco%40cna.com&iocid=&aff=82&creative_id=&sub3=B&sub2=thedailylaunch.com&sub4=BTCV20&sub5=&oid=22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 97.211.178.107.bc.googleusercontent.com Software istio-envoy / Resource Hash 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c Request headers Referer https://go.behindthemarkets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 03 Mar 2023 20:51:45 GMT x-envoy-upstream-service-time 2 server istio-envoy content-length 16 access-control-allow-methods POST,OPTIONS content-type application/json