go.behindthemarkets.com Open in urlscan Pro
35.202.21.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.mail.equityenlightenment.com/?qs=757e1b71d63b09a399965b86cb58b5d6a613897b52a2c2d72ddeeb6253261e6714ade88a1266a955fbf087558cde...
Effective URL:
https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&u...
Submission: On October 06 via manual (October 6th 2023, 11:13:09 am UTC) from IN — Scanned from DE

Summary HTTP 125 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 26 domains to perform 125 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is go.behindthemarkets.com.
TLS certificate: Issued by R3 on September 27th 2023. Valid for: 3 months.

This is the only time go.behindthemarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.245.210.40 128.245.210.40	14340 (SALESFORCE) (SALESFORCE)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	50.97.212.250 50.97.212.250	36351 (SOFTLAYER) (SOFTLAYER)
1 3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	34.225.139.193 34.225.139.193	14618 (AMAZON-AES) (AMAZON-AES)
4	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
39	192.229.220.49 192.229.220.49	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
1	13.43.151.221 13.43.151.221	16509 (AMAZON-02) (AMAZON-02)
6	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	107.178.211.97 107.178.211.97	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.190.27.197 35.190.27.197	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:d... 2600:1901:0:df23::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	34.220.132.2 34.220.132.2	16509 (AMAZON-02) (AMAZON-02)
125	29

1 128.245.210.40 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: ajo40.mta.exacttarget.com

click.mail.equityenlightenment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tracking.equityenlightenment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.97.212.250 (San Jose, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com

www.clkmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.behindthemarkets-btm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

go.behindthemarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
btm-btm-btm.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.139.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-139-193.compute-1.amazonaws.com

behindthemarkets.app.optipub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 192.229.220.49 (United States)

ASN15133 (EDGECAST, US)

fast.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.43.151.221 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-151-221.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.211.97 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.211.178.107.bc.googleusercontent.com

stats.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.27.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.27.190.35.bc.googleusercontent.com

analytics-ingress-global.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:df23:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

licensing.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.220.132.2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-220-132-2.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	vidalytics.com fast.vidalytics.com — Cisco Umbrella Rank: 157079 stats.vidalytics.com — Cisco Umbrella Rank: 131978	14 MB
19	sumo.com load.sumo.com — Cisco Umbrella Rank: 17365 sumo.com — Cisco Umbrella Rank: 15977	448 KB
7	gstatic.com fonts.gstatic.com	215 KB
6	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 36929	3 KB
5	bitmovin.com analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 36345 licensing.bitmovin.com — Cisco Umbrella Rank: 8819	945 B
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6147	776 B
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	2 KB
4	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4198 gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541	27 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 3555	55 KB
4	center.io js.center.io — Cisco Umbrella Rank: 42065	15 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	276 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	4 KB
3	behindthemarkets-btm.com 1 redirects www.behindthemarkets-btm.com	21 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 70	137 KB
2	optipub.com behindthemarkets.app.optipub.com	9 KB
2	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 41511	29 KB
2	equityenlightenment.com 2 redirects click.mail.equityenlightenment.com tracking.equityenlightenment.com	1 KB
1	anura.io script.anura.io — Cisco Umbrella Rank: 59065
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1361	50 KB
1	lpages.co btm-btm-btm.lpages.co	18 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 61933	42 KB
1	behindthemarkets.com go.behindthemarkets.com	20 KB
1	clkmg.com 1 redirects www.clkmg.com — Cisco Umbrella Rank: 281489	1006 B
125	26

	Domain	Requested by
39	fast.vidalytics.com	go.behindthemarkets.com fast.vidalytics.com
14	load.sumo.com	go.behindthemarkets.com load.sumo.com
7	fonts.gstatic.com	fonts.googleapis.com
6	api.leadpages.io	js.center.io embed.lpcontent.net
5	sumo.com	load.sumo.com
4	stats.vidalytics.com	go.behindthemarkets.com
4	www.google.de	go.behindthemarkets.com
4	dev.visualwebsiteoptimizer.com	go.behindthemarkets.com dev.visualwebsiteoptimizer.com
4	js.center.io	go.behindthemarkets.com js.center.io btm-btm-btm.lpages.co
3	analytics-ingress-global.bitmovin.com	go.behindthemarkets.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	go.behindthemarkets.com www.googletagmanager.com
3	fonts.googleapis.com	go.behindthemarkets.com btm-btm-btm.lpages.co client
3	www.behindthemarkets-btm.com	1 redirects go.behindthemarkets.com www.behindthemarkets-btm.com
2	licensing.bitmovin.com	go.behindthemarkets.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	www.google.com	1 redirects go.behindthemarkets.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	lh3.googleusercontent.com	go.behindthemarkets.com
2	behindthemarkets.app.optipub.com	go.behindthemarkets.com
2	static.leadpages.net	go.behindthemarkets.com btm-btm-btm.lpages.co
1	mug.criteo.com	go.behindthemarkets.com
1	googleads.g.doubleclick.net	1 redirects
1	script.anura.io	go.behindthemarkets.com
1	dynamic.criteo.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	btm-btm-btm.lpages.co	embed.lpcontent.net
1	embed.lpcontent.net	go.behindthemarkets.com
1	go.behindthemarkets.com
1	www.clkmg.com	1 redirects
1	tracking.equityenlightenment.com	1 redirects
1	click.mail.equityenlightenment.com	1 redirects
125	34

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
behindthemarkets.com

Subject Issuer	Validity	Valid
go.behindthemarkets.com R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2023-08-19` - `2023-11-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
behindthemarkets-btm.com E1	`2023-09-02` - `2023-12-01`	3 months	crt.sh
embed.lpcontent.net GTS CA 1D4	`2023-10-03` - `2024-01-01`	3 months	crt.sh
js.center.io GTS CA 1D4	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
optipub.com Amazon RSA 2048 M02	`2023-09-05` - `2024-10-03`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.vidalytics.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-30` - `2023-12-31`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.lpages.co R3	`2023-09-26` - `2023-12-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-16` - `2024-02-16`	a year	crt.sh
script.anura.io Amazon RSA 2048 M01	`2023-06-12` - `2024-07-10`	a year	crt.sh
*.leadpages.io R3	`2023-09-28` - `2023-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.bitmovin.com Go Daddy Secure Certificate Authority - G2	`2023-05-08` - `2024-06-08`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Frame ID: 1088D20951EE9628C5C8B50AC0AF68AD
Requests: 116 HTTP requests in this frame

Frame: https://btm-btm-btm.lpages.co/serve-leadbox/n5w5XctuDuLimFT4gbQDEf/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&aff=82&id=randal.sipkema%40ampf.com&iocid=&oid=66&utm_campaign=&utm_medium=&utm_source=82
Frame ID: 985891EC0BEEC3D2E32E2F2529705B5D
Requests: 5 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: A0354C979FC5BF06E3BC31BC84A04768
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag
Frame ID: DAE5368B79DD62E580B861B808BA7201
Requests: 2 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: BEF186B72AAB44BACDBB65F54B577621
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BTM - War Games VSL

Page URL History Show full URLs

https://click.mail.equityenlightenment.com/?qs=757e1b71d63b09a399965b86cb58b5d6a613897b52a2c2d72ddeeb6253261e6714ade88a... HTTP 302
https://tracking.equityenlightenment.com/RA0342/randal.sipkema@ampf.com/052EE/B/BTWG9a HTTP 302
https://www.clkmg.com/RomanAnal/RA0342/randal.sipkema@ampf.com/052EE/B/BTWG9a HTTP 302
https://www.behindthemarkets-btm.com/4P7M9M/48M9K3/?sub1=randal.sipkema@ampf.com&sub2=052EE&sub3=B&sub4=BTWG9a&sub5= HTTP 302
https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_sourc... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

125
Requests

98 %
HTTPS

56 %
IPv6

26
Domains

34
Subdomains

29
IPs

5
Countries

15755 kB
Transfer

20596 kB
Size

25
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://vidalytics.com/?utm_source=Powered%20By&utm_medium=Player&utm_content=PzpZ_7KZ
Title: Powered by Vidalytics

Search URL Search Domain Scan URL

URL: https://vidalytics.com/contact?utm_source=Report%20an%20issue&utm_medium=Player&utm_content=PzpZ_7KZ
Title: Report an issue

Search URL Search Domain Scan URL

URL: https://behindthemarkets.com/p/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://behindthemarkets.com/p/terms
Title: Terms & Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.mail.equityenlightenment.com/?qs=757e1b71d63b09a399965b86cb58b5d6a613897b52a2c2d72ddeeb6253261e6714ade88a1266a955fbf087558cde37a9dcc5702e688e85f3 HTTP 302
https://tracking.equityenlightenment.com/RA0342/randal.sipkema@ampf.com/052EE/B/BTWG9a HTTP 302
https://www.clkmg.com/RomanAnal/RA0342/randal.sipkema@ampf.com/052EE/B/BTWG9a HTTP 302
https://www.behindthemarkets-btm.com/4P7M9M/48M9K3/?sub1=randal.sipkema@ampf.com&sub2=052EE&sub3=B&sub4=BTWG9a&sub5= HTTP 302
https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/660882099/?random=824853854&cv=11&fst=1696590779794&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=BTM%20-%20War%20Games%20VSL&value=0&auid=831845161.1696590780&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=u-sfZZDHNPmS7_UP_7yHkAw&sscte=1&crd=&eitems=ChEI8OD-qAYQ34yopoSCrOOPARIdAHkFAjPyzM569jx2esX1AsZjRPGMhGTi91UFY1Q&pscrd=EkxDaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVVBdE1TZkoySVpDalFBNmNveDNZTzl0VFp0ZXZod3RkaThuSFVIWGRhcDJtU2ZkbkRaGlhDaEVJOE9ELXFBWVFtb1gybGRieHBaXzdBUkl0QU5sTWh2Q3hDeFh2a190Q09zOFh2aXFqbmVJZk0tZlVnRkZsWlRsMnZpanV0N3lKVUlzWFF6S3l4LVh1IhMI0JCNlqXhgQMVecm7CB1_3gHC HTTP 302
https://www.google.com/pagead/1p-conversion/660882099/?random=824853854&cv=11&fst=1696590779794&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=BTM%20-%20War%20Games%20VSL&value=0&auid=831845161.1696590780&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVVBdE1TZkoySVpDalFBNmNveDNZTzl0VFp0ZXZod3RkaThuSFVIWGRhcDJtU2ZkbkRaGlhDaEVJOE9ELXFBWVFtb1gybGRieHBaXzdBUkl0QU5sTWh2Q3hDeFh2a190Q09zOFh2aXFqbmVJZk0tZlVnRkZsWlRsMnZpanV0N3lKVUlzWFF6S3l4LVh1IhMI0JCNlqXhgQMVecm7CB1_3gHC&is_vtc=1&ocp_id=u-sfZZDHNPmS7_UP_7yHkAw&eitems=ChEI8OD-qAYQ34yopoSCrOOPARIdAHkFAjN1CUqrU7LbzuEupnmdwkbu4snBw3UxVVo&random=121543684 HTTP 302
https://www.google.de/pagead/1p-conversion/660882099/?random=824853854&cv=11&fst=1696590779794&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=BTM%20-%20War%20Games%20VSL&value=0&auid=831845161.1696590780&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVVBdE1TZkoySVpDalFBNmNveDNZTzl0VFp0ZXZod3RkaThuSFVIWGRhcDJtU2ZkbkRaGlhDaEVJOE9ELXFBWVFtb1gybGRieHBaXzdBUkl0QU5sTWh2Q3hDeFh2a190Q09zOFh2aXFqbmVJZk0tZlVnRkZsWlRsMnZpanV0N3lKVUlzWFF6S3l4LVh1IhMI0JCNlqXhgQMVecm7CB1_3gHC&is_vtc=1&ocp_id=u-sfZZDHNPmS7_UP_7yHkAw&eitems=ChEI8OD-qAYQ34yopoSCrOOPARIdAHkFAjN1CUqrU7LbzuEupnmdwkbu4snBw3UxVVo&random=121543684&ipr=y

Request Chain 48

https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5qVuunxicnF2ZG52c3hpclAyaE9Dd21UdThJZXlYQ1lGbG5SclY4UG1xVkp6ZHRvaG16RGo0R3d6dXEyLzZ2SVV3c2JncE1vSnVhRmRGMXZaT2VuZG5Wa1hFN3BVQ3VZWVBLaU5admxHVGFHSnlrdEdvLzY5bWo5UzJhanBPNCt5U0l2ckRGY1VOVWZKcFVLVFdXallqSWFwMVhndWJrTkVtQWNWd3k5YkdWbzlEdytGaGtRcnB2ZTd3WnRWOWRyR29wb2NXZlo2MWRKK3lnMTVmbUhsMWU2UU8vUTBzMFhOV0poeFF0L0FqUUZEYjdmRGpFUlNjRDNSdzkzRjZLenh6R1dJZ2RTc1VHSzRVSWl4RlB0ZFZYZVMvM2M3TEQ5OGhzYnlTem5UcUNVekJaRT18&cppv=2

125 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
go.behindthemarkets.com/war-games-vsl/
Redirect Chain

https://click.mail.equityenlightenment.com/?qs=757e1b71d63b09a399965b86cb58b5d6a613897b52a2c2d72ddeeb6253261e6714ade88a1266a955fbf087558cde37a9dcc5702e688e85f3
https://tracking.equityenlightenment.com/RA0342/randal.sipkema@ampf.com/052EE/B/BTWG9a
https://www.clkmg.com/RomanAnal/RA0342/randal.sipkema@ampf.com/052EE/B/BTWG9a
https://www.behindthemarkets-btm.com/4P7M9M/48M9K3/?sub1=randal.sipkema@ampf.com&sub2=052EE&sub3=B&sub4=BTWG9a&sub5=
https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66

96 KB
20 KB

544ms
255ms

Document
text/html

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

de589a5df465b30f78f3ebc2034b7b8dd00094380585923d151cbb2c11564ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Fri, 06 Oct 2023 11:12:59 GMT
etag: W/"adbfe9c12c8dbe85ca429063ca04421e"
last-modified: Mon, 21 Aug 2023 15:31:50 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811d78ef7c2b18e3-FRA
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 11:12:58 GMT
location: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frHvhdTJm0RyvqiXOifHiOLmbfMYuviuPTrUGLvqIRtVWESKIgHWBvKDSZiB7aqetcnsAZXc%2F288lf1v3xq3Ois1%2BThO%2F9is%2BbobVaCppJZ%2Bb992qZci1bHqdwx0YvBf9%2FnPojYXJq7GZ4udqN6UPfGWCQjB%2FlaPHB8%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
via: 1.1 google
x-eflow-request-id: 9be14037-9861-4183-8e4f-40492f803f2f

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 91ms
23ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 23:19:52 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 820387
etag: "nBpTOw"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: e36963e46707ade1308ce38e550030bd
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Wed, 25 Sep 2024 23:19:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 82ms
34ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Merriweather:300,400,500,700|Open+Sans:300,400,500,700

Requested by

Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

faa80a0013547435c8cd7a62de426e1c20a0bf93078b618fe898bc380a0c6163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 11:12:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 11:12:59 GMT

GET
H2 200 everflow.js Show response
www.behindthemarkets-btm.com/scripts/sdk/ 60 KB
19 KB 31ms
30ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e426e330d152fce1b2e4a53ff4062cfe1531acca6f02c9b5329009d496aad05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13252
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 06 Oct 2023 07:32:07 GMT
accept-ch: Sec-Ch-Ua-Platform-Version
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRu9h73kMIOnug7z00h5Rdr87YtqfGiWwswQBaoufj9znNTunO2MNrmrvF65kacsOZxIEEtljkjFZ8OsWglyshvZv6GHqvj464T0%2BcYQXx0ZfisaDqF4BTQUKz6iicfeluvC8YKLiauW12eFAwiU00NmbwLStyBYK%2BAt"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 74cf6be8-e4d8-4128-974e-cf841d2856be
cf-ray: 811d78f3d9ac18e3-FRA

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
42 KB 95ms
29ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:10:36 GMT
via: 1.1 google
server: Google Frontend
age: 143
etag: "nBpTOw"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 417181103574ed27eaa87d7c81b82464
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42811
expires: Fri, 06 Oct 2023 11:15:36 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 135ms
62ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:13 GMT
content-encoding: gzip
server: Google Frontend
age: 46
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 1ec39fd8f46b16008c7ca068f5148703
cache-control: public, max-age=300
content-length: 5417
expires: Fri, 06 Oct 2023 11:17:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
95 KB 98ms
50ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74a756c32ca129e0c5cd78d2d547da2bd6bb771e9116feafe80af73650b7df23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96936
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Oct 2023 11:12:59 GMT

GET
H/1.1 200
OK sdk.js Show response
behindthemarkets.app.optipub.com/sdk/ 17 KB
7 KB 798ms
419ms Script
application/javascript 34.225.139.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://behindthemarkets.app.optipub.com/sdk/sdk.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.139.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-139-193.compute-1.amazonaws.com
Software: Apache/2.4.57 () OpenSSL/1.0.2k-fips PHP/7.3.33 / PHP/7.3.33
Resource Hash: d59a74862cc6c91ca00868fe7af4d67ee75532aab80a7c4f9922b50a8691d81f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 11:13:00 GMT
Content-Encoding: gzip
Server: Apache/2.4.57 () OpenSSL/1.0.2k-fips PHP/7.3.33
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: application/javascript
Cache-Control: max-age=3600, private
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 6633

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 9 KB
3 KB 113ms
65ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=601261&u=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&f=1&vn=1.5
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 82df9bb591c4c23bc844d3129b5b63d999c6a22b7f6f2af0d689c283924e5459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1696449045"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 loader.min.js Show response
fast.vidalytics.com/embeds/PzpZ_7KZ/upQQlpwQI_8hq6up/ 42 KB
42 KB 710ms
589ms Script
application/javascript 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/upQQlpwQI_8hq6up/loader.min.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (dac/9C92) /
Resource Hash: a4ce076db28f9335c806aa55720b6232f01cc56b639516b38270b5a8c44a67cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
via: 1.1 google
server: ECAcc (dac/9C92)
x-cdn: 3
x-cdn-info: loader
x-cdn-site: c3-prod
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=60, s-maxage=600
x-lb-backend: api-prod
x-lb-cache: disabled
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 krXp2oLHGgpIanSlBFUbpxx-QB-lQsImMzhfiLRxVecNdW4C18Id0pqxUYvj7vUFdarWW9qj2967P7KesSnagItFNqpIE8p55A=s16
lh3.googleusercontent.com/ 558 B
855 B 154ms
78ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/krXp2oLHGgpIanSlBFUbpxx-QB-lQsImMzhfiLRxVecNdW4C18Id0pqxUYvj7vUFdarWW9qj2967P7KesSnagItFNqpIE8p55A=s16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b279ee56e50c6b03459b6b33dc5fcded67390e629237bd1b21088eea1fc1eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 558
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 07 Oct 2023 11:12:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 68ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Merriweather:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:37:30 GMT
x-content-type-options: nosniff
age: 113729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 03:37:30 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 75ms
26ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Merriweather:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:02:05 GMT
x-content-type-options: nosniff
age: 544254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 04:02:05 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 120ms
71ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Merriweather:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 21:27:02 GMT
x-content-type-options: nosniff
age: 481557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 21:27:02 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 119ms
70ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Merriweather:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 61000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:16:19 GMT

GET
H2 200 krXp2oLHGgpIanSlBFUbpxx-QB-lQsImMzhfiLRxVecNdW4C18Id0pqxUYvj7vUFdarWW9qj2967P7KesSnagItFNqpIE8p55A=w1600
lh3.googleusercontent.com/ 136 KB
136 KB 351ms
296ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/krXp2oLHGgpIanSlBFUbpxx-QB-lQsImMzhfiLRxVecNdW4C18Id0pqxUYvj7vUFdarWW9qj2967P7KesSnagItFNqpIE8p55A=w1600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0ac09d816dec12a974843bad2e6ceb88fac5a4dd07906d4be7f32d1914a4f588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139386
x-xss-protection: 0
expires: Sat, 07 Oct 2023 11:12:59 GMT

GET
H2 200 / Show response
btm-btm-btm.lpages.co/serve-leadbox/n5w5XctuDuLimFT4gbQDEf/ Frame 9858 87 KB
18 KB 552ms
260ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://btm-btm-btm.lpages.co/serve-leadbox/n5w5XctuDuLimFT4gbQDEf/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&aff=82&id=randal.sipkema%40ampf.com&iocid=&oid=66&utm_campaign=&utm_medium=&utm_source=82

Requested by

Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

68b229ad247dcf0086bd4ffc68865830bd1a8290f9a1b77a715f021f1b86b0ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Fri, 06 Oct 2023 11:13:00 GMT
etag: W/"24c249546be8f2ddf2604556e7bf16b6"
last-modified: Sun, 23 Oct 2022 22:30:17 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H3 200 tag-183c401382c37bbbee202fd08b53d1f2.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 180 KB
50 KB 57ms
29ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-183c401382c37bbbee202fd08b53d1f2.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=601261&u=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&f=1&vn=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d7bf8d5d3cef884a3c569fed78737516ee9313f56c4314bfc5ef1ef37b429c3f

Request headers

Referer: https://go.behindthemarkets.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 04 Oct 2023 12:16:03 GMT
server: gfra1
etag: "651d5783-c8fb"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51451

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
142 B 126ms
126ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=601261&d=go.behindthemarkets.com&u=D62771EA76912B2198A3FF5A19B91FEE5&h=40f6edb517d5b19a322b4b7dedea621e&t=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 identify.html Show response
js.center.io/ Frame A035 4 KB
2 KB 30ms
29ms Document
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Fri, 06 Oct 2023 11:12:09 GMT
etag: "OMWYXg"
expires: Fri, 06 Oct 2023 11:17:09 GMT
server: Google Frontend
x-cloud-trace-context: c19ac3464e645154a39b3898330bfcc1

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 127 KB
50 KB 84ms
36ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-K7WPB5K

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22fe7c7585a2fa5d79284f93befb57b3cb4f28cf9fa77b0d1a18805926b82ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50535
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Oct 2023 11:12:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 69ms
20ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 09:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4997
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 06 Oct 2023 11:49:42 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/660882099/ 3 KB
2 KB 81ms
33ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/660882099/?random=1696590779794&cv=11&fst=1696590779794&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=BTM%20-%20War%20Games%20VSL&value=0&bttype=purchase&auid=831845161.1696590780&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

192c99ad6a049bb9588160b0021f2546db83288373f89d43cd8580dcf01021c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1734
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 117ms
43ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=93258

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0946cb87b7a79f481e8918c9754da72dac3364563c52f58e623ac23a170a49c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 88ms
20ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: 1KYFJQFMBFJKH37P
cdn-cachedat: 08/01/2023 19:55:24
cdn-pullzone: 53731
x-amz-id-2: qq+ntw5IJPjgabl5D2IupL5Qw6IGEklZlzXzRWgabNShliLdR2eEmsTuZwMPqR0zNmJqeRsDUJM=
last-modified: Wed, 05 Oct 2022 16:50:13 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"415c9608bc47ee8a16b3a2f2c0aee7b0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=600
cdn-requestid: 357a24e37b1181e940592421482e1f19
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 403 request.js
script.anura.io/ 0
0 122ms
42ms Script
application/javascript 13.43.151.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.anura.io/request.js?instance=2840531173&source=82&campaign=undefined&181365303537
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.43.151.221 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-43-151-221.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
90 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0d0323a920c7743a18b714ad17e4edac817767a09274b9d16ad5e72c6c07fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 11:12:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
91 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eede99a8734b5e0bb0154cd4d49901ba1e32926b7c948335e064188a6a0f764f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 11:12:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Merriweather:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 68408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:12:51 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
685 B 420ms
140ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=hFC2Rwu8a7kGVPWNbEoZ6n&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=zonsBY7aCw5c4k5CynEkif&sid=THWJgzo96fHfrWdYhGviac&cid=lp-hFC2Rwu8a7kGVPWNbEoZ6n&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&rf=&rx=1600&ry=1200&tz=%2B02%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 11:13:00 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 217.114.218.27
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 03rb224vsuu34t3kb350

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 5 KB
1 KB 30ms
30ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=601261&settings_type=1&vn=7.0
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-183c401382c37bbbee202fd08b53d1f2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 923927deea7c19b73b9aa07a9649e7bacb6c4f08f2a23485346b4d88ac70ec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1696449045"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

/
www.google.de/pagead/1p-conversion/660882099/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/660882099/?random=824853854&cv=11&fst=1696590779794&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.be...
https://www.google.com/pagead/1p-conversion/660882099/?random=824853854&cv=11&fst=1696590779794&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2F...
https://www.google.de/pagead/1p-conversion/660882099/?random=824853854&cv=11&fst=1696590779794&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fw...

42 B
154 B

40ms
40ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/660882099/?random=824853854&cv=11&fst=1696590779794&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=BTM%20-%20War%20Games%20VSL&value=0&auid=831845161.1696590780&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVVBdE1TZkoySVpDalFBNmNveDNZTzl0VFp0ZXZod3RkaThuSFVIWGRhcDJtU2ZkbkRaGlhDaEVJOE9ELXFBWVFtb1gybGRieHBaXzdBUkl0QU5sTWh2Q3hDeFh2a190Q09zOFh2aXFqbmVJZk0tZlVnRkZsWlRsMnZpanV0N3lKVUlzWFF6S3l4LVh1IhMI0JCNlqXhgQMVecm7CB1_3gHC&is_vtc=1&ocp_id=u-sfZZDHNPmS7_UP_7yHkAw&eitems=ChEI8OD-qAYQ34yopoSCrOOPARIdAHkFAjN1CUqrU7LbzuEupnmdwkbu4snBw3UxVVo&random=121543684&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/660882099/?random=824853854&cv=11&fst=1696590779794&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&label=jybGCJiRo9AYELOFkbsC&hn=www.googleadservices.com&frm=0&tiba=BTM%20-%20War%20Games%20VSL&value=0&auid=831845161.1696590780&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVVBdE1TZkoySVpDalFBNmNveDNZTzl0VFp0ZXZod3RkaThuSFVIWGRhcDJtU2ZkbkRaGlhDaEVJOE9ELXFBWVFtb1gybGRieHBaXzdBUkl0QU5sTWh2Q3hDeFh2a190Q09zOFh2aXFqbmVJZk0tZlVnRkZsWlRsMnZpanV0N3lKVUlzWFF6S3l4LVh1IhMI0JCNlqXhgQMVecm7CB1_3gHC&is_vtc=1&ocp_id=u-sfZZDHNPmS7_UP_7yHkAw&eitems=ChEI8OD-qAYQ34yopoSCrOOPARIdAHkFAjN1CUqrU7LbzuEupnmdwkbu4snBw3UxVVo&random=121543684&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 72.0a035390359aab65eb82.js Show response
load.sumo.com/ 131 KB
44 KB 24ms
23ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: FMGSGJGQBTWVRJ1S
cdn-cachedat: 07/26/2023 06:51:53
cdn-pullzone: 53731
x-amz-id-2: WSEl9xTH2Gn9NK4dG4tUKq7PjWu4UUEG//nx63LwmWyrTOkJik1SfwhZaBDn+vN/N7UOQCwf0Z8=
last-modified: Wed, 05 Oct 2022 16:49:50 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"a1c4ecc2ca5bc12d61068cd427f9729f"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 41ad1a0a55b804a79e68cfcca84030e5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 73.0a035390359aab65eb82.js Show response
load.sumo.com/ 289 KB
100 KB 57ms
57ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:12:59 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: DWH88T81ZZEBPF44
cdn-cachedat: 01/05/2023 13:19:16
cdn-pullzone: 53731
x-amz-id-2: jOqTwrO7CKADB6A99P2KE8erCfBGDinliCUfMCHx9ofCH5Hyp/WWaFB+LMZTpDm3rXJNnXg+404=
last-modified: Wed, 05 Oct 2022 16:49:51 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"ad6f2454f01de902ffd473d51c1207bf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 342e14c400cb858b419d35d8007845d0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 30ms
29ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=71740323&t=pageview&_s=1&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&ul=en-us&de=UTF-8&dt=BTM%20-%20War%20Games%20VSL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAACAAI~&jid=1766204788&gjid=1046301094&cid=243031562.1696590780&tid=UA-102395123-1&_gid=1533549391.1696590780&_r=1&_slc=1&gtm=45He3a40n81WNRH3TX&cd1=82&cd2=c7632d10e71046c28d7a6cd9acc2aa16&cd3=false&cd4=false&cd5=false&cd6=false&cd7=false&z=1456638229

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:12:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 79ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDYSD5C2HD&gtm=45je3a40&_p=71740323&_gaz=1&cid=243031562.1696590780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696590779&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&dt=BTM%20-%20War%20Games%20VSL&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 90ms
30ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDYSD5C2HD&cid=243031562.1696590780&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 94ms
44ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDYSD5C2HD&cid=243031562.1696590780&gtm=45je3a40&aip=1&z=1806261836

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 34ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3a40&_p=71740323&_gaz=1&cid=243031562.1696590780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696590780&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&dt=BTM%20-%20War%20Games%20VSL&en=page_view&_fv=1&_ss=1&epn.variant_id=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 46ms
30ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8R6YNFMJ23&cid=243031562.1696590780&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
46ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=243031562.1696590780&gtm=45je3a40&aip=1&z=670616808

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DAE5 15 KB
6 KB 111ms
38ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=93258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 11:13:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 346972
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 27ms
26ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102395123-1&cid=243031562.1696590780&jid=1766204788&gjid=1046301094&_gid=1533549391.1696590780&_u=aEBAAEAAQAAAACAAI~&z=176982459

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Oct 2023 11:13:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 click Show response
www.behindthemarkets-btm.com/sdk/ 86 B
846 B 158ms
158ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.behindthemarkets-btm.com/sdk/click?effp=88732e18235b4ea97c1f1530dd7a880d&sec_ch_ua_platform=&sec_ch_ua_platform_version=&_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&oid=66&affid=82&__cc=&async=json&source_id=82&creative_id=
Requested by: Host: www.behindthemarkets-btm.com
URL: https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e1f9328c98f4665c5f41420d306e7bb2acaed2864788d7343d7b4e6be2ed4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-Ch-Ua-Platform-Version
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3ZBn5%2BVOUSK8a9khFZ7Fmm63uttq%2BAoIWjWLQW8F0DnrKDxqS47teY%2BLDxAhi%2BVs0RDZgfQnXZR%2BgknHNAN3CV5KMxb%2FShuLCtUSF5%2B4TVb9WPFr%2Ba%2Bunh7NzK8bjq6ZEevxpRaWN7e1oMiVGgTqORACPud%2B1TdA%2Bfo"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
x-eflow-request-id: 33e412bc-e42b-4021-aefb-f2a0cf5422c9
cf-ray: 811d78f88b753639-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 386ms
129ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=mPWAsQud8Y7JnHS2ip3jhg&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=210.3000030517578,1,n5w5XctuDuLimFT4gbQDEf
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 11:13:00 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 217.114.218.27
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 03rb0u6cnjtgc7vc8900

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 48ms
47ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102395123-1&cid=243031562.1696590780&jid=1766204788&_u=aEBAAEAAQAAAACAAI~&z=1864059319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 50ms
49ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102395123-1&cid=243031562.1696590780&jid=1766204788&_u=aEBAAEAAQAAAACAAI~&z=1864059319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame 9858 58 KB
14 KB 24ms
23ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/n5w5XctuDuLimFT4gbQDEf/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&aff=82&id=randal.sipkema%40ampf.com&iocid=&oid=66&utm_campaign=&utm_medium=&utm_source=82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 23:19:52 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 820388
etag: "nBpTOw"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: e36963e46707ade1308ce38e550030bd
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Wed, 25 Sep 2024 23:19:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9858 12 KB
955 B 69ms
68ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700

Requested by

Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/n5w5XctuDuLimFT4gbQDEf/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&aff=82&id=randal.sipkema%40ampf.com&iocid=&oid=66&utm_campaign=&utm_medium=&utm_source=82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

501c7d76cd9df45e974caf4a7bce411290d032e841df5ae74b690f0bc794e387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 11:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 11:13:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 11:13:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame DAE5
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=5qVuunxicnF2ZG52c3hpclAyaE9Dd21UdThJZXlYQ1lGbG5SclY4UG1xVkp6ZHRvaG16RGo0R3d6dXEyLzZ2SVV3c2JncE1vSnVhRmRGMXZaT2VuZG5Wa1hFN3BVQ3VZWVBLaU5admxHVGFHSnlrdEdvLzY5bWo5UzJhan...

454 B
679 B

99ms
27ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5qVuunxicnF2ZG52c3hpclAyaE9Dd21UdThJZXlYQ1lGbG5SclY4UG1xVkp6ZHRvaG16RGo0R3d6dXEyLzZ2SVV3c2JncE1vSnVhRmRGMXZaT2VuZG5Wa1hFN3BVQ3VZWVBLaU5admxHVGFHSnlrdEdvLzY5bWo5UzJhanBPNCt5U0l2ckRGY1VOVWZKcFVLVFdXallqSWFwMVhndWJrTkVtQWNWd3k5YkdWbzlEdytGaGtRcnB2ZTd3WnRWOWRyR29wb2NXZlo2MWRKK3lnMTVmbUhsMWU2UU8vUTBzMFhOV0poeFF0L0FqUUZEYjdmRGpFUlNjRDNSdzkzRjZLenh6R1dJZ2RTc1VHSzRVSWl4RlB0ZFZYZVMvM2M3TEQ5OGhzYnlTem5UcUNVekJaRT18&cppv=2

Requested by

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

786b08b2d1dd30b15fe38bc11ed00c1496ff6ddd908ca427b7ff7ca40822099a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:12:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1311909
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:12:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5qVuunxicnF2ZG52c3hpclAyaE9Dd21UdThJZXlYQ1lGbG5SclY4UG1xVkp6ZHRvaG16RGo0R3d6dXEyLzZ2SVV3c2JncE1vSnVhRmRGMXZaT2VuZG5Wa1hFN3BVQ3VZWVBLaU5admxHVGFHSnlrdEdvLzY5bWo5UzJhanBPNCt5U0l2ckRGY1VOVWZKcFVLVFdXallqSWFwMVhndWJrTkVtQWNWd3k5YkdWbzlEdytGaGtRcnB2ZTd3WnRWOWRyR29wb2NXZlo2MWRKK3lnMTVmbUhsMWU2UU8vUTBzMFhOV0poeFF0L0FqUUZEYjdmRGpFUlNjRDNSdzkzRjZLenh6R1dJZ2RTc1VHSzRVSWl4RlB0ZFZYZVMvM2M3TEQ5OGhzYnlTem5UcUNVekJaRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 264913
content-length: 0
expires: 0

GET
H2 200 center.js Show response
js.center.io/ Frame 9858 12 KB
5 KB 59ms
59ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/n5w5XctuDuLimFT4gbQDEf/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&aff=82&id=randal.sipkema%40ampf.com&iocid=&oid=66&utm_campaign=&utm_medium=&utm_source=82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:11:50 GMT
content-encoding: gzip
server: Google Frontend
age: 70
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 1c884459b8954f7f508eef5d35ff3ab3
cache-control: public, max-age=300
content-length: 5417
expires: Fri, 06 Oct 2023 11:16:50 GMT

GET
H3 200 player-dash-mse.min.js Show response
fast.vidalytics.com/embeds/PzpZ_7KZ/upQQlpwQI_8hq6up/ 2 MB
605 KB 73ms
27ms XHR
application/javascript 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/upQQlpwQI_8hq6up/player-dash-mse.min.js?hash=tljgkpj
Requested by: Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/upQQlpwQI_8hq6up/loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF0) /
Resource Hash: 44a2a04162f2ac385b7dbb0447a3ac118a9e2bb8767fb3961a2b2d74fb6ed433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
content-encoding: gzip
via: 1.1 google
x-cdn: 3
age: 666434
x-guploader-uploadid: ADPycdtib4d6aHJleqmMlcThKUDXLKbpmAnfttETpR-L9k_0d6C8byeltkH8KwPI8vpevEm8KYkCSCC2YvHtEwrOVsXdiBx6lbDM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 618864
last-modified: Tue, 29 Aug 2023 17:57:27 GMT
server: ECAcc (frc/4CF0)
etag: "b318cf0e38803ef68eddff36244c8a47"
vary: Accept-Encoding
x-cdn-site: c3-prod
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-generation: 1693331847174166
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=300, s-maxage=2592000
x-goog-hash: crc32c=wIfRlw==, md5=sxjPDjiAPvaO3f82JEyKRw==
x-goog-stored-content-length: 618864
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Sun, 05 Nov 2023 11:13:00 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame BEF1 4 KB
2 KB 30ms
29ms Document
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://btm-btm-btm.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 135
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Fri, 06 Oct 2023 11:10:45 GMT
etag: "OMWYXg"
expires: Fri, 06 Oct 2023 11:15:45 GMT
server: Google Frontend
x-cloud-trace-context: 9636d4ddd3d8bc4b0435f28e097bd05f

GET
H/1.1 200
OK pixel.gif
behindthemarkets.app.optipub.com/sdk/ 1 KB
2 KB 279ms
279ms Image
image/gif 34.225.139.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://behindthemarkets.app.optipub.com/sdk/pixel.gif?page=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&referrer=&utmSource=82&counter=0.3639367521880337
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.139.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-139-193.compute-1.amazonaws.com
Software: Apache/2.4.57 () OpenSSL/1.0.2k-fips PHP/7.3.33 / PHP/7.3.33
Resource Hash: 58d4b1bd9484ebd342399e408daeaa337b1c935091bd22c8d6ae49e1f828cb02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 11:13:00 GMT
Server: Apache/2.4.57 () OpenSSL/1.0.2k-fips PHP/7.3.33
X-Powered-By: PHP/7.3.33
Content-Type: image/gif
Cache-Control: no-cache, private
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 1101

GET
H2 200 awesome-log Show response
stats.vidalytics.com/ 43 B
419 B 399ms
130ms XHR
image/gif 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
server: istio-envoy
etag: "PzpZ_7KZ/nEtGZjHUyJcvbAOB"
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
content-length: 43

POST
H2 200 licensing Show response
analytics-ingress-global.bitmovin.com/ 117 B
378 B 82ms
31ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/licensing
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.58.1 /
Resource Hash: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
via: 1.1 google
server: v1.58.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 117
alt-svc: clear

GET
H2 200 preview-5_0.jpg
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/thumb/ 3 KB
3 KB 22ms
21ms Image
image/jpeg 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/thumb/preview-5_0.jpg
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA3) /
Resource Hash: 51a8db34f07ea1b1eda5ef0a14ab2d404c0974875a29bdf90e16bf56d1fa8f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
via: 1.1 google
x-cdn: 3
age: 3258440
x-guploader-uploadid: ADPycdvYcBNYHs00QAiMshKBKZ7geBYJF-2tJcWtwpfiiPTk7u2lJcJSfMwwSaj00oE65ZUEPePyWSZg00sfCNNYwozTchLEUfdB
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2814
last-modified: Tue, 29 Aug 2023 17:23:32 GMT
server: ECAcc (frc/4CA3)
etag: "a62c2547b2b1d45d2b849b19370cdb7a"
x-cdn-site: c3-prod
content-type: image/jpeg
access-control-allow-origin: *
x-goog-generation: 1693329812011529
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=NPLQVA==, md5=piwlR7Kx1F0rhJsZNwzbeg==
x-goog-stored-content-length: 2814
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:00 GMT

POST
H2 200 licensing Show response
licensing.bitmovin.com/ 165 B
442 B 193ms
142ms XHR
application/json 2600:1901:0:df23::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/licensing
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
via: 1.1 google
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 165

GET
H3 200 stream.mpd Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/ 27 KB
27 KB 20ms
20ms XHR
application/dash+xml 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/stream.mpd
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CCD) /
Resource Hash: 02169a49691aa80b95a7f13bcac617400c6898a471c3bbb988074e394b62313e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
via: 1.1 google
x-cdn: 3
age: 3258440
x-guploader-uploadid: ADPycdv9nBrVkBOH_90cB6vGo20WuesrrHJpzHEaJWMT1UcreFMjCOiloCsjEHLBQ29UrllqtGIoc6sRbs-ydln-_uzVIA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27297
last-modified: Tue, 29 Aug 2023 17:57:20 GMT
server: ECAcc (frc/4CCD)
etag: "77784e42e98b048e1a657918eb5b404b"
x-cdn-site: c3-prod
content-type: application/dash+xml
access-control-allow-origin: *
x-goog-generation: 1693331840785366
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=mi+CrQ==, md5=d3hOQumLBI4aZXkY61tASw==
x-goog-stored-content-length: 27297
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:00 GMT

POST
H2 200 / Show response
sumo.com/api/load/ 875 B
1 KB 762ms
190ms XHR
application/json 34.220.132.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-220-132-2.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e2a963c2cb48873be78f767563b39e424b3893d75e44a080fafc915b54009daa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 875

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
356 B 131ms
130ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=25,264,255,545,6,547,672,672,1866,1872
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 11:13:00 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 217.114.218.27
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 03rb229rbo3j5868b60g

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 31ms
31ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.58.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
via: 1.1 google
server: v1.58.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
DATA 200
OK truncated
/ 696 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/640x360_h264_700000/ 875 B
910 B 21ms
20ms XHR
video/mp4 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/640x360_h264_700000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C83) /
Resource Hash: 6c2ad75c0c33e52d045eff52d5239d6b40460c2b04c72cac85dda9bc18ae0e03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
via: 1.1 google
x-cdn: 3
age: 3258399
x-guploader-uploadid: ADPycdvMf-NGA-G_85BkFR6soLX7mj9PW4dNAeoR2oLzIZQ1Zas8g4GwyREED_6kScrGhijqECztJKH-VaxG8guXzeAfVw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 875
last-modified: Tue, 29 Aug 2023 17:56:09 GMT
server: ECAcc (frc/4C83)
etag: "d5cf1707fcb2d98fd08c9aa07e13ccc3"
x-cdn-site: c3-prod
content-type: video/mp4
access-control-allow-origin: *
x-goog-generation: 1693331769553768
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=QUYeew==, md5=1c8XB/yy2Y/QjJqgfhPMww==
x-goog-stored-content-length: 875
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:00 GMT

GET
H3 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 826 B
861 B 21ms
21ms XHR
video/mp4 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CAB) /
Resource Hash: 13f04443265497311e8a121a06bec42ab134751d7113479288859b4e504b4e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
via: 1.1 google
x-cdn: 3
age: 3258440
x-guploader-uploadid: ADPycduRyYQ6gYRjzn2mkyY-rSOsc7GrYYvHJXud2IT3FCzY3eQ0H4I_sTNBYYxrK4KqXJxOa4Xnodn1JteoQ3hRifMKDg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 826
last-modified: Tue, 29 Aug 2023 17:57:12 GMT
server: ECAcc (frc/4CAB)
etag: "760c286543cb16bf63a5d5724eaf0ebe"
x-cdn-site: c3-prod
content-type: video/mp4
access-control-allow-origin: *
x-goog-generation: 1693331832986619
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=jujd5w==, md5=dgwoZUPLFr9jpdVyTq8Ovg==
x-goog-stored-content-length: 826
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:00 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 131ms
131ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=mPWAsQud8Y7JnHS2ip3jhg&kind=timer&label=lb_embed_leadbox_load&value=724.8999977111816
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 11:13:01 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 217.114.218.27
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 03rb0u9pu9clqo09q1q0

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
84 B 131ms
131ms XHR
application/json 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time: 2
content-length: 16

GET
H3 200 1.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/640x360_h264_700000/ 150 KB
150 KB 26ms
26ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/640x360_h264_700000/1.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CDE) /
Resource Hash: aecd0029c82d46f864f46c2d3a7ef3b321024a22f3a587b63f8b302a74d86492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258257
x-guploader-uploadid: ADPycdsj3cgQCF82QJXS_KXHGjleZ7PC4fHg-UYY-ix84F5v-FZlU9NAS7JqC-_J3GU2uf9KQoKwDc3ckd08owObWcAC3GogxEl8
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153425
last-modified: Tue, 29 Aug 2023 17:55:54 GMT
server: ECAcc (frc/4CDE)
etag: "79e1f471f3d51e62375d17c31acd2bbc"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331754455957
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=2NUcPQ==, md5=eeH0cfPVHmI3XRfDGs0rvA==
x-goog-stored-content-length: 153425
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H3 200 1.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 33ms
33ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/1.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CAB) /
Resource Hash: b2965f28e6e2f631fd7e219281ed055c59182dfa8f03f5d0bee8edcc8230b845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258441
x-guploader-uploadid: ADPycdsu7H_AxgQV9oweWzF5ZOvewZx5OosDQfuB9GQDoXhnbA8uBkZWBO5RGqjaZKOqAMGsiWQnqR-BYDuiVULfjIzvdw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38302
last-modified: Tue, 29 Aug 2023 17:57:08 GMT
server: ECAcc (frc/4CAB)
etag: "025c1929a0b08c3147e70bc22505c5c5"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331828848848
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=aq8CPQ==, md5=AlwZKaCwjDFH5wvCJQXFxQ==
x-goog-stored-content-length: 38302
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
BLOB 200
OK b92830af-3019-40e6-9933-faa54746dd20
https://go.behindthemarkets.com/ 80 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.behindthemarkets.com/b92830af-3019-40e6-9933-faa54746dd20
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b1b4ae8f01d381a1856eb29539ef696f43a9ae59063cbc0b91c3130cf7e102a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 81800
Content-Type

GET
H3 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 877 B
923 B 21ms
21ms XHR
video/mp4 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD7) /
Resource Hash: 54a77d9277ac2425aa5856d09521f9f52d9d21ce08ff5d6ca41505a6d628a790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258441
x-guploader-uploadid: ADPycdvsKYr154803kITpqxpPhILllU83TE9AQGzyjSRX0MWiiUza05HFHM7EkrSL3KfzY3ryClnS6KhNDj_qY5D8awq
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 877
last-modified: Tue, 29 Aug 2023 17:57:07 GMT
server: ECAcc (frc/4CD7)
etag: "0520b95539463359feb9f6df73f291e4"
x-cdn-site: c3-prod
content-type: video/mp4
access-control-allow-origin: *
x-goog-generation: 1693331827762351
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=5hlmSA==, md5=BSC5VTlGM1n+ufbfc/KR5A==
x-goog-stored-content-length: 877
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

POST
H2 204 impression Show response
licensing.bitmovin.com/ 0
41 B 35ms
35ms XHR
application/json 2600:1901:0:df23::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/impression
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
56 B 132ms
132ms XHR
application/json 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time: 2
content-length: 16

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 31ms
31ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.58.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 11:13:00 GMT
via: 1.1 google
server: v1.58.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H3 200 2.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 1 MB
1 MB 23ms
22ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/2.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C9D) /
Resource Hash: 1c7db94e5cf338196c5d7b652a3eb11eb3e9eadbe66146c56da8b586c1c66b62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258441
x-guploader-uploadid: ADPycdveCs75yXds50HaGzD2PpCQQxcboNtveXc1OZ4u5zwVeapkIJZO3iKtazHp0jjTWM0fdSlRj4G-NScTKA0WYy3O
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1289537
last-modified: Tue, 29 Aug 2023 17:56:48 GMT
server: ECAcc (frc/4C9D)
etag: "d7188ef1200fbc7259b3e4c65b1ad819"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331808280687
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=Nt4lPw==, md5=1xiO8SAPvHJZs+TGWxrYGQ==
x-goog-stored-content-length: 1289537
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H3 200 2.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 37 KB
38 KB 24ms
24ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/2.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CCA) /
Resource Hash: aaee6addb09dd39496aeaf8304ee04764f02af3168dbce8198a48947000e5273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258440
x-guploader-uploadid: ADPycdsoRF_StXcYfeaBd-PxPBGTRggTjcJYQ8ehAwrhnlK1PMo5cvzLMsJ4pHnitVJzU7QKF2u5qMMOQK4bAK1NOy0U
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38368
last-modified: Tue, 29 Aug 2023 17:57:09 GMT
server: ECAcc (frc/4CCA)
etag: "3ab8a7c35f74bb715cfe9a24e0a44f8d"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331829760848
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=VuuXUA==, md5=Orinw190u3Fc/pok4KRPjQ==
x-goog-stored-content-length: 38368
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

OPTIONS
H2 204 services
sumo.com/ Frame 0
0 197ms
197ms Preflight 34.220.132.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-220-132-2.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: POST
Origin: https://go.behindthemarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://go.behindthemarkets.com
access-control-max-age: 2592000
date: Fri, 06 Oct 2023 11:13:01 GMT
server: nginx

POST
H2 200 services Show response
sumo.com/ 205 B
604 B 195ms
193ms XHR
application/json 34.220.132.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-220-132-2.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c5265b2a343e05fcaf0cd05b0dd03975c4d83e4168eafea7236a99ee46caf79e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

X-Sumo-Auth: 1yoVYxuAiq1TYyUzaGr0eUqt
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.behindthemarkets.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-length: 205

GET
H3 200 3.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 375 KB
375 KB 22ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/3.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CAD) /
Resource Hash: af4a5afabfdcf1bcc6b0a9776f14110a6f9033873df3fb60cc2c7d9408d582b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258441
x-guploader-uploadid: ADPycdvNb5n4gZCNnaKCV_etmAynEXyaNdu1tqeCmQgAzuoBFesXT_YmR5vUX5pC428SrSGvbvwKrPXiRQc-w5aliMgA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 383879
last-modified: Tue, 29 Aug 2023 17:56:50 GMT
server: ECAcc (frc/4CAD)
etag: "9026ac5d892cec79122a5f427f603baa"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331810746020
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=Emk9uA==, md5=kCasXYks7HkSKl9Cf2A7qg==
x-goog-stored-content-length: 383879
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H3 200 3.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 36 KB
36 KB 22ms
22ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/3.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB2) /
Resource Hash: bf917a8be5660e137b8b76297980fbb02237a47534c8213fad1b27b62db1ec19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258440
x-guploader-uploadid: ADPycduYedBVnULhyYGE45EDOPp3Ol3eqKKhPGcKCw7jOoUrO9XxVDvZXuNfqDBAtYE8xwmQHUZzoTrGxLEcDKq7V8gVog
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37224
last-modified: Tue, 29 Aug 2023 17:57:10 GMT
server: ECAcc (frc/4CB2)
etag: "771f6d7e43bce9c1b761a694109e6642"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331830348494
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=iz+Cyw==, md5=dx9tfkO86cG3YaaUEJ5mQg==
x-goog-stored-content-length: 37224
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H3 200 4.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 508 KB
508 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/4.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D0C) /
Resource Hash: 0f65b2dd8e6406afb5c3c933ff68eaf32575264ad7387b2c834290584430e661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258440
x-guploader-uploadid: ADPycdvuj16ryOrxofDmGptaNNC99T6qvSejX6C2pB0699neZuw5c6dkIKsraIk5oGLyX-KJqathZlMd231j7nZc02Fh2edAkNk3
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 520476
last-modified: Tue, 29 Aug 2023 17:56:53 GMT
server: ECAcc (frc/4D0C)
etag: "0a3b12a2d78e1746ed2f58309475d1bb"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331813742520
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=Hr6e4w==, md5=CjsSoteOF0btL1gwlHXRuw==
x-goog-stored-content-length: 520476
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H3 200 4.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 22ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/4.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF1) /
Resource Hash: 33f0b140b316f438d3e91e8a0b3f086b9971a9fddc27de1d6a76d5c3ef0c40d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258439
x-guploader-uploadid: ADPycduTQG4cdtZh-y2W5jjG7Z3oIsX-YlduvTzhSUi841NRRE6-ME_azjot8I6TOw_bjVbZMZqDVwU7HxsrwACZxkCZMg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37512
last-modified: Tue, 29 Aug 2023 17:57:10 GMT
server: ECAcc (frc/4CF1)
etag: "b7c8eb1ebb7db060ece61d17b165ba57"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331830863152
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=0BH3Rw==, md5=t8jrHrt9sGDs5h0XsWW6Vw==
x-goog-stored-content-length: 37512
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H3 200 5.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 804 KB
804 KB 36ms
36ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/5.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBE) /
Resource Hash: 70e3d70511477001ade85c44061a00661ba16d3e50a2eee9e868b45a5fa0c03e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258439
x-guploader-uploadid: ADPycdvtsnaCR3Qbyx3EMsnGazBetQoxhbgPn_gBioYXm15bJB7EWSGe5g85KjdAVHU_G4jeAZG8BzxFRAYWF7a6BwwSC0Hrx4gY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 823365
last-modified: Tue, 29 Aug 2023 17:56:57 GMT
server: ECAcc (frc/4CBE)
etag: "3bdefa15b51a3481fd4762415413a3f5"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331817645569
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=LnSSgg==, md5=O976FbUaNIH9R2JBVBOj9Q==
x-goog-stored-content-length: 823365
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H3 200 5.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 21ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/5.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBE) /
Resource Hash: de85e88c35e02c020f42b387ebf92a302867f84a979fc778a68268d646f11f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258400
x-guploader-uploadid: ADPycdtD81tjAwKPAdZTXlNMiI2bJ1vOwVJ8shMNElD8YU7xyk9LDrfEjma75YCrbQfE68M3bRsd_AptqMrhmubSbAHB
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37711
last-modified: Tue, 29 Aug 2023 17:57:11 GMT
server: ECAcc (frc/4CBE)
etag: "35abdcd97383574df634bb7edce9cb44"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331831489769
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=C/BGkw==, md5=Navc2XODV032NLt+3OnLRA==
x-goog-stored-content-length: 37711
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H3 200 6.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 1002 KB
1002 KB 23ms
23ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/6.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF2) /
Resource Hash: a4082d466e44c36c353e5bb71dd0551446e665624340c78ac9c6f194d89f7235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258400
x-guploader-uploadid: ADPycds5X6cycKOOf4ldkH6a92GkKnv7OJ9S7Qo-FSB6iX2MXIE3E5CQa9a3r9Z0OhiPnVRrJ5LyLz9lLzSzYrodo9hpAtX3w3RF
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1025911
last-modified: Tue, 29 Aug 2023 17:57:03 GMT
server: ECAcc (frc/4CF2)
etag: "679234cba27c7f8f563157a292839416"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331823310016
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=f0yh9A==, md5=Z5I0y6J8f49WMVeikoOUFg==
x-goog-stored-content-length: 1025911
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H3 200 6.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 36 KB
36 KB 21ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/6.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CCC) /
Resource Hash: 467713c7532cec6139b1c585d39436721036b5a39e2dd280fd4c5a6b16016d4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258400
x-guploader-uploadid: ADPycdvN4bO9g71DwcbRLanOEXIKJ78ycuGjwtWU-1GSfmOL7klhw4HFNjXVaRp6Esym_SRJkPiacsDSebSCeTbC_vqA7w
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37269
last-modified: Tue, 29 Aug 2023 17:57:12 GMT
server: ECAcc (frc/4CCC)
etag: "1aa2a801f12c6438edaab16ca9879468"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331832148100
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=JTadDg==, md5=GqKoAfEsZDjtqrFsqYeUaA==
x-goog-stored-content-length: 37269
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H3 200 7.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 897 KB
897 KB 21ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/7.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB1) /
Resource Hash: ed94c4e309736b4254188364fc93d172c1e70844a7f5b82fc90657b192c3f9d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
via: 1.1 google
x-cdn: 3
age: 3258399
x-guploader-uploadid: ADPycdtuYV_4KNj-JpPQKZmIatoXPuPyro2ULbUi-3QIhXQpsSkFCe1JmKOPPH3WM4AdLd0SMKtQzSAvkgC-yUWf8LoHAty0bGtu
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 918036
last-modified: Tue, 29 Aug 2023 17:57:06 GMT
server: ECAcc (frc/4CB1)
etag: "ba9525a1cc106a70826c1ad75369d1dc"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331826085177
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=AimjqQ==, md5=upUlocwQanCCbBrXU2nR3A==
x-goog-stored-content-length: 918036
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:01 GMT

GET
H2 200 7.0a035390359aab65eb82.js Show response
load.sumo.com/ 97 KB
34 KB 26ms
25ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: 6556JDXZW8AN2YNV
cdn-cachedat: 08/01/2023 19:55:10
cdn-pullzone: 53731
x-amz-id-2: cSUMWfK1WSpDwfk1Ts7bzDlPEW2XyFxoF6OWJezYiEehsSRchfIhZEPax52J+5vxI3XyrXtZRhc=
last-modified: Wed, 05 Oct 2022 16:49:48 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"3fa9c18f727d4b42fb894fda90a374e1"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 43db30c5403c2c29c23b087b39c24630
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 30ms
28ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: XPQK36ZER9CRKS11
cdn-cachedat: 07/07/2023 01:47:30
cdn-pullzone: 53731
x-amz-id-2: mTOZvT+dViFEnXbdMieeIDxf0x24WT/uSdiD07sBGMn9LykYofikgvDE4pImCCIDh6WUqbyXrcU=
last-modified: Wed, 05 Oct 2022 16:49:25 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"a39d043b7c7bba70750cf288ee5ef71a"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 581c514991812ff59f5415863f3e1058
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2.0a035390359aab65eb82.js Show response
load.sumo.com/ 3 KB
2 KB 49ms
48ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: XPQM4KE27F1PV1RK
cdn-cachedat: 07/07/2023 01:47:30
cdn-pullzone: 53731
x-amz-id-2: oA8LQN3Tk/ne2zEnCJcTDIXVqtH0lmXgqdnClhbLqUrZ7AoJhtGig12OgATcN4TrCkSO40O6SCY=
last-modified: Wed, 05 Oct 2022 16:49:10 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6bfdf1ae8492f107706ac037915be663"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 9c9c6222e0a8078759400bc552731675
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.0a035390359aab65eb82.js Show response
load.sumo.com/ 11 KB
5 KB 31ms
30ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: XPQY5KZM19H9N2EA
cdn-cachedat: 07/07/2023 01:47:30
cdn-pullzone: 53731
x-amz-id-2: seuQMDfJmqhHAlic6XiyJ4hVPQujxdUHubwd+ZhchYqZFdd51kzaghRFiM11t3gYmD58vzM+KNA=
last-modified: Wed, 05 Oct 2022 16:48:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"fc263e7087822a0b00ff93677d6df4ea"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: a77b43e4f911f2ae59863d7dca9a3c2c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.0a035390359aab65eb82.js Show response
load.sumo.com/ 92 KB
25 KB 50ms
49ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-request-id: PQQBXF8WXVX9X2EZ
cdn-cachedat: 07/07/2023 01:10:26
cdn-pullzone: 53731
x-amz-id-2: irVg4hjWiANPv68QkQboAQiwpeyFydpGds+oixAV97BR2fr/wIxSfvdoMo3ggEkMwbf62jAfgAI=
last-modified: Wed, 05 Oct 2022 16:49:12 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"8af82c4c30a069f66de02526c2f332af"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 18d138953d0f96d8f8b43dd40354fea5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 23.0a035390359aab65eb82.js Show response
load.sumo.com/ 329 KB
94 KB 32ms
31ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: RKQZQ72VFQMDKFPM
cdn-cachedat: 08/01/2023 19:55:20
cdn-pullzone: 53731
x-amz-id-2: BwiMkm/NrNe/oG+SEc1gZv5tpb4dLpnrRMkQQWrblkEy+u4k6dyVJj1CS5kSMpDq5pTg6Pefv3s=
last-modified: Wed, 05 Oct 2022 16:49:12 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"be0b945be6cafa91f6fd4efdfc8268f8"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 3defa97144eeea2aeb81d6f6a51e60e7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.0a035390359aab65eb82.js Show response
load.sumo.com/ 179 KB
51 KB 42ms
41ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: C84PNVNQB66PCZG0
cdn-cachedat: 08/29/2023 11:03:01
cdn-pullzone: 53731
x-amz-id-2: ENE2TCqG376TzQkN1MMQaDsoDM44TulVnj3fty3yhkgq5APg+ofa21zsAF6x/yL20mKJRIov3B8=
last-modified: Wed, 05 Oct 2022 16:49:11 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"beda094dfc3b530efd0d2d83c5a0280c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 21e81d9e7bbaf11b7c1aa583999d7765
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 64.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 KB
1 KB 49ms
48ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:01 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: EA5PWJXNP1GBHPCQ
cdn-cachedat: 07/07/2023 01:53:36
cdn-pullzone: 53731
x-amz-id-2: zkxWwTdtBgLtEW47U1GFGbcEHT4EF1xNTQC3zntIgeMozv+e73QWQDWk1fHvU+QddG0us9tlRc8=
last-modified: Wed, 05 Oct 2022 16:49:45 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"d200986501135078d1fbd7f480e7bb08"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 63f1282774f877bae4ccc50099be18f4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 7.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 20ms
20ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/7.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC9) /
Resource Hash: 790bdfc9087ed38b70f4231d8f8e72d1fde30f271795df6b02cdb83ed7a2bb21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258400
x-guploader-uploadid: ADPycdvOnVVuj70RlMlvuFgwktngrtULUb-1k62GLfwLEDzOp0LCT4b4qDNu2kl9PrKNEJFBcvA20JJCDwQ62DIZj6gfES0CCPJ_
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38564
last-modified: Tue, 29 Aug 2023 17:57:12 GMT
server: ECAcc (frc/4CC9)
etag: "ecdcaf6baa3c191c7565b5510bacb775"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331832645748
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=Brt0Ew==, md5=7Nyva6o8GRx1ZbVRC6y3dQ==
x-goog-stored-content-length: 38564
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H2 200 0.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 27ms
27ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: 3WHT15W2TJWFMKM7
cdn-cachedat: 07/07/2023 01:47:31
cdn-pullzone: 53731
x-amz-id-2: VZjr0K5Y8SUXWSYHQImuxYw+Exhyj1Kyjsa9lNkbyPzFc1SQBSWWHUm8YElx+Sw55wP8K1fK+xs=
last-modified: Wed, 05 Oct 2022 16:48:56 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"31baf056af3800bbd6e4f9e8b445d052"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: a67a85e36cfd003d40040981e48b7c82
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 96.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 MB
80 KB 28ms
28ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-request-id: FGD5RPGRC3BGBDEK
cdn-cachedat: 09/11/2023 12:27:01
cdn-pullzone: 53731
x-amz-id-2: UpcBLDSJ2/nt7VJUhvVTsNiESr/KW7DMcj3w6M4CFBg4maYnRNBFWy/9sHzrMmwOjzSxxf/VGuI=
last-modified: Wed, 05 Oct 2022 16:50:09 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"f33273f5c8e8dd3d010a11b209891b91"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: d90aecf4ed123f848549bf9fef9560f1
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 97.0a035390359aab65eb82.js Show response
load.sumo.com/ 221 B
994 B 34ms
34ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-request-id: NTJQ2GV1WNAVQPSR
cdn-cachedat: 07/07/2023 01:10:27
cdn-pullzone: 53731
x-amz-id-2: JTXCpCcTcTU62ExaMwtO9D+T6wK0UGb3w92rrh/k+tTFJglllrHjGxgzyla2oCOLZVrlfFqI940=
last-modified: Wed, 05 Oct 2022 16:50:09 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"857476cf6e94c14c223d4481353b4c19"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-requestid: 494d19bc31aaee9a93363d5860ae2f80
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 8.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 1003 KB
1003 KB 27ms
27ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/8.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CFA) /
Resource Hash: afa1d5abc08b139c2107ee0b53b29e9dd3276123af9d9fb0ec403885616a6bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258400
x-guploader-uploadid: ADPycdviCQe-zpYJ1IIGf27ezNbdN5UixmB6lkJUXq5Fa6KQ3j4Y3Wl28MuVLQ5ia3kIcBZd4irh68eEAbzjA-APOnB8YBuZJhlK
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1026647
last-modified: Tue, 29 Aug 2023 17:57:07 GMT
server: ECAcc (frc/4CFA)
etag: "5f3d30b1bb747efa2d43143df78b0275"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331827823062
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=G/hk8A==, md5=Xz0wsbt0fvotQxQ994sCdQ==
x-goog-stored-content-length: 1026647
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 css
fonts.googleapis.com/ 32 KB
1 KB 95ms
95ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3f46edd3dc78e34e7b8df01b494936e06e68f1566df5666d3a9e502b040b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 11:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 09:55:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 11:13:02 GMT

GET
H2 200 features Show response
sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/ 3 KB
1 KB 193ms
193ms XHR
application/json 34.220.132.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/features?site_id=7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-220-132-2.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Sumo-Auth: 1yoVYxuAiq1TYyUzaGr0eUqt

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
content-encoding: gzip
server: nginx
etag: "-362431178"
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/ Frame 0
0 186ms
185ms Preflight 34.220.132.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/features?site_id=7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.220.132.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-220-132-2.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: GET
Origin: https://go.behindthemarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://go.behindthemarkets.com
access-control-max-age: 2592000
date: Fri, 06 Oct 2023 11:13:02 GMT
server: nginx

GET
H3 200 8.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 21ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/8.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 62e9b1447b6c8a0453cb2cc61b1c5e1d25df4b52bf7a144a8439bbdc6119fe7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258400
x-guploader-uploadid: ADPycdvfc678r3AMe_NxnNqzfgtdZRiTW_vj3vpd1oReWR9onpAu2oWuKMLSFZV81a0piGwIeOSbWoKN__rdGahLQYSUcA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37760
last-modified: Tue, 29 Aug 2023 17:57:12 GMT
server: ECAcc (frc/4CC2)
etag: "86f564c656a1ba8f9a05dd0c10876bc1"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331832862074
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=LHwwjA==, md5=hvVkxlahuo+aBd0MEIdrwQ==
x-goog-stored-content-length: 37760
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 9.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 1 MB
1 MB 21ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/9.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF4) /
Resource Hash: c53faa1a765d2c4a42c2b0dfb4fc3b9f40d296a4975cebe8400756655cc9da10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258399
x-guploader-uploadid: ADPycduPTr12a3MdLfikuEnkCgMpfyO3fQxIJH50CKjTS8Jk3adIn_TcpjbaSOGwmqN1X7QRF740qcpNrhEVhp2rMNZNkw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1436854
last-modified: Tue, 29 Aug 2023 17:57:07 GMT
server: ECAcc (frc/4CF4)
etag: "0037fff4c0ff119820a94c7c8752d320"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331827892117
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=RYpXsA==, md5=ADf/9MD/EZggqUx8h1LTIA==
x-goog-stored-content-length: 1436854
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v36/ 49 KB
49 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:21:10 GMT
x-content-type-options: nosniff
age: 60712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50368
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:21:10 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 61003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:16:19 GMT

GET
H3 200 9.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 21ms
19ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/9.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CAA) /
Resource Hash: 22d84fb318febef6ef8b687ac154a1fbcfa2fa7e30f2863f9ef1d28c10857707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258399
x-guploader-uploadid: ADPycdtypuEnJHlGVW6cHOcQIXfVid2ludd39z3cCvdHPzpruwxf_1W4VnO9ktb6gA3_dTMCaPFZUJRpP37irmoUDBYKeg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39063
last-modified: Tue, 29 Aug 2023 17:57:12 GMT
server: ECAcc (frc/4CAA)
etag: "0335832079542a9b7ffbb70aaed6d5b0"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331832973774
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=D8W4cQ==, md5=AzWDIHlUKpt/+7cKrtbVsA==
x-goog-stored-content-length: 39063
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 10.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 488 KB
488 KB 23ms
22ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/10.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB8) /
Resource Hash: e7c4f18c9255cb59feb6ae9254dfb64ea3202d6793165ca0801c5a1f0219011b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258398
x-guploader-uploadid: ADPycdvKpXHxK2IggwuEbQ2_Ye8HhaLd7xw4CV-42YmJ2XyZOf7-ciwLhrE7kt0q2NKFbSWZnGOcpS2kgeY_oiQ_YdRVww
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 499284
last-modified: Tue, 29 Aug 2023 17:56:45 GMT
server: ECAcc (frc/4CB8)
etag: "a848401f295040876453ab8d77ba5211"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331805520371
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=licKnQ==, md5=qEhAHylQQIdkU6uNd7pSEQ==
x-goog-stored-content-length: 499284
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 10.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 36 KB
36 KB 21ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/10.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C83) /
Resource Hash: 155ef3f8cf1ab4ecd63c6ffafb82daf9d61626ca81158c1250c0ce8454856dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258382
x-guploader-uploadid: ADPycdtcLU_lPdxxNrw5Pxy06lVEcs-WAHceTN2E0EanFnXGm375qLwV37JInyuC8m0KlS1ta9nKXgam4N_fzdigsNcrDw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36816
last-modified: Tue, 29 Aug 2023 17:57:08 GMT
server: ECAcc (frc/4C83)
etag: "bf52db701b9f5ad0fc9e5b4ae7f886e9"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331828939898
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=p2849w==, md5=v1LbcBufWtD8nltK5/iG6Q==
x-goog-stored-content-length: 36816
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 11.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 949 KB
949 KB 32ms
32ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/11.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CAF) /
Resource Hash: a8c01ccde5c9d5a4f6dcd802f65d8a05892f4632d08ca3a01bf17ff953a373a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258383
x-guploader-uploadid: ADPycdtGh3oxP6IszwOyOpTxWqOACywKqqaX-RJfDGVVcxamNSPfB22CWoy0qHpwXJrh61PdmjCfhBhXsl3e4KhNZihs
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 971604
last-modified: Tue, 29 Aug 2023 17:56:45 GMT
server: ECAcc (frc/4CAF)
etag: "2decfc5e81b7165a4a070e86c3168c16"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331805579238
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=KFfpUA==, md5=Lez8XoG3FlpKBw6GwxaMFg==
x-goog-stored-content-length: 971604
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 11.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 20ms
20ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/11.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA6) /
Resource Hash: 67a54ead82131353c0605abf38700817b274d0599f455f61759cd3fb8299688f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258376
x-guploader-uploadid: ADPycdu5TUH7tbZkl-302bBVHZzec08fXsBfOZfKeix48vChp0rGr6-OdBTLfO-pm4BCFYQhChW35llUN13xTma34qeh
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37874
last-modified: Tue, 29 Aug 2023 17:57:09 GMT
server: ECAcc (frc/4CA6)
etag: "7d69d3250cd7ac40ad5cdf74d7a9cd47"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331829291771
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=sStmiw==, md5=fWnTJQzXrECtXN9016nNRw==
x-goog-stored-content-length: 37874
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 12.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 871 KB
872 KB 21ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/12.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC0) /
Resource Hash: 3792207e9f4d142eb33c2702137a9738cc0529e92ba217c02fdcc895b9eb7d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258376
x-guploader-uploadid: ADPycdtCOfUAec7KUeeJcSNqLo0jGrznb4I8MDH8aYYcH10yOUQt4B8Awcr0zIIiZMi4BMkQo-izfyzzf71LdLAWgffOpTXsrTMW
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 892237
last-modified: Tue, 29 Aug 2023 17:56:45 GMT
server: ECAcc (frc/4CC0)
etag: "c74fb49b4ead9ad3bef02e566eea6054"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331805581595
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=Vt8baw==, md5=x0+0m06tmtO+8C5WbupgVA==
x-goog-stored-content-length: 892237
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 12.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 23ms
22ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/12.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C95) /
Resource Hash: 853e394434228fc2b634334bd42d4c1feb4d4689f8c2ce146c19aaee6916296d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258376
x-guploader-uploadid: ADPycduSADjNWWFVcSL326ibUlYjCPRIil0DtxVwwgaB7ef6RDXzDFH-FaCKdmttqsL_Lnjpw1GcJfWhf_rwu2MTxIB-hQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38320
last-modified: Tue, 29 Aug 2023 17:57:09 GMT
server: ECAcc (frc/4C95)
etag: "19f8e71be9c383c4d3f2f730932c4a7d"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331829314452
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=OYJPOg==, md5=GfjnG+nDg8TT8vcwkyxKfQ==
x-goog-stored-content-length: 38320
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 13.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 1 MB
1 MB 21ms
20ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/13.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CA5) /
Resource Hash: 6ff393c3d97c16a8559915e5824a5fabf24ef453ac2af6792c2b50d2560f36cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258375
x-guploader-uploadid: ADPycdtSI6jOCWQ7ZTw5L1Qhp-iQEKXGFRbBHUVs6uoY9ma_2jki4azuTlo3MIKL0CPIaVBFCHI3PdMzkhac0jY0dG6h
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1112796
last-modified: Tue, 29 Aug 2023 17:56:45 GMT
server: ECAcc (frc/4CA5)
etag: "a1b2a929fd26432fbef5521569072ac1"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331805609685
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=CyZTmg==, md5=obKpKf0mQy++9VIVaQcqwQ==
x-goog-stored-content-length: 1112796
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 13.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 20ms
20ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/13.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CCB) /
Resource Hash: 928aec555f8cf3e2c825b8b7a51f88d0ae5f5de279171eb6171744454b669438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258375
x-guploader-uploadid: ADPycdsVjLDP49MJ3vmuB6V-sT5p0w6hrr62xIbaJbkeGoZ-wb6jUWsk_YYEfYOPkHQ8qoY_AP-aY4OidB-14lyb1VKIrc_jDRpm
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37716
last-modified: Tue, 29 Aug 2023 17:57:09 GMT
server: ECAcc (frc/4CCB)
etag: "1d60a89983cd28ebea1b0b76035408ac"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331829322571
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=HrahNQ==, md5=HWComYPNKOvqGwt2A1QIrA==
x-goog-stored-content-length: 37716
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 14.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 1009 KB
1009 KB 21ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/14.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C8F) /
Resource Hash: 954ccbb03194a00facf225d50f80e50b4d03b38b1c7ba31ce5d3c38a2e0196ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:02 GMT
via: 1.1 google
x-cdn: 3
age: 3258375
x-guploader-uploadid: ADPycduSA6LVyfEbIMpe2aWnw9OfA1hjhg-5qmqub6sDGcGdwQDx17blH1D0E_FY6kdBwT3kXOXbnG-2SBvQy7ssBfDJpnxs5i1W
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1032971
last-modified: Tue, 29 Aug 2023 17:56:45 GMT
server: ECAcc (frc/4C8F)
etag: "8788674e9cf3221bec535c13ff814e8c"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331805603766
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=ccPjJQ==, md5=h4hnTpzzIhvsU1wT/4FOjA==
x-goog-stored-content-length: 1032971
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:02 GMT

GET
H3 200 14.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 20ms
20ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/14.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC5) /
Resource Hash: 7a8f3c4626f6abecfd71649a98cd098b488740c67dd68dd5e089a4f0a3fd35a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:03 GMT
via: 1.1 google
x-cdn: 3
age: 3258245
x-guploader-uploadid: ADPycduTS5ykbFXYAfNxS4xFWBS8xdLM5nU2RuEwE1GK_IoJ5NxH8_wBUXGGGirbE5CsMHzzCuaxDYMDwNuVS8soVnB4rg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38277
last-modified: Tue, 29 Aug 2023 17:57:09 GMT
server: ECAcc (frc/4CC5)
etag: "cf1eb553d1580241dec12b301a7042f2"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331829407833
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=MF50/A==, md5=zx61U9FYAkHewSswGnBC8g==
x-goog-stored-content-length: 38277
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:03 GMT

GET
H3 200 15.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 623 KB
623 KB 31ms
31ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/15.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB1) /
Resource Hash: 09d08d7ef8c0d6d48fc582c822474b1665580da51f82e23f52600f1bf2f15bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:03 GMT
via: 1.1 google
x-cdn: 3
age: 3258243
x-guploader-uploadid: ADPycdsDklXs7tiqYCQCpSwcRpBhwyRGTtQQuLZMjBMntpZLBS1U4k7aOr9mCrL1sgXuvt9f2qhPKbW3Ao31xP_1ejqJvg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 637672
last-modified: Tue, 29 Aug 2023 17:56:47 GMT
server: ECAcc (frc/4CB1)
etag: "27e6acaf1dab4ec8f58614a9512c4120"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331807019574
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=clNn2w==, md5=J+asrx2rTsj1hhSpUSxBIA==
x-goog-stored-content-length: 637672
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:03 GMT

GET
H3 200 15.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 36 KB
36 KB 20ms
20ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/15.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CFE) /
Resource Hash: b77f783f49f7636320c9d99cd3ea0ca98c59479dc12f7679edf2b65eae15f0af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:03 GMT
via: 1.1 google
x-cdn: 3
age: 3258324
x-guploader-uploadid: ADPycdtdRPV5KfnncHlr3KnLw55OV6fIzw4cbPjiPL3VYzECxW2WjTosDuWDcggBYChRW6BbomD2HlyLjbfCXE6h_g5jXQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36974
last-modified: Tue, 29 Aug 2023 17:57:09 GMT
server: ECAcc (frc/4CFE)
etag: "2ca1a7369d54fccd988e39aff3445a40"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331829501011
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=NYiciQ==, md5=LKGnNp1U/M2Yjjmv80RaQA==
x-goog-stored-content-length: 36974
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: hit
expires: Mon, 30 Sep 2024 11:13:03 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 133ms
133ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=NUWjUC5FUsLM6ksveAvWfH&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=135.10000228881836,181.39999771118164,1,420.5999984741211
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 11:13:04 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 217.114.218.27
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 03rb235dqdlbte6b6ku0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 9858 35 B
445 B 171ms
130ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=gbAAqh75MDYpj6EJj9NMH3&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=59.80000305175781,43.599998474121094,1
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 11:13:04 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://btm-btm-btm.lpages.co
X-Forwarded-For: 217.114.218.27
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 03rb236etmj6hju4hpm0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 44ms
43ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3a40&_p=71740323&cid=243031562.1696590780&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696590780&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fwar-games-vsl%2F%3F_ef_transaction_id%3Dc7632d10e71046c28d7a6cd9acc2aa16%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Drandal.sipkema%2540ampf.com%26iocid%3D%26aff%3D82%26oid%3D66&dt=BTM%20-%20War%20Games%20VSL&en=fetch_user_data&epn.variant_id=0&_et=138&up.custom_client_id=243031562.1696590780.&upn.variant_id=0&upn.experiment_id=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 11:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
79 B 131ms
130ms XHR
application/json 107.178.211.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 11:13:05 GMT
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time: 1
content-length: 16

GET
H3 200 16.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/ 661 KB
661 KB 22ms
22ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/video/1920x1080_h264_4500000/16.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C8F) /
Resource Hash: db15d51f7a5064eb6862fc7f5b8b97946daf3e8b82481ad3b9f8cff01972d530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:06 GMT
via: 1.1 google
x-cdn: 3
age: 3258243
x-guploader-uploadid: ADPycdso01oo758ASjsRHDZKcCpMUyGOGqvNqX26bZ4YJUIJg_Pjng8JLunUx3W4SKn-0ouxSY133NMTknDjpPVTsG1vPHqQxwxx
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 676419
last-modified: Tue, 29 Aug 2023 17:56:47 GMT
server: ECAcc (frc/4C8F)
etag: "faf5ef66990a2479185980e3d3f8bdb2"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331807026174
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=KYwoIg==, md5=+vXvZpkKJHkYWYDj0/i9sg==
x-goog-stored-content-length: 676419
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:06 GMT

GET
H3 200 16.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 25ms
25ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/lgx8Gg90Uf__XkF9/92242/96239__FFMPEG/m4s/audio/aac_96000/16.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/war-games-vsl/?_ef_transaction_id=c7632d10e71046c28d7a6cd9acc2aa16&utm_source=82&utm_campaign=&utm_medium=&id=randal.sipkema%40ampf.com&iocid=&aff=82&oid=66
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C98) /
Resource Hash: 3e00f88b0064d4448090d38bcb4a3f727fe0c0965019910d74f07806e05aa96d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:13:06 GMT
via: 1.1 google
x-cdn: 3
age: 3258243
x-guploader-uploadid: ADPycdu9IeHBQW1JYK6EH8lD9sjqSpeCQjgS1nM_P-fz5HDLkEtoyvTbaRC10hNoDPcjplaHd9svpHni6rEE-kUkqGmL83EXmc1N
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37429
last-modified: Tue, 29 Aug 2023 17:57:09 GMT
server: ECAcc (frc/4C98)
etag: "b06bc11113a40f904e274ae422775b36"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1693331829509209
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=Cl1i4A==, md5=sGvBEROkD5BOJ0rkIndbNg==
x-goog-stored-content-length: 37429
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Mon, 30 Sep 2024 11:13:06 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 15:17:57	Name: view.bb4wMKcXKB896PwqF4vMVT-default-prop.hFC2Rwu8a7kGVPWNbEoZ6n Value: 1696590780000
go.behindthemarkets.com/war-games-vsl	1970-01-20 15:59:46	Name: __smVID Value: a7c7c3ce607000f5b6317ae3a31a1ceaedf115f1dc7c2d25493496f1d424ce82
.clkmg.com/	1970-01-21 00:02:06	Name: vid Value: 902309955
.go.behindthemarkets.com/	1970-01-21 00:03:33	Name: _vwo_uuid_v2 Value: D62771EA76912B2198A3FF5A19B91FEE5\|40f6edb517d5b19a322b4b7dedea621e
.behindthemarkets.com/	1970-01-20 17:26:06	Name: _gcl_au Value: 1.1.831845161.1696590780
js.center.io/	1970-01-21 00:52:30	Name: centerVisitorId Value: zonsBY7aCw5c4k5CynEkif
.behindthemarkets.com/	1970-01-20 17:40:30	Name: _vis_opt_s Value: 1%7C
.behindthemarkets.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.behindthemarkets.com/	1970-01-20 15:17:57	Name: _gid Value: GA1.2.1533549391.1696590780
.behindthemarkets.com/	1970-01-20 15:16:30	Name: _gat_UA-102395123-1 Value: 1
.behindthemarkets.com/	1970-01-21 00:52:30	Name: _ga_KDYSD5C2HD Value: GS1.1.1696590779.1.0.1696590779.60.0.0
.behindthemarkets.com/	1970-01-21 00:52:30	Name: _ga Value: GA1.1.243031562.1696590780
.doubleclick.net/	1970-01-20 15:16:31	Name: test_cookie Value: CheckForPermission
.behindthemarkets.com/	1970-01-21 00:52:30	Name: _ga_8R6YNFMJ23 Value: GS1.1.1696590780.1.0.1696590780.60.0.0
.behindthemarkets.com/	1970-01-21 00:52:30	Name: _vwo_uuid Value: D62771EA76912B2198A3FF5A19B91FEE5
.behindthemarkets.com/	1970-01-20 17:26:06	Name: _vwo_ds Value: 3%241696590779%3A99.06850976%3A%3A
.behindthemarkets.com/	1970-01-20 15:16:32	Name: _vwo_sn Value: 0%3A1
.criteo.com/	1970-01-21 00:38:06	Name: uid Value: 856a6cda-7b92-4dce-8a97-6124e758dc49
go.behindthemarkets.com/	1970-01-20 15:59:42	Name: ef_witness Value: 1
go.behindthemarkets.com/	1970-01-20 15:59:42	Name: ef_tid_c_o_66 Value: c7632d10e71046c28d7a6cd9acc2aa16
go.behindthemarkets.com/	1970-01-20 15:59:42	Name: ef_tid_c_a_2 Value: c7632d10e71046c28d7a6cd9acc2aa16
.behindthemarkets.com/	1970-01-21 00:45:54	Name: cto_bundle Value: wYzxwV9lclFpbFE0SCUyRjJISmtLejZjdjUyekl3VXB2U2dNWFY4RnpMdVRIQ242Qk5JNGR5S0VySjRYNDhNbnJnNUhHeEUyamZ0JTJGSDh1SVh5ZGt4cUxtMFljQk43UXYybmc1JTJCUk41bHZBcWI1ejh2Wmd3UkxyOFN6RU1OVHhhWTRQZ0FBbXpFQUpwQWxXJTJGeHpCbSUyRnFiUU9qdlRJTE9oa09TNklvSnFyRVAzaHJGNzZBJTNE
behindthemarkets.app.optipub.com/	1970-01-20 15:59:42	Name: optipub Value: eyJpdiI6IkJBOFFUaHUveHEycjBWQ0tadjM5R0E9PSIsInZhbHVlIjoiZXFIRVdZdEpWS1dmSlU1MXllVHlDdkZDc0JHY0JhTmNXc0U0TmFhaDBpdk5GdFFmWVBReUJjYWMzbllndjZManBWSkVxbnpLeG5jN2l5ZUd6djJVSGdaWUJubUlyZ2hXQWRXaE42VFFON2tmR0hnbGFlM1dKYkxOSnJhQU5oWEFDWE91N2dmbUEvTDFaUEJiZmdDSHhmeVZxZjRDOU1OdjJHZFErcERBeGxGZXdrWVFQb3BmZTNRN0hpSUZyTXRtTTUwVGJzTVMvUWJsWFdoTW9zVEhuR01CUENWdlZIV0lGZHhBOUVveDlEUWw3UEcyaUcyNHFqbHNXWGRvanJxRnYrWk96SGowRDdHRHA3MHNTZjhqZFMybllFYVdLaFQyTkN5cmpVMjcyNGdWcE15SE9ZbHdpME8reTNycnpvaVhVQm4yaGhaK0dPdlRReVJybTdIV3BEUmV1TDBPY2t1ZmZNWlA5RXhJRUs0cXhEb014Rll2TUZXbnUydyt3dE1HaXJwS2NVQmI2ZGw2SW5Dc1J6cjdxZnBLK3pOZWpLTFhuSkt4TUdHWm83bTNsTTgySW53VzNzQ3phdXl1VWEwS2k2NTB0ODFmSGs5ZHY0NWFMTWhKWXVldHlWbUlnWHFqZlVhK0pwT3duSmc9IiwibWFjIjoiNGMwYjBjNWJhODhmNzMwZjAzNGYzZDUxYTdmNzMzMTQ3MzY3M2ViZTgzMWY0YzA2ZTkxMDRjYjc2NWY1NWM2YyJ9
go.behindthemarkets.com/	1970-01-21 00:52:30	Name: bitmovin_analytics_uuid Value: fec7d268-e919-4d20-8e98-699110a4d64f
go.behindthemarkets.com/	1970-01-21 00:02:06	Name: __smToken Value: 1yoVYxuAiq1TYyUzaGr0eUqt

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.anura.io/request.js?instance=2840531173&source=82&campaign=undefined&181365303537 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-ingress-global.bitmovin.com
api.leadpages.io
behindthemarkets.app.optipub.com
btm-btm-btm.lpages.co
click.mail.equityenlightenment.com
dev.visualwebsiteoptimizer.com
dynamic.criteo.com
embed.lpcontent.net
fast.vidalytics.com
fonts.googleapis.com
fonts.gstatic.com
go.behindthemarkets.com
googleads.g.doubleclick.net
gum.criteo.com
js.center.io
lh3.googleusercontent.com
licensing.bitmovin.com
load.sumo.com
mug.criteo.com
region1.analytics.google.com
script.anura.io
static.leadpages.net
stats.g.doubleclick.net
stats.vidalytics.com
sumo.com
tracking.equityenlightenment.com
www.behindthemarkets-btm.com
www.clkmg.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
107.178.211.97
128.245.210.40
13.43.151.221
142.250.186.34
178.250.1.11
192.229.220.49
2001:4860:4802:32::36
2001:4860:4802:38::15
2001:4860:4802:38::178
2400:52e0:1e00::1080:1
2600:1901:0:df23::
2a00:1450:4001:806::2004
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:812::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9b
2a02:2638:3::c
2a02:2638:3::e
2a06:98c1:3120::3
2a06:98c1:3121::3
34.107.203.240
34.220.132.2
34.225.139.193
34.96.102.137
35.190.27.197
35.192.151.63
35.202.21.90
50.97.212.250
02169a49691aa80b95a7f13bcac617400c6898a471c3bbb988074e394b62313e
02e1f9328c98f4665c5f41420d306e7bb2acaed2864788d7343d7b4e6be2ed4f
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0946cb87b7a79f481e8918c9754da72dac3364563c52f58e623ac23a170a49c3
09d08d7ef8c0d6d48fc582c822474b1665580da51f82e23f52600f1bf2f15bca
0ac09d816dec12a974843bad2e6ceb88fac5a4dd07906d4be7f32d1914a4f588
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
0f65b2dd8e6406afb5c3c933ff68eaf32575264ad7387b2c834290584430e661
13f04443265497311e8a121a06bec42ab134751d7113479288859b4e504b4e85
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
155ef3f8cf1ab4ecd63c6ffafb82daf9d61626ca81158c1250c0ce8454856dda
192c99ad6a049bb9588160b0021f2546db83288373f89d43cd8580dcf01021c3
1c7db94e5cf338196c5d7b652a3eb11eb3e9eadbe66146c56da8b586c1c66b62
22d84fb318febef6ef8b687ac154a1fbcfa2fa7e30f2863f9ef1d28c10857707
22fe7c7585a2fa5d79284f93befb57b3cb4f28cf9fa77b0d1a18805926b82ba7
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2b1b4ae8f01d381a1856eb29539ef696f43a9ae59063cbc0b91c3130cf7e102a
33f0b140b316f438d3e91e8a0b3f086b9971a9fddc27de1d6a76d5c3ef0c40d0
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
3792207e9f4d142eb33c2702137a9738cc0529e92ba217c02fdcc895b9eb7d43
3e00f88b0064d4448090d38bcb4a3f727fe0c0965019910d74f07806e05aa96d
3e426e330d152fce1b2e4a53ff4062cfe1531acca6f02c9b5329009d496aad05
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
44a2a04162f2ac385b7dbb0447a3ac118a9e2bb8767fb3961a2b2d74fb6ed433
467713c7532cec6139b1c585d39436721036b5a39e2dd280fd4c5a6b16016d4a
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
501c7d76cd9df45e974caf4a7bce411290d032e841df5ae74b690f0bc794e387
51a8db34f07ea1b1eda5ef0a14ab2d404c0974875a29bdf90e16bf56d1fa8f9f
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
54a77d9277ac2425aa5856d09521f9f52d9d21ce08ff5d6ca41505a6d628a790
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
58d4b1bd9484ebd342399e408daeaa337b1c935091bd22c8d6ae49e1f828cb02
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
62e9b1447b6c8a0453cb2cc61b1c5e1d25df4b52bf7a144a8439bbdc6119fe7c
67a54ead82131353c0605abf38700817b274d0599f455f61759cd3fb8299688f
68b229ad247dcf0086bd4ffc68865830bd1a8290f9a1b77a715f021f1b86b0ed
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c2ad75c0c33e52d045eff52d5239d6b40460c2b04c72cac85dda9bc18ae0e03
6ff393c3d97c16a8559915e5824a5fabf24ef453ac2af6792c2b50d2560f36cb
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
70e3d70511477001ade85c44061a00661ba16d3e50a2eee9e868b45a5fa0c03e
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
74a756c32ca129e0c5cd78d2d547da2bd6bb771e9116feafe80af73650b7df23
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
786b08b2d1dd30b15fe38bc11ed00c1496ff6ddd908ca427b7ff7ca40822099a
790bdfc9087ed38b70f4231d8f8e72d1fde30f271795df6b02cdb83ed7a2bb21
7a8f3c4626f6abecfd71649a98cd098b488740c67dd68dd5e089a4f0a3fd35a2
82df9bb591c4c23bc844d3129b5b63d999c6a22b7f6f2af0d689c283924e5459
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853e394434228fc2b634334bd42d4c1feb4d4689f8c2ce146c19aaee6916296d
923927deea7c19b73b9aa07a9649e7bacb6c4f08f2a23485346b4d88ac70ec87
928aec555f8cf3e2c825b8b7a51f88d0ae5f5de279171eb6171744454b669438
954ccbb03194a00facf225d50f80e50b4d03b38b1c7ba31ce5d3c38a2e0196ad
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b279ee56e50c6b03459b6b33dc5fcded67390e629237bd1b21088eea1fc1eae
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334
a4082d466e44c36c353e5bb71dd0551446e665624340c78ac9c6f194d89f7235
a4ce076db28f9335c806aa55720b6232f01cc56b639516b38270b5a8c44a67cb
a8c01ccde5c9d5a4f6dcd802f65d8a05892f4632d08ca3a01bf17ff953a373a1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaee6addb09dd39496aeaf8304ee04764f02af3168dbce8198a48947000e5273
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecd0029c82d46f864f46c2d3a7ef3b321024a22f3a587b63f8b302a74d86492
af4a5afabfdcf1bcc6b0a9776f14110a6f9033873df3fb60cc2c7d9408d582b1
afa1d5abc08b139c2107ee0b53b29e9dd3276123af9d9fb0ec403885616a6bf2
b2965f28e6e2f631fd7e219281ed055c59182dfa8f03f5d0bee8edcc8230b845
b77f783f49f7636320c9d99cd3ea0ca98c59479dc12f7679edf2b65eae15f0af
bf917a8be5660e137b8b76297980fbb02237a47534c8213fad1b27b62db1ec19
c5265b2a343e05fcaf0cd05b0dd03975c4d83e4168eafea7236a99ee46caf79e
c53faa1a765d2c4a42c2b0dfb4fc3b9f40d296a4975cebe8400756655cc9da10
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e
d59a74862cc6c91ca00868fe7af4d67ee75532aab80a7c4f9922b50a8691d81f
d7bf8d5d3cef884a3c569fed78737516ee9313f56c4314bfc5ef1ef37b429c3f
db15d51f7a5064eb6862fc7f5b8b97946daf3e8b82481ad3b9f8cff01972d530
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de589a5df465b30f78f3ebc2034b7b8dd00094380585923d151cbb2c11564ae0
de85e88c35e02c020f42b387ebf92a302867f84a979fc778a68268d646f11f16
df3f46edd3dc78e34e7b8df01b494936e06e68f1566df5666d3a9e502b040b27
e2a963c2cb48873be78f767563b39e424b3893d75e44a080fafc915b54009daa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c4f18c9255cb59feb6ae9254dfb64ea3202d6793165ca0801c5a1f0219011b
ed94c4e309736b4254188364fc93d172c1e70844a7f5b82fc90657b192c3f9d7
eede99a8734b5e0bb0154cd4d49901ba1e32926b7c948335e064188a6a0f764f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d0323a920c7743a18b714ad17e4edac817767a09274b9d16ad5e72c6c07fce
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
faa80a0013547435c8cd7a62de426e1c20a0bf93078b618fe898bc380a0c6163
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

go.behindthemarkets.com Open in urlscan Pro 35.202.21.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

98 %HTTPS

56 %IPv6

26 Domains

34 Subdomains

29 IPs

5 Countries

15755 kBTransfer

20596 kBSize

25 Cookies

4 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.behindthemarkets.com Open in urlscan Pro
35.202.21.90 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

98 %
HTTPS

56 %
IPv6

26
Domains

34
Subdomains

29
IPs

5
Countries

15755 kB
Transfer

20596 kB
Size

25
Cookies

125 HTTP transactions
2 data transactions