urlscan.io logo urlscan.io
SecurityTrails logo

go.behindthemarkets.com Open in urlscan Pro
35.202.21.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cl.s11.exct.net/?qs=4ed89395f91892abeb12d217dd4392c15f704b4aae8b750ba8bf8f58bd8d8491de8250159ec82ece41f6456866cb...
Effective URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_c...
Submission Tags: falconsandbox
Submission: On July 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 25 domains to perform 105 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is go.behindthemarkets.com. The Cisco Umbrella rank of the primary domain is 897580.
TLS certificate: Issued by R3 on May 24th 2024. Valid for: 3 months.
This is the only time go.behindthemarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.71.12 14340 (SALESFORCE)
1 1 2001:1af8:510... 60781 (LEASEWEB-...)
1 1 188.114.96.3 13335 (CLOUDFLAR...)
2 35.202.21.90 396982 (GOOGLE-CL...)
3 34.107.203.240 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 34.225.139.193 14618 (AMAZON-AES)
1 34.96.102.137 396982 (GOOGLE-CL...)
6 23.213.161.217 20940 (AKAMAI-ASN1)
2 2606:2800:233... 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 35.192.151.63 396982 (GOOGLE-CL...)
29 152.195.133.208 15133 (EDGECAST)
1 1 142.250.186.98 15169 (GOOGLE)
1 2 142.250.185.132 15169 (GOOGLE)
4 216.58.206.35 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 151.101.193.44 54113 (FASTLY)
6 107.178.211.97 396982 (GOOGLE-CL...)
5 35.190.27.197 15169 (GOOGLE)
4 141.226.228.48 200478 (TABOOLA-AS)
105 27
1    13.111.71.12 (United States)

ASN14340 (SALESFORCE, US)
PTR: cl.s11.exct.net
cl.s11.exct.net
1    2001:1af8:5100:a003:2:: (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
secure.investmentbankingrules.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.behindthemarkets-btm.com
2    35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com
go.behindthemarkets.com
btm-btm-btm.lpages.co
3    34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net
embed.lpcontent.net
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)
js.center.io
2    34.225.139.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-139-193.compute-1.amazonaws.com
behindthemarkets.app.optipub.com
1    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
6    23.213.161.217 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-217.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2606:2800:233:8fd2:a5ac:6d4d:b3df:ccc3 (United States)

ASN15133 (EDGECAST, US)
fast.vidalytics.com
5    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
js.center.io
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
5    35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
29    152.195.133.208 (United States)

ASN15133 (EDGECAST, US)
fast.vidalytics.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
4    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net
www.google.de
3    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
6    107.178.211.97 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.211.178.107.bc.googleusercontent.com
stats.vidalytics.com
5    35.190.27.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.27.190.35.bc.googleusercontent.com
analytics-ingress-global.bitmovin.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
37 vidalytics.com
fast.vidalytics.com — Cisco Umbrella Rank: 107787
stats.vidalytics.com — Cisco Umbrella Rank: 152564
12 MB
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 844
psb.taboola.com — Cisco Umbrella Rank: 6802
trc.taboola.com — Cisco Umbrella Rank: 711
trc-events.taboola.com — Cisco Umbrella Rank: 2315
24 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
681 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
141 KB
5 bitmovin.com
analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 26333
537 B
5 google.com
www.google.com — Cisco Umbrella Rank: 5
region1.analytics.google.com — Cisco Umbrella Rank: 3125
87 B
5 leadpages.io
api.leadpages.io — Cisco Umbrella Rank: 56491
2 KB
5 gstatic.com
fonts.gstatic.com
144 KB
5 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 112
262 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 8088
253 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
479 B
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 3098
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
2 optipub.com
behindthemarkets.app.optipub.com
9 KB
2 center.io
js.center.io — Cisco Umbrella Rank: 67673
5 KB
2 leadpages.net
static.leadpages.net — Cisco Umbrella Rank: 67303
29 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
2 KB
1 lpages.co
btm-btm-btm.lpages.co
1 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4205
200 B
1 lpcontent.net
embed.lpcontent.net — Cisco Umbrella Rank: 81462
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
3 KB
1 behindthemarkets.com
go.behindthemarkets.com — Cisco Umbrella Rank: 897580
22 KB
1 behindthemarkets-btm.com
www.behindthemarkets-btm.com — Cisco Umbrella Rank: 990749
849 B
1 investmentbankingrules.com
secure.investmentbankingrules.com
986 B
1 exct.net
cl.s11.exct.net — Cisco Umbrella Rank: 100842
300 B
105 25
Domain Requested by
31 fast.vidalytics.com go.behindthemarkets.com
fast.vidalytics.com
analytics.tiktok.com
7 www.googletagmanager.com go.behindthemarkets.com
www.googletagmanager.com
6 stats.vidalytics.com analytics.tiktok.com
6 analytics.tiktok.com go.behindthemarkets.com
analytics.tiktok.com
5 analytics-ingress-global.bitmovin.com analytics.tiktok.com
5 api.leadpages.io js.center.io
analytics.tiktok.com
5 fonts.gstatic.com fonts.googleapis.com
5 lh3.googleusercontent.com go.behindthemarkets.com
4 trc-events.taboola.com analytics.tiktok.com
4 www.google.de go.behindthemarkets.com
3 region1.analytics.google.com www.googletagmanager.com
analytics.tiktok.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google.com 1 redirects go.behindthemarkets.com
2 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 behindthemarkets.app.optipub.com go.behindthemarkets.com
2 js.center.io go.behindthemarkets.com
js.center.io
2 static.leadpages.net go.behindthemarkets.com
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com analytics.tiktok.com
1 googleads.g.doubleclick.net 1 redirects
1 cdn.taboola.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 btm-btm-btm.lpages.co embed.lpcontent.net
1 dev.visualwebsiteoptimizer.com go.behindthemarkets.com
1 embed.lpcontent.net go.behindthemarkets.com
1 fonts.googleapis.com go.behindthemarkets.com
1 go.behindthemarkets.com
1 www.behindthemarkets-btm.com 1 redirects
1 secure.investmentbankingrules.com 1 redirects
1 cl.s11.exct.net 1 redirects
105 31

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
behindthemarkets.com
Subject Issuer Validity Valid
go.behindthemarkets.com
R3		 2024-05-24 -
2024-08-22		 3 months crt.sh
static.leadpages.net
GTS CA 1D4		 2024-06-05 -
2024-09-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
embed.lpcontent.net
WR3		 2024-05-24 -
2024-08-22		 3 months crt.sh
js.center.io
WR3		 2024-06-23 -
2024-09-21		 3 months crt.sh
optipub.com
Amazon RSA 2048 M02		 2023-09-05 -
2024-10-03		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.vidalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-14 -
2024-12-14		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.lpages.co
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
*.googleadservices.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
script.crazyegg.com
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.leadpages.io
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.bitmovin.com
Go Daddy Secure Certificate Authority - G2		 2024-05-08 -
2025-06-09		 a year crt.sh

This page contains 3 frames:

Primary Page: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Frame ID: D854013DF2E20C654E7C0939AFF46516
Requests: 101 HTTP requests in this frame

Frame: https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&aff=82&id=bbg%40gellerco.com&iocid=&oid=118&utm_campaign=&utm_medium=&utm_source=82
Frame ID: CC74887AE7FBF06524408466FA7E5149
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 50A05A0BD1DF37878A0A705B86322D81
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Prepare for War

Page URL History Show full URLs

  1. http://cl.s11.exct.net/?qs=4ed89395f91892abeb12d217dd4392c15f704b4aae8b750ba8bf8f58bd8d8491de825015... HTTP 307
    https://cl.s11.exct.net/?qs=4ed89395f91892abeb12d217dd4392c15f704b4aae8b750ba8bf8f58bd8d8491de825015... HTTP 302
    https://secure.investmentbankingrules.com/667d48c66579ac000100030f?email=bbg@gellerco.com&domain=093IBR&type=B&product... HTTP 302
    https://www.behindthemarkets-btm.com/4P7M9M/6ST7SM/?sub1=bbg%40gellerco.com&sub2=093IBR&sub3=B&sub4=BTPW78&sub5= HTTP 302
    https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

105
Requests

98 %
HTTPS

40 %
IPv6

25
Domains

31
Subdomains

27
IPs

4
Countries

13146 kB
Transfer

16936 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cl.s11.exct.net/?qs=4ed89395f91892abeb12d217dd4392c15f704b4aae8b750ba8bf8f58bd8d8491de8250159ec82ece41f6456866cb2d30a5e37302508e195c HTTP 307
    https://cl.s11.exct.net/?qs=4ed89395f91892abeb12d217dd4392c15f704b4aae8b750ba8bf8f58bd8d8491de8250159ec82ece41f6456866cb2d30a5e37302508e195c HTTP 302
    https://secure.investmentbankingrules.com/667d48c66579ac000100030f?email=bbg@gellerco.com&domain=093IBR&type=B&product=BTPW78 HTTP 302
    https://www.behindthemarkets-btm.com/4P7M9M/6ST7SM/?sub1=bbg%40gellerco.com&sub2=093IBR&sub3=B&sub4=BTPW78&sub5= HTTP 302
    https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/?random=440479738&cv=11&fst=1719857641505&bg=ffffff&guid=ON&async=1&gtm=45be46q0v873644296za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&npa=1&pscdl=noapi&auid=1356832795.1719857641&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIv6iq_riGhwMVCkgeAh08eAqxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IGh0dHBzOi8vZ28uYmVoaW5kdGhlbWFya2V0cy5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/401032603/?random=440479738&cv=11&fst=1719857641505&bg=ffffff&guid=ON&async=1&gtm=45be46q0v873644296za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&npa=1&pscdl=noapi&auid=1356832795.1719857641&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIv6iq_riGhwMVCkgeAh08eAqxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IGh0dHBzOi8vZ28uYmVoaW5kdGhlbWFya2V0cy5jb20v&is_vtc=1&cid=CAQSGwDaQooLqrH-UfovlFjBObpunf6dxkclnyRPDg&random=2543096783 HTTP 302
  • https://www.google.de/pagead/1p-conversion/401032603/?random=440479738&cv=11&fst=1719857641505&bg=ffffff&guid=ON&async=1&gtm=45be46q0v873644296za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&npa=1&pscdl=noapi&auid=1356832795.1719857641&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIv6iq_riGhwMVCkgeAh08eAqxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IGh0dHBzOi8vZ28uYmVoaW5kdGhlbWFya2V0cy5jb20v&is_vtc=1&cid=CAQSGwDaQooLqrH-UfovlFjBObpunf6dxkclnyRPDg&random=2543096783&ipr=y

105 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
go.behindthemarkets.com/prepare-for-war-video-1/
Redirect Chain
  • http://cl.s11.exct.net/?qs=4ed89395f91892abeb12d217dd4392c15f704b4aae8b750ba8bf8f58bd8d8491de8250159ec82ece41f6456866cb2d30a5e37302508e195c
  • https://cl.s11.exct.net/?qs=4ed89395f91892abeb12d217dd4392c15f704b4aae8b750ba8bf8f58bd8d8491de8250159ec82ece41f6456866cb2d30a5e37302508e195c
  • https://secure.investmentbankingrules.com/667d48c66579ac000100030f?email=bbg@gellerco.com&domain=093IBR&type=B&product=BTPW78
  • https://www.behindthemarkets-btm.com/4P7M9M/6ST7SM/?sub1=bbg%40gellerco.com&sub2=093IBR&sub3=B&sub4=BTPW78&sub5=
  • https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
103 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
9bd88ee36d4620c87f5a7a7ffb592e73e09c815df6142e3a5d1fa21c37e44809
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Mon, 01 Jul 2024 18:14:00 GMT
etag
W/"a3523ebd9de4490190cf5a702953b97d"
last-modified
Fri, 01 Mar 2024 14:51:51 GMT
server
Leadpages
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
HIT

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89c85f8c48e2b3a7-MUC
content-type
text/html; charset=utf-8
date
Mon, 01 Jul 2024 18:14:00 GMT
location
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N8ez7Mw%2BXnB9cMxYK7MqmmMI8RHsjQ%2FW3fDBsHG0rFtdHJLsysbAYTrSJSx044YeNel0tv%2F1D23EZt%2BtZcjPC32xb%2FaihbfgBS8R8JAJiGKm%2FFUOLf40WWoa8aU0UilQTPhBH08L6zNIVKMlfOgf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
via
1.1 google
x-eflow-request-id
d579ea5c-34fa-4673-9c71-b56bc5c81acf
all.min.css
static.leadpages.net/fonts/font-awesome/6.4.2/css/ 		100 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 00:14:26 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
64775
etag
"-6uIpg"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
e96d90f2348adb19e049bf3179d56691
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26836
expires
Tue, 01 Jul 2025 00:14:26 GMT
css
fonts.googleapis.com/ 		38 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf8d68bd452593e827b0bff016ac6ff0e83af2e66156bd180733dca5c0e6747c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jul 2024 18:14:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jul 2024 18:14:01 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-401032603
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b9d25ca6b1fe800f3b08eb913047109412c120f2fbbf00f8757e93b77ab922b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95402
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 18:14:01 GMT
Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16
lh3.googleusercontent.com/ 		377 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a707366096cb646e67672cc2c3df213f576c4dcae8e15eb19156ce75f79688ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 16:47:41 GMT
x-content-type-options
nosniff
age
5180
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
377
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 02 Jul 2024 16:47:41 GMT
tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16
lh3.googleusercontent.com/ 		250 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2c6d000f6abfc29fe3370f2af07f8d48ea2a492c007fb305aca013951bb7a6fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 16:47:41 GMT
x-content-type-options
nosniff
age
5180
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 02 Jul 2024 16:47:41 GMT
embed.js
embed.lpcontent.net/leadboxes/current/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:10:17 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
224
etag
"-6uIpg"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cloud-trace-context
75d1db210b7f05375513bdf6b4833fff
cache-control
public, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14811
expires
Mon, 01 Jul 2024 18:15:17 GMT
center.js
js.center.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:09:52 GMT
content-encoding
gzip
server
Google Frontend
age
249
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
621498a2abca402157ef7e37d985a459
cache-control
public, max-age=300
content-length
5417
expires
Mon, 01 Jul 2024 18:14:52 GMT
gtm.js
www.googletagmanager.com/ 		326 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
faa02e6429450045acc6f17391ab2985fbb479de0f98e875f27af0d60661b0ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108695
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 18:14:01 GMT
sdk.js
behindthemarkets.app.optipub.com/sdk/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://behindthemarkets.app.optipub.com/sdk/sdk.js
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.139.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-139-193.compute-1.amazonaws.com
Software
Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.3.33 / PHP/7.3.33
Resource Hash
d59a74862cc6c91ca00868fe7af4d67ee75532aab80a7c4f9922b50a8691d81f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 18:14:01 GMT
Content-Encoding
gzip
Server
Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.3.33
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
application/javascript
Cache-Control
max-age=3600, private
Connection
Upgrade, Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
6633
j.php
dev.visualwebsiteoptimizer.com/ 		19 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=601261&u=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&f=1&vn=1.5
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
651b22eb1f250e8f7cb27f8221098a3644768e70b5bd8d8912428f2c89093fb0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:00 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCGDCQRC77UB2PF1K7AG&lib=ttq
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aca6dc93a1806fb8e09bb3d64a892142e211fa924e7ee76bcee8b0e9b9116956

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
1ae335ec.4ca3b7ec
date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407011814012B42F67F96035435218C-13F639A2239FDE2B-00
x-cache
TCP_MISS from a23-213-160-217.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
112,23.213.160.217
server-timing
cdn-cache; desc=MISS, edge; dur=105, origin; dur=9, inner; dur=3
content-length
1704
pragma
no-cache
server
nginx
x-tt-logid
202407011814012B42F67F96035435218C
x-cache-remote
TCP_MISS from a104-112-235-175.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,104.112.235.175
x-tt-trace-host
01836b4158833be2f07bf617cf27212a4f058651666a0f2e57d325f1b86a799ccb57b47098ea497f3c8b338ff394d95799f8c940a83df1d40cbd02738740d6b2a01137bd1a2c84c2d01dc1b0e919ed182710959f82467ecf197946b1f2aa54a035e9c6a7850c519a3c9056259d056c5fdb
expires
Mon, 01 Jul 2024 18:14:01 GMT
loader.min.js
fast.vidalytics.com/embeds/PzpZ_7KZ/aTgSZmCNXfBo4Zlf/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/embeds/PzpZ_7KZ/aTgSZmCNXfBo4Zlf/loader.min.js
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8fd2:a5ac:6d4d:b3df:ccc3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBE) /
Resource Hash
f82432fda21ef5ecd06838af3c3a794f02ded02f0013b484623ee897b2a3c257

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
br
x-cdn
3
age
6485
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=frc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8043
surrogate-key
lb-api
last-modified
Mon, 01 Jul 2024 16:25:56 GMT
server
ECAcc (frc/4CBE)
vary
Accept-Encoding
x-cdn-site
c3-prod
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=600, s-maxage=10800
x-edg-mr
13:0;13:2;
x-lb-backend
api-prod
x-lb-cache
disabled
q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=s16
lh3.googleusercontent.com/ 		534 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=s16
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
230ce7cbc4220c4724303b8a51e5de6f76093ac08c17af912082ab8488b32049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:42:38 GMT
x-content-type-options
nosniff
age
1883
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
534
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 02 Jul 2024 17:42:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:43:41 GMT
x-content-type-options
nosniff
age
383420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 07:43:41 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 09:37:33 GMT
x-content-type-options
nosniff
age
376588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 09:37:33 GMT
AlZy_zVFtYP12Zncg2kRcn35.woff2
fonts.gstatic.com/s/rozhaone/v15/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rozhaone/v15/AlZy_zVFtYP12Zncg2kRcn35.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:46:24 GMT
x-content-type-options
nosniff
age
347257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18176
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:21:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 17:46:24 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 01:23:55 GMT
x-content-type-options
nosniff
age
319806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48336
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Jun 2025 01:23:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:31:01 GMT
x-content-type-options
nosniff
age
348180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 17:31:01 GMT
tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1062
lh3.googleusercontent.com/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1062
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1724f467ac87bb348fb5c7d8b4be30d59288c8fc85b63661613cc86c8603593f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:02:53 GMT
x-content-type-options
nosniff
age
4268
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67714
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 02 Jul 2024 17:02:53 GMT
q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1600
lh3.googleusercontent.com/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1600
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
42e6326211b739c4d83cc7899a38ec013ffacd2bba7df0fbf3c19a2989897c3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198398
x-xss-protection
0
expires
Tue, 02 Jul 2024 18:14:01 GMT
/
btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/ Frame CC74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&aff=82&id=bbg%40gellerco.com&iocid=&oid=118&utm_campaign=&utm_medium=&utm_source=82
Requested by
Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://go.behindthemarkets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Mon, 01 Jul 2024 18:14:01 GMT
etag
W/"020f2e7f5de46a783fcb76a76791482c"
last-modified
Mon, 31 Jan 2022 22:51:27 GMT
server
Leadpages
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
MISS, HIT
identify.html
js.center.io/ Frame 50A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://go.behindthemarkets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
271
cache-control
public, max-age=300
content-encoding
gzip
content-length
2016
content-type
text/html
date
Mon, 01 Jul 2024 18:09:30 GMT
etag
"OMWYXg"
expires
Mon, 01 Jul 2024 18:14:30 GMT
server
Google Frontend
x-cloud-trace-context
cbee0cd9a360006ea94eac9a3beccfdd
/
www.googleadservices.com/pagead/conversion/401032603/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/401032603/?random=1719857641505&cv=11&fst=1719857641505&bg=ffffff&guid=ON&async=1&gtm=45be46q0v873644296za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&npa=1&pscdl=noapi&auid=1356832795.1719857641&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-401032603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8b784bd8fec35bf1b14210811572782eb59749f0b08f8331048b098c239bca98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1759
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		319 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6458c577bbd0965ff42e26db52b79e30503d844411a3dc06ab34fa2128ed2ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105913
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 18:14:01 GMT
js
www.googletagmanager.com/gtag/ 		313 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f40f35a14591c82b4e4c6af7da9bb680e43c7eaf400ae0ab2f4d07664fb40d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106150
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 18:14:01 GMT
js
www.googletagmanager.com/gtag/ 		260 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16454845358&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9aee4f94c87980704527f5b8119390d7c6370c915d83e9a36e47adb97e0f4b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92360
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 18:14:01 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16585749727&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71f300d721688f53ad61e954e009a329ca468ab4fab06649efa4a9e70a92e0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93593
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 18:14:01 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Jul 2024 16:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6294
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 01 Jul 2024 18:29:07 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1616895/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1616895/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40395f0350d46d40045956f0dc908d44078ed50d125fa057a24e697df655f22b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
39Svbt5xrgjzAXyKa4.p8oXDsnm9Wizo
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 Jul 2024 18:14:01 GMT
x-amz-request-id
F5XMGKGHDST9DXXK
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21711
x-amz-id-2
sibvoKaYG4vADZwLiWgycgpUtXO5K/9LQsxoUEUiS3341uLZd9B+yV/HkXLuI7ifEfm++xl+fmc=
x-served-by
cache-fra-etou8220056-FRA
last-modified
Sun, 30 Jun 2024 11:28:59 GMT
server
AmazonS3
x-timer
S1719857642.592670,VS0,VE110
etag
"d6c0ef7cdf49ff8a549a748214594640"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
3329.js
script.crazyegg.com/pages/scripts/0075/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0075/3329.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e9c6818633ec0ec1772cfc1614c99f3685979455ccf170396cdd5a1aa15f93

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5409
cf-polished
origSize=7384
ce-version
11.5.236
cf-bgj
minify
last-modified
Mon, 01 Jul 2024 16:43:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
89c85f942f089766-FRA
js
www.googletagmanager.com/gtag/ 		269 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-660882099
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50dbf682815bb0b35e316c5dd886d3efeffbbf1ddb5a2fe10d0b5e22d4d851cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94509
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 18:14:01 GMT
capture
api.leadpages.io/analytics/v1/events/ 		35 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=M8m8wKU9zxEvbxyryYiQ2B&v=&e=&st=&lc=de-DE&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=mBpCEnToQe7gGuULvvWscb&sid=FBu7XTAC7gQcBUYWmLGZex&cid=lp-M8m8wKU9zxEvbxyryYiQ2B&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&rf=&rx=1600&ry=1200&tz=%2B02%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 18:14:01 GMT
Server
Stargate
access-control-max-age
600
Transfer-Encoding
chunked
Content-Type
image/gif
access-control-allow-origin
https://go.behindthemarkets.com
X-Forwarded-For
217.114.218.28
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
0038umkmmodn1rqgv7d0
main.MTZkNWZlYWU4MA.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCGDCQRC77UB2PF1K7AG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
47604965129b76c210cbca0993bce3965a85330fc257684ab4467a9db8ba1122

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
4ca3bb11
date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240627153451FD88353E9F505855FBB7
x-tt-trace-id
00-240627153451FD88353E9F505855FBB7-1BC641AC64914495-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-160-217.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01b323fc6992b0cc3f4b582bb5635533c8ed248dec075d885bc3280f65106a38890ae0c865e8cc25b58a1df7043c396bfdabf4360e773be2a1205bf6dfd41a6d0e660aaeae9a76b5950b43bb8fd570d7cd38a8d07f77644df14b4bceaf5ae0963e
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
98582
player.min.js
fast.vidalytics.com/players/v.4.5.4.001-vid-prod/ 		1014 KB
265 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/players/v.4.5.4.001-vid-prod/player.min.js
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/aTgSZmCNXfBo4Zlf/loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3326) /
Resource Hash
3ac60a8dc6e4958521dec27968d2839cfbbb48e90d16ff151cce059f346b3ed6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
br
x-cdn
3
age
883323
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
x-goog-meta-surrogate-key
player-versioned
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270778
last-modified
Wed, 22 May 2024 12:41:07 GMT
server
ECAcc (muc/3326)
etag
"369ee879c103e1f189ace8b5db2e359d+br"
vary
Accept-Encoding
x-cdn-site
c3-prod
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=86400, s-maxage=2592000
x-edg-mr
13:2;
x-goog-stored-content-length
272237
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Wed, 31 Jul 2024 18:14:01 GMT
collect
www.google-analytics.com/j/ 		4 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=738441255&t=pageview&_s=1&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&ul=de-de&de=UTF-8&dt=Prepare%20for%20War&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=282546842&gjid=1991617428&cid=1246271307.1719857642&tid=UA-102395123-1&_gid=1965353461.1719857642&_r=1&_slc=1&gtm=45He46q0n81WNRH3TXv812088355za200&cd1=82&cd3=false&cd4=false&cd5=false&cd6=false&cd7=false&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=375174290
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/401032603/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/?random=440479738&cv=11&fst=1719857641505&bg=ffffff&guid=ON&async=1&gtm=45be46q0v873644296za200&gcd=13l3l3l2l1&dma_cps=syp...
  • https://www.google.com/pagead/1p-conversion/401032603/?random=440479738&cv=11&fst=1719857641505&bg=ffffff&guid=ON&async=1&gtm=45be46q0v873644296za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u...
  • https://www.google.de/pagead/1p-conversion/401032603/?random=440479738&cv=11&fst=1719857641505&bg=ffffff&guid=ON&async=1&gtm=45be46q0v873644296za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/401032603/?random=440479738&cv=11&fst=1719857641505&bg=ffffff&guid=ON&async=1&gtm=45be46q0v873644296za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&npa=1&pscdl=noapi&auid=1356832795.1719857641&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIv6iq_riGhwMVCkgeAh08eAqxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IGh0dHBzOi8vZ28uYmVoaW5kdGhlbWFya2V0cy5jb20v&is_vtc=1&cid=CAQSGwDaQooLqrH-UfovlFjBObpunf6dxkclnyRPDg&random=2543096783&ipr=y
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H3
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/401032603/?random=440479738&cv=11&fst=1719857641505&bg=ffffff&guid=ON&async=1&gtm=45be46q0v873644296za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&npa=1&pscdl=noapi&auid=1356832795.1719857641&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIv6iq_riGhwMVCkgeAh08eAqxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IGh0dHBzOi8vZ28uYmVoaW5kdGhlbWFya2V0cy5jb20v&is_vtc=1&cid=CAQSGwDaQooLqrH-UfovlFjBObpunf6dxkclnyRPDg&random=2543096783&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
go.behindthemarkets.com.json
script.crazyegg.com/pages/data-scripts/0075/3329/site/ 		1023 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0075/3329/site/go.behindthemarkets.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0075/3329.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f190f5a2fb62645bd773975ee31cdcb960f60f6dccd69b808571dc87b5980e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5408
ce-version
11.5.236
content-length
455
last-modified
Mon, 01 Jul 2024 16:43:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89c85f94fe8d65be-FRA
collect
stats.g.doubleclick.net/j/ 		4 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102395123-1&cid=1246271307.1719857642&jid=282546842&gjid=1991617428&_gid=1965353461.1719857642&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1842950167
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 01 Jul 2024 18:14:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je46q0v874108444z8812088355za200zb812088355&_p=1719857641270&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1246271307.1719857642&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719857641&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&dt=Prepare%20for%20War&en=page_view&_fv=1&_ss=1&epn.variant_id=0&tfd=2408&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8R6YNFMJ23&cid=1246271307.1719857642&gtm=45je46q0v874108444z8812088355za200zb812088355&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=1246271307.1719857642&gtm=45je46q0v874108444z8812088355za200zb812088355&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1512591413
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
4ca3be05
date
Mon, 01 Jul 2024 18:14:01 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400009F19F3F262ADB0F2F94C
x-tt-trace-id
00-2405211400009F19F3F262ADB0F2F94C-4777DC948454243B-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-160-217.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0164d4df9127cd0260f8a4d34aa07b9aa9f371a909ebd4d6ca565c8a7d59062b9761b58c53aeab233271348eb425c6f751b243a09cac72fa7be95a444412353403240d0302b3219e337457d9570807f6b4cbc7dfa2f3740b0370a3b91e10e7b7f6
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39700
pixel
analytics.tiktok.com/api/v2/ 		0
845 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
356a7d4c.4ca3be06
date
Mon, 01 Jul 2024 18:14:01 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240701181401E3281CCD1D9501022C3A-427B51396926167A-00
x-cache
TCP_MISS from a23-213-160-217.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
153,23.213.160.217
server-timing
cdn-cache; desc=MISS, edge; dur=118, origin; dur=43, inner; dur=35
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240701181401E3281CCD1D9501022C3A
x-cache-remote
TCP_MISS from a104-112-235-207.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
43,104.112.235.207
x-tt-trace-host
01836b4158833be2f07bf617cf27212a4f058651666a0f2e57d325f1b86a799ccbfb265838b5ed9126001385722a4232c56568776005e4ec4f2eb7a8a10e512f282a5f59f3151fd37e6622391254955b8e9185ef96961d4f77dbb3292682ef27a191f79bcbb1711f16ed4efd852b00b7de
access-control-allow-headers
Authorization,*
expires
Mon, 01 Jul 2024 18:14:01 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3162baff.4ca3be07
date
Mon, 01 Jul 2024 18:14:01 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407011814013A1419323B2562357B78-4A9DBF8E87824DC5-00
x-cache
TCP_MISS from a23-213-160-217.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
125,23.213.160.217
server-timing
cdn-cache; desc=MISS, edge; dur=103, origin; dur=32, inner; dur=25
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202407011814013A1419323B2562357B78
x-cache-remote
TCP_MISS from a23-52-15-74.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
33,23.52.15.74
x-tt-trace-host
01836b4158833be2f07bf617cf27212a4f058651666a0f2e57d325f1b86a799ccb53f1464fc16ee538d69cff03e73ac6b552409e4d56fe2aecc90664740f122591b56181039cb8b37d505daf51f30ac3e2163640a4e3403e90b257eeb2492f9640e6d309984594e3ad8ad7a8005e5873db
access-control-allow-headers
Authorization,*
expires
Mon, 01 Jul 2024 18:14:01 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KDYSD5C2HD&gtm=45je46q0v9125329637z8812088355za200zb812088355&_p=1719857641270&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1246271307.1719857642&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719857641&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&dt=Prepare%20for%20War&en=page_view&_fv=1&_ss=1&tfd=2471&_z=fetch
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDYSD5C2HD&cid=1246271307.1719857642&gtm=45je46q0v9125329637z8812088355za200zb812088355&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDYSD5C2HD&cid=1246271307.1719857642&gtm=45je46q0v9125329637z8812088355za200zb812088355&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1075210434
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
47b2eb1e-233d-4f9d-9908-c0424bf93f10
https://go.behindthemarkets.com/ 		1014 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://go.behindthemarkets.com/47b2eb1e-233d-4f9d-9908-c0424bf93f10
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/aTgSZmCNXfBo4Zlf/loader.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ac60a8dc6e4958521dec27968d2839cfbbb48e90d16ff151cce059f346b3ed6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1038189
Content-Type
application/javascript
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102395123-1&cid=1246271307.1719857642&jid=282546842&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1707745021
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102395123-1&cid=1246271307.1719857642&jid=282546842&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1707745021
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
topics_api
psb.taboola.com/ 		65 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-etou8220116-FRA
date
Mon, 01 Jul 2024 18:14:02 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1719857642.004738,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-cache-hits
0
json
trc.taboola.com/1616895/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1616895/trc/3/json?tim=1719857641919&data=%7B%22id%22%3A171%2C%22ii%22%3A%22%2Fprepare-for-war-video-1%3Fid%3Dbbg%2540gellerco.com%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1719857641877%2C%22cv%22%3A%2220240626-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbehindthemarkets-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1719857641900%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118%22%2C%22tos%22%3A19%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1616895/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
28ad732d27de1c50aa5ab162ebe358df46b87de28b8d3426fcf74c065a6e4e80

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
24
date
Mon, 01 Jul 2024 18:14:02 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.34525
x-fastly-to-nlb-rtt
7421
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220056-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1719857642.013898,VS0,VE24
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=d75ykGqYFsm6KQpD8tNhLL&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=199.0999984741211,1,RLh4RnBHt8S8rsns3Gvxq9
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 18:14:02 GMT
Server
Stargate
access-control-max-age
600
Transfer-Encoding
chunked
Content-Type
image/gif
access-control-allow-origin
https://go.behindthemarkets.com
X-Forwarded-For
217.114.218.28
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
0038umn9r4atf3gfp8ag
stream.m3u8
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/stream.m3u8
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/330E) /
Resource Hash
92232ee6437f79c9b7453b53f434d790c174e19c0c2bd60f5f2f220aeb8a2863

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6595980
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1190
last-modified
Tue, 02 Jan 2024 21:23:00 GMT
server
ECAcc (muc/330E)
etag
"fdc9c989785a07404814f5a1985fe442"
x-cdn-site
c3-prod
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
1190
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
702 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4ca3c2d4
date
Mon, 01 Jul 2024 18:14:02 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407011814028A4FC9690B268A280E2B-351BE2224656F4EE-00
x-cache
TCP_MISS from a23-213-160-217.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=24, cdn-cache; desc=MISS, edge; dur=9, origin; dur=134
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202407011814028A4FC9690B268A280E2B
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
135,23.213.160.217
x-tt-trace-host
01836b4158833be2f07bf617cf27212a4f058651666a0f2e57d325f1b86a799ccbba305b136a3331d53356e7e3ffd6d7ffd85ab3b82390dbce1f249e6dd481fd2738315fee9b5cf27dc029cb73511df6b3a2c507d6b003c91fe5a324e1f979ace0
access-control-allow-headers
Authorization,*
expires
Mon, 01 Jul 2024 18:14:02 GMT
pixel.gif
behindthemarkets.app.optipub.com/sdk/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://behindthemarkets.app.optipub.com/sdk/pixel.gif?page=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&referrer=&utmSource=82&counter=0.6686287698393407
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.139.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-139-193.compute-1.amazonaws.com
Software
Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.3.33 / PHP/7.3.33
Resource Hash
58d4b1bd9484ebd342399e408daeaa337b1c935091bd22c8d6ae49e1f828cb02

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 18:14:02 GMT
Server
Apache/2.4.59 () OpenSSL/1.0.2k-fips PHP/7.3.33
X-Powered-By
PHP/7.3.33
Content-Type
image/gif
Cache-Control
no-cache, private
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
1101
awesome-log
stats.vidalytics.com/ 		43 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
server
istio-envoy
etag
"PzpZ_7KZ/Te6oSSWdKci7rtVC"
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://go.behindthemarkets.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control
no-cache, public, max-age=2592000
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Origin, Range, X-Requested-With
content-length
43
preview-5_0.jpg
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/thumb/preview-5_0.jpg
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=8bf980c920b44f9db26b73766cf58ec7&utm_source=82&utm_campaign=&utm_medium=&id=bbg%40gellerco.com&iocid=&aff=82&oid=118
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8fd2:a5ac:6d4d:b3df:ccc3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA7) /
Resource Hash
ccd1c095f36d22ac57e0d479c5c360feac5c7b371fe1aa135ad696f895ededbd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6595980
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=frc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2106
last-modified
Tue, 02 Jan 2024 20:50:44 GMT
server
ECAcc (frc/4CA7)
etag
"77f30386a811a81b7f5719d065cd9cdf"
x-cdn-site
c3-prod
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
2106
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ 		45 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/331B) /
Resource Hash
49ed1f06465f35d0a814d30db185ec67bb34b007b16e44870ed50e0f5ae46b97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6584447
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46234
last-modified
Tue, 02 Jan 2024 21:23:00 GMT
server
ECAcc (muc/331B)
etag
"c25a6b7e95648a00ce3e04659d2024e6"
x-cdn-site
c3-prod
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
46234
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
audio_TS_h264_aac_96000_variant.m3u8
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ 		35 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3340) /
Resource Hash
109e205a7405b5d29d75288ce62c26ee00a7df45542316140d8d9d3f6013574e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6595977
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35782
last-modified
Tue, 02 Jan 2024 21:23:00 GMT
server
ECAcc (muc/3340)
etag
"b8c627f667ddec130776ab690a1a6a41"
x-cdn-site
c3-prod
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
35782
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
licensing
analytics-ingress-global.bitmovin.com/ 		117 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/licensing
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.65.0 /
Resource Hash
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
via
1.1 google
server
v1.65.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
117
alt-svc
clear
1.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1280x720_h264_2500000/ 		567 KB
567 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1280x720_h264_2500000/1.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3349) /
Resource Hash
53696aadacc6520ddc1e6f4f6562a9fb87f81fd66ae69a7cd9dd5d4a127c9d62

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6584447
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
580732
last-modified
Tue, 02 Jan 2024 21:20:10 GMT
server
ECAcc (muc/3349)
etag
"f8501027bbdef2579a5a17f0ed31729f"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
580732
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
1.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		52 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/1.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3336) /
Resource Hash
438645b1d2593e297d803147949c7c4f98bebb034c15180942f79fec145a9f02

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6595975
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53580
last-modified
Tue, 02 Jan 2024 21:21:09 GMT
server
ECAcc (muc/3336)
etag
"fc292716fe8d7e8614b6c901f63314bd"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
53580
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.65.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
via
1.1 google
server
v1.65.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,290,260,613,3,617,747,748,1922,1922
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 18:14:02 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
217.114.218.28
Content-Type
image/gif
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
0038umpdsjio8ut9i9hg
2.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		51 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/2.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3358) /
Resource Hash
8c6f336a861b4a33d377005ffa0285c94fd3708690bcf58ccb1deb41840c546c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6595974
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52640
last-modified
Tue, 02 Jan 2024 21:21:10 GMT
server
ECAcc (muc/3358)
etag
"b47a7a94a833945e687f95bb1c03eb2d"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
52640
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
favicon.ico
static.leadpages.net/images/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:11:57 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
125
etag
"-6uIpg"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
x-cloud-trace-context
042c94a9e8688968a23096e2e2728c3b
cache-control
public, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2594
expires
Mon, 01 Jul 2024 18:16:57 GMT
video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ 		46 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3320) /
Resource Hash
cecdd608d93f37ea7485c4499b54b4bc2423b6406b3db9ecf32a199c5b8fd001

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6595979
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47105
last-modified
Tue, 02 Jan 2024 21:23:00 GMT
server
ECAcc (muc/3320)
etag
"6e4c69d5afb8e7e806a23709e61502a6"
x-cdn-site
c3-prod
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
47105
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
2.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		613 KB
613 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/2.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3371) /
Resource Hash
0f6f130bf01f85204495174ecf332922a1350138199e1b74b9bb6c27ba9aac08

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6584445
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
627544
last-modified
Tue, 02 Jan 2024 21:20:51 GMT
server
ECAcc (muc/3371)
etag
"c6d79c44c930586beb409bf496e1fee3"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
627544
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
3.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		51 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/3.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3316) /
Resource Hash
846640e4f3a44b2f5d53418f08f41b6805115f970defa42329bdb25d33e48cf4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6595972
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52264
last-modified
Tue, 02 Jan 2024 21:21:10 GMT
server
ECAcc (muc/3316)
etag
"b680d27d5d30ec41f9e3daec493a2365"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
52264
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
scribe
stats.vidalytics.com/ 		16 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://go.behindthemarkets.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time
2
content-length
16
4.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		53 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/4.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3307) /
Resource Hash
d67b485cc9f0c26ab692d706e8e4edabd67e627e001273eb868d718f13d94d62

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6595970
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54708
last-modified
Tue, 02 Jan 2024 21:21:11 GMT
server
ECAcc (muc/3307)
etag
"c70afd47e5dd4c05542d9278fa9405d5"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
54708
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
3.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/3.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3356) /
Resource Hash
b4f0e237b5fbbc84c34ae44b196bc82c7ba00089fe14f691cf4f5ab4a1b94309

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6585005
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1053740
last-modified
Tue, 02 Jan 2024 21:20:53 GMT
server
ECAcc (muc/3356)
etag
"7a75f9d853fcbd0d9e171167c6d8a75e"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
1053740
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.65.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 18:14:01 GMT
via
1.1 google
server
v1.65.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=d75ykGqYFsm6KQpD8tNhLL&kind=timer&label=lb_embed_leadbox_load&value=919.8000030517578
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 18:14:02 GMT
Server
Stargate
access-control-max-age
600
Transfer-Encoding
chunked
Content-Type
image/gif
access-control-allow-origin
https://go.behindthemarkets.com
X-Forwarded-For
217.114.218.28
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
0038umrujocmem4dfftg
scribe
stats.vidalytics.com/ 		16 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://go.behindthemarkets.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time
2
content-length
16
scribe
stats.vidalytics.com/ 		16 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://go.behindthemarkets.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time
1
content-length
16
4.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/4.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3373) /
Resource Hash
5d3d7c8eeff05958d4be8e6224c1112a86fda36b1bbe3e9330fc75e36055a6f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:02 GMT
x-cdn
3
age
6585004
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1591044
last-modified
Tue, 02 Jan 2024 21:20:56 GMT
server
ECAcc (muc/3373)
etag
"e514e3f3eeff5d3955feb177ae62e76e"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
1591044
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:02 GMT
5.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		51 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/5.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3382) /
Resource Hash
566805530e73dae8debfdc72c296f806d2f4688b33a02a9a92fdffd702836851

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6595969
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51888
last-modified
Tue, 02 Jan 2024 21:21:12 GMT
server
ECAcc (muc/3382)
etag
"e4320ec53543e7f5943d0f397fe930dc"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
51888
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
5.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		635 KB
635 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/5.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/335F) /
Resource Hash
e9482a64448d30532d78f290d553064f4eb3990eb8af66dcb7351a49d47bde8c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6585003
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
649916
last-modified
Tue, 02 Jan 2024 21:20:58 GMT
server
ECAcc (muc/335F)
etag
"aa2378f2385a9ed78666dde3538ca05d"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
649916
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
6.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		51 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/6.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/335A) /
Resource Hash
da26a86b4d203df88edbc4da53f48981096ead6a393cb9ad3e406bf6d18c33e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6595968
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52452
last-modified
Tue, 02 Jan 2024 21:21:12 GMT
server
ECAcc (muc/335A)
etag
"c87ba44605437336582d71627e5af25b"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
52452
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
6.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		647 KB
647 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/6.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/331B) /
Resource Hash
941f9f5d5816e2251cc5e39066f8b312ec4c53f5c340c009be7baf50f6b0ccb6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6585001
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
662324
last-modified
Tue, 02 Jan 2024 21:21:02 GMT
server
ECAcc (muc/331B)
etag
"4bb9bc12e83db064b2b3e65c0f5aac01"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
662324
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
7.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		49 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/7.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3338) /
Resource Hash
8be461871c8d5c4d32ace6c2407fa8a4c359114134aedcbfc17222031a828d1a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6595966
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49820
last-modified
Tue, 02 Jan 2024 21:21:13 GMT
server
ECAcc (muc/3338)
etag
"a8cb8a932b5dd9adffa941a44b798b01"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
49820
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
7.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		714 KB
714 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/7.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3338) /
Resource Hash
2c11e0f0d79d763e31ac4e1f348a1c27ce3a468824cf6c63c55918bedf7b2838

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6584999
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
731132
last-modified
Tue, 02 Jan 2024 21:21:05 GMT
server
ECAcc (muc/3338)
etag
"c468572c92a2eb6d9aefba7b64959eb0"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
731132
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
8.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		49 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/8.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3344) /
Resource Hash
f42d4183e02de76d4621df4690ebfe84ce3f8689074e13a30d72fba37b551ef6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6595965
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49820
last-modified
Tue, 02 Jan 2024 21:21:13 GMT
server
ECAcc (muc/3344)
etag
"80f22fd7c1c1e328ac5f0e3afe0ba926"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
49820
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
8.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		738 KB
738 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/8.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3332) /
Resource Hash
0e62ff1005bebc56af3f3b0dfc202547357e2f79b0b0e26f6baa2a3995134ed9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6584998
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
755384
last-modified
Tue, 02 Jan 2024 21:21:07 GMT
server
ECAcc (muc/3332)
etag
"75ecf3919affbb700ffd46490f80b855"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
755384
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
9.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		51 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/9.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3308) /
Resource Hash
f3a1f893c23e015c7740da32178e5905846eb2537d39a95bd68c2740ad526375

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6595964
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52076
last-modified
Tue, 02 Jan 2024 21:21:14 GMT
server
ECAcc (muc/3308)
etag
"46ceee4a86efc35dc3ab01d95648bf6b"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
52076
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
9.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		874 KB
874 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/9.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3334) /
Resource Hash
a7da1929a72616ecb5e2798ba6fc0587c84a7065fc35998527ddfca659c0418c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6584996
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
894880
last-modified
Tue, 02 Jan 2024 21:21:08 GMT
server
ECAcc (muc/3334)
etag
"458fab630733c1ff37d0d5daafdfe481"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
894880
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
10.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		49 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/10.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/337C) /
Resource Hash
307cf8add1fd7f348bd0a0c83d0ffaedbe308720007b9974cc5291ba88b8923c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6595962
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49820
last-modified
Tue, 02 Jan 2024 21:21:09 GMT
server
ECAcc (muc/337C)
etag
"ce7d9ceaa43f5b153414660708c2258a"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
49820
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
10.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		991 KB
991 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/10.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3315) /
Resource Hash
1e01860b3c7db7de474db7f09fa4dd37c1adfd26e793194e1bf9706724875022

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6584994
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1014448
last-modified
Tue, 02 Jan 2024 21:20:48 GMT
server
ECAcc (muc/3315)
etag
"798b66d8a3d69ac324be41008fc06d7f"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
1014448
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
11.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		53 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/11.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3332) /
Resource Hash
644e31640c46de75be07db4c1c77cde5d561f51adf3dbee2d58820b222f3a58b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6595960
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53956
last-modified
Tue, 02 Jan 2024 21:21:10 GMT
server
ECAcc (muc/3332)
etag
"25d1b9dd56621642dadf2c2554373405"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
53956
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
unip
trc-events.taboola.com/1616895/log/3/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1616895/log/3/unip?en=pre_d_eng_tb&tos=1756&scd=0&ssd=1&est=1719857641880&ver=36&isls=true&src=i&invt=1500&msa=516&rv=1&tim=1719857643637&vi=1719857641877&ri=f27f66e6f027ae1bbacd4cfd98b81642&ref=null&cv=20240626-2-RELEASE&item-url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&ler=other
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Attribution-Reporting-Eligible
trigger
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://go.behindthemarkets.com
pragma
no-cache
date
Mon, 01 Jul 2024 18:14:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1616895/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1616895/log/3/unip?en=pre_d_eng_tb&tos=1756&scd=0&ssd=1&est=1719857641880&ver=36&isls=true&src=i&invt=1500&msa=516&rv=1&tim=1719857643637&vi=1719857641877&ri=f27f66e6f027ae1bbacd4cfd98b81642&ref=null&cv=20240626-2-RELEASE&item-url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&ler=other
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://go.behindthemarkets.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://go.behindthemarkets.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Mon, 01 Jul 2024 18:14:03 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
11.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/11.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3327) /
Resource Hash
6aab9ad2e80293ad8600fa8234b7a006072c5402f709705c688f932586f7da7c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:03 GMT
x-cdn
3
age
6584440
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1322956
last-modified
Tue, 02 Jan 2024 21:20:48 GMT
server
ECAcc (muc/3327)
etag
"8b34150634a9633ee261b53d4e5906fb"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
1322956
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:03 GMT
12.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/video/1920x1080_h264_4000000/12.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/336C) /
Resource Hash
bd80277ca1fabed33730edcf17e12a2847962dd8da11e05014d70d3e1f138319

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:05 GMT
x-cdn
3
age
6584440
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1138152
last-modified
Tue, 02 Jan 2024 21:20:48 GMT
server
ECAcc (muc/336C)
etag
"061593ec142e44b9a798c070a67731d0"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
1138152
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:05 GMT
scribe
stats.vidalytics.com/ 		16 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 01 Jul 2024 18:14:05 GMT
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://go.behindthemarkets.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time
2
content-length
16
12.ts
fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/ 		50 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/uZSsWqljoHi6uNB9/120616/121857__FFMPEG/ts/audio/aac_96000/12.ts
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
152.195.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3324) /
Resource Hash
f203798157e01f66f472841eae32b3a95397e50b8b6718070d97dd3ab44024fd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 18:14:05 GMT
x-cdn
3
age
6595960
x-edg-version
32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14, 32 13 8 7.8.1 2024-04-16T08:58:00Z 3438f2f9-7d9f-4a5a-bafc-61b48ed0cb14
x-cache
HIT
server-timing
edgio_cache;desc=TCP_HIT,edgio_pop;desc=muc,edgio_country;desc=DE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51324
last-modified
Tue, 02 Jan 2024 21:21:10 GMT
server
ECAcc (muc/3324)
etag
"adc90dcfd142b98066e6efa33ac1dcc2"
x-cdn-site
c3-prod
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-edg-mr
13:2;
x-goog-stored-content-length
51324
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Thu, 26 Jun 2025 18:14:05 GMT
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.65.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 18:14:04 GMT
via
1.1 google
server
v1.65.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.65.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 18:14:05 GMT
via
1.1 google
server
v1.65.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=2pYTqjFAMMyCgHWWXkzoiC&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=117.5,178.0999984741211,1,474.60000228881836
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 18:14:06 GMT
Server
Stargate
access-control-max-age
600
Transfer-Encoding
chunked
Content-Type
image/gif
access-control-allow-origin
https://go.behindthemarkets.com
X-Forwarded-For
217.114.218.28
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
0038unm4pqgv8paedhlg
unip
trc-events.taboola.com/1616895/log/3/ 		0
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1616895/log/3/unip?en=pre_d_eng_tb&tos=4760&scd=0&ssd=1&est=1719857641880&ver=36&isls=true&src=i&invt=3000&msa=516&rv=1&tim=1719857646641&vi=1719857641877&ri=f27f66e6f027ae1bbacd4cfd98b81642&ref=null&cv=20240626-2-RELEASE&item-url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&ler=other
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Attribution-Reporting-Eligible
trigger
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://go.behindthemarkets.com
pragma
no-cache
date
Mon, 01 Jul 2024 18:14:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1616895/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1616895/log/3/unip?en=pre_d_eng_tb&tos=4760&scd=0&ssd=1&est=1719857641880&ver=36&isls=true&src=i&invt=3000&msa=516&rv=1&tim=1719857646641&vi=1719857641877&ri=f27f66e6f027ae1bbacd4cfd98b81642&ref=null&cv=20240626-2-RELEASE&item-url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&ler=other
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://go.behindthemarkets.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://go.behindthemarkets.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Mon, 01 Jul 2024 18:14:06 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je46q0v874108444z8812088355za200zb812088355&_p=1719857641270&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1246271307.1719857642&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1719857641&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D8bf980c920b44f9db26b73766cf58ec7%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dbbg%2540gellerco.com%26iocid%3D%26aff%3D82%26oid%3D118&dt=Prepare%20for%20War&en=fetch_user_data&epn.variant_id=0&_et=146&up.custom_client_id=1246271307.1719857642.&upn.variant_id=0&upn.experiment_id=0&tfd=7591&_z=fetch
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 18:14:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
scribe
stats.vidalytics.com/ 		16 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://go.behindthemarkets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 01 Jul 2024 18:14:07 GMT
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://go.behindthemarkets.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time
1
content-length
16

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage string| LeadPagesCenterObject function| center object| dataLayer function| optipub number| settings_timer number| _vwo_settings_timer object| _vwo_code function| gtag string| TiktokAnalyticsObject object| ttq object| Vidalytics object| VidalyticsL object| _vidalytics function| getUrlVars undefined| subPartner undefined| subEmail undefined| url undefined| Http object| sup string| affiliate string| offer string| transactionId boolean| LPLeadboxesDispatched object| LPLeadboxes object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| myStorage object| variant_id string| GoogleAnalyticsObject function| ga object| __tfa_pixel_init object| _tfa object| gaplugins object| gaGlobal object| gaData boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| onYouTubeIframeAPIReady object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks string| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| exp_id

16 Cookies

Domain/Path Name / Value
.api.leadpages.io/analytics/v1/events/capture Name: view.bb4wMKcXKB896PwqF4vMVT-default-prop.M8m8wKU9zxEvbxyryYiQ2B
Value: 1719857642000
.secure.investmentbankingrules.com/ Name: redcmps
Value: W3siaWQiOiI2NjdkNDhjNjY1NzlhYzAwMDEwMDAzMGYiLCJ0IjoiMjAyNC0wNy0wMVQxODoxNDowMC4yODE3NjA0MzZaIn1d
.secure.investmentbankingrules.com/ Name: redhash
Value: NjY4MmYxZTgyNGYwOTcwMDAxNGZjYzYyfDB8NjY3ZDQ4YzY2NTc5YWMwMDAxMDAwMzBmfHwyNWRjNTBmZS0xOTI3LTQzOTEtODEzZi02N2RhOGQzOTY4MDV8MTcxOTg1NzY0MA==
.tiktok.com/ Name: _ttp
Value: 2ieirRea1dIZAqwYTUpQ0MKmujW
.behindthemarkets.com/ Name: _gcl_au
Value: 1.1.1356832795.1719857641
.behindthemarkets.com/ Name: _gid
Value: GA1.2.1965353461.1719857642
.behindthemarkets.com/ Name: _gat_UA-102395123-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.behindthemarkets.com/ Name: _ga
Value: GA1.1.1246271307.1719857642
.behindthemarkets.com/ Name: _tt_enable_cookie
Value: 1
.behindthemarkets.com/ Name: _ttp
Value: jbN_1XGOcJcpJOxM1d1cPOIkybd
.behindthemarkets.com/ Name: _ga_KDYSD5C2HD
Value: GS1.1.1719857641.1.0.1719857641.60.0.0
.behindthemarkets.com/ Name: _ga_8R6YNFMJ23
Value: GS1.1.1719857641.1.0.1719857641.60.0.0
go.behindthemarkets.com/ Name: bitmovin_analytics_uuid
Value: 87cd2b75-017f-4c88-bfce-1560ecfaad2c
behindthemarkets.app.optipub.com/ Name: optipub
Value: eyJpdiI6InJLSUNrTUtHODArWEZ0VDN0N2lRbmc9PSIsInZhbHVlIjoiMmc3a1dTY0V2QWlTWCtVUWhtVllxNkdsam0xT0NVaGlGN0ttczVoMDg4RUREcG5tNExpd1RkZ0pmQWxMQTdhVEkrNk1rbi9lUUVBN3F0UW81RVN0cnJPUHB1eVhJVytic0ZBbk5zWnRKQjFqVmsrcUxGbDNMNGJDOTNJa3J0RnR3alBKUEx6VzNXdWVyQ3BEZjh5QU8rb2t3M1JXa3pjV3Rmd2FvOXFhcEZwSEYweE9wUUhncW9LWjNBclQ3MzNSUjZ6OW5GTkZud3lJY1BWVlkrZkMzMWxLbVg3UFJtUGFFL2lnZjIvTlkvaWYyTEN0YXR6SysyVWtoWDZ4bmdmSG0vVjNmbkxHV1psaTRreGt4cmh2ZjE2NXAyOEZGNGMxRFlDdVp0V09tRzRaaHozNGJkQ08vOEVrTitjYzRNa2VhTlAzVGphdUs1K0J4UUdJUzN2UDRuRTJHN2JydTdlVHpkQkVjUzJtd0dkQ2E3TWZnUGphQkh2N0pzS1dsREhHR2FLR3FHMktPZUl0NmZmYkppbERLdS9Ca0d1dFYxWnAzb0RnK1F5M2JEQTg1YW91QkFEdGxaVnkwVTlYTjFsR2RkdW9IbEl4aVJ6SDhEOW14dy9rL3diTVB2d0xsYXcxeFNWWEs2Vm9hdmlmZDZhQnhPMXhTc1lZNkdOc1V2M1oiLCJtYWMiOiI0ZDE5OTk0YWJmN2NkMWE1N2E1ZDM1NzI2YzA1NzAwODE3NWQ0MzA0NGFkMGEzMDkxZDAzN2M1ZmQ3Y2VkOGQ4In0%3D
.go.behindthemarkets.com/ Name: vidalytics_uid
Value: Te6oSSWdKci7rtVC

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-ingress-global.bitmovin.com
analytics.tiktok.com
api.leadpages.io
behindthemarkets.app.optipub.com
btm-btm-btm.lpages.co
cdn.taboola.com
cl.s11.exct.net
dev.visualwebsiteoptimizer.com
embed.lpcontent.net
fast.vidalytics.com
fonts.googleapis.com
fonts.gstatic.com
go.behindthemarkets.com
googleads.g.doubleclick.net
js.center.io
lh3.googleusercontent.com
psb.taboola.com
region1.analytics.google.com
script.crazyegg.com
secure.investmentbankingrules.com
static.leadpages.net
stats.g.doubleclick.net
stats.vidalytics.com
trc-events.taboola.com
trc.taboola.com
www.behindthemarkets-btm.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
107.178.211.97
13.111.71.12
141.226.228.48
142.250.181.226
142.250.185.132
142.250.186.98
151.101.129.44
151.101.193.44
152.195.133.208
188.114.96.3
2001:1af8:5100:a003:2::
2001:4860:4802:32::36
2001:4860:4802:36::15
2001:4860:4802:38::15
216.58.206.35
23.213.161.217
2606:2800:233:8fd2:a5ac:6d4d:b3df:ccc3
2606:4700::6813:9308
2a00:1450:4001:800::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
34.107.203.240
34.225.139.193
34.96.102.137
35.190.27.197
35.192.151.63
35.202.21.90
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0e62ff1005bebc56af3f3b0dfc202547357e2f79b0b0e26f6baa2a3995134ed9
0f6f130bf01f85204495174ecf332922a1350138199e1b74b9bb6c27ba9aac08
109e205a7405b5d29d75288ce62c26ee00a7df45542316140d8d9d3f6013574e
13e9c6818633ec0ec1772cfc1614c99f3685979455ccf170396cdd5a1aa15f93
1724f467ac87bb348fb5c7d8b4be30d59288c8fc85b63661613cc86c8603593f
1e01860b3c7db7de474db7f09fa4dd37c1adfd26e793194e1bf9706724875022
1f190f5a2fb62645bd773975ee31cdcb960f60f6dccd69b808571dc87b5980e2
230ce7cbc4220c4724303b8a51e5de6f76093ac08c17af912082ab8488b32049
28ad732d27de1c50aa5ab162ebe358df46b87de28b8d3426fcf74c065a6e4e80
2c11e0f0d79d763e31ac4e1f348a1c27ce3a468824cf6c63c55918bedf7b2838
2c6d000f6abfc29fe3370f2af07f8d48ea2a492c007fb305aca013951bb7a6fa
307cf8add1fd7f348bd0a0c83d0ffaedbe308720007b9974cc5291ba88b8923c
3ac60a8dc6e4958521dec27968d2839cfbbb48e90d16ff151cce059f346b3ed6
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40395f0350d46d40045956f0dc908d44078ed50d125fa057a24e697df655f22b
42e6326211b739c4d83cc7899a38ec013ffacd2bba7df0fbf3c19a2989897c3f
438645b1d2593e297d803147949c7c4f98bebb034c15180942f79fec145a9f02
47604965129b76c210cbca0993bce3965a85330fc257684ab4467a9db8ba1122
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
49ed1f06465f35d0a814d30db185ec67bb34b007b16e44870ed50e0f5ae46b97
50dbf682815bb0b35e316c5dd886d3efeffbbf1ddb5a2fe10d0b5e22d4d851cd
53696aadacc6520ddc1e6f4f6562a9fb87f81fd66ae69a7cd9dd5d4a127c9d62
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
566805530e73dae8debfdc72c296f806d2f4688b33a02a9a92fdffd702836851
58d4b1bd9484ebd342399e408daeaa337b1c935091bd22c8d6ae49e1f828cb02
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5d3d7c8eeff05958d4be8e6224c1112a86fda36b1bbe3e9330fc75e36055a6f5
644e31640c46de75be07db4c1c77cde5d561f51adf3dbee2d58820b222f3a58b
651b22eb1f250e8f7cb27f8221098a3644768e70b5bd8d8912428f2c89093fb0
6aab9ad2e80293ad8600fa8234b7a006072c5402f709705c688f932586f7da7c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
71f300d721688f53ad61e954e009a329ca468ab4fab06649efa4a9e70a92e0e2
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b
7b9d25ca6b1fe800f3b08eb913047109412c120f2fbbf00f8757e93b77ab922b
846640e4f3a44b2f5d53418f08f41b6805115f970defa42329bdb25d33e48cf4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b784bd8fec35bf1b14210811572782eb59749f0b08f8331048b098c239bca98
8be461871c8d5c4d32ace6c2407fa8a4c359114134aedcbfc17222031a828d1a
8c6f336a861b4a33d377005ffa0285c94fd3708690bcf58ccb1deb41840c546c
92232ee6437f79c9b7453b53f434d790c174e19c0c2bd60f5f2f220aeb8a2863
941f9f5d5816e2251cc5e39066f8b312ec4c53f5c340c009be7baf50f6b0ccb6
9bd88ee36d4620c87f5a7a7ffb592e73e09c815df6142e3a5d1fa21c37e44809
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
a707366096cb646e67672cc2c3df213f576c4dcae8e15eb19156ce75f79688ff
a7da1929a72616ecb5e2798ba6fc0587c84a7065fc35998527ddfca659c0418c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aca6dc93a1806fb8e09bb3d64a892142e211fa924e7ee76bcee8b0e9b9116956
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4f0e237b5fbbc84c34ae44b196bc82c7ba00089fe14f691cf4f5ab4a1b94309
bd80277ca1fabed33730edcf17e12a2847962dd8da11e05014d70d3e1f138319
c6458c577bbd0965ff42e26db52b79e30503d844411a3dc06ab34fa2128ed2ae
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
ccd1c095f36d22ac57e0d479c5c360feac5c7b371fe1aa135ad696f895ededbd
cecdd608d93f37ea7485c4499b54b4bc2423b6406b3db9ecf32a199c5b8fd001
cf8d68bd452593e827b0bff016ac6ff0e83af2e66156bd180733dca5c0e6747c
d59a74862cc6c91ca00868fe7af4d67ee75532aab80a7c4f9922b50a8691d81f
d67b485cc9f0c26ab692d706e8e4edabd67e627e001273eb868d718f13d94d62
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
d9aee4f94c87980704527f5b8119390d7c6370c915d83e9a36e47adb97e0f4b7
da26a86b4d203df88edbc4da53f48981096ead6a393cb9ad3e406bf6d18c33e1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e9482a64448d30532d78f290d553064f4eb3990eb8af66dcb7351a49d47bde8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f203798157e01f66f472841eae32b3a95397e50b8b6718070d97dd3ab44024fd
f3a1f893c23e015c7740da32178e5905846eb2537d39a95bd68c2740ad526375
f40f35a14591c82b4e4c6af7da9bb680e43c7eaf400ae0ab2f4d07664fb40d0a
f42d4183e02de76d4621df4690ebfe84ce3f8689074e13a30d72fba37b551ef6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f82432fda21ef5ecd06838af3c3a794f02ded02f0013b484623ee897b2a3c257
faa02e6429450045acc6f17391ab2985fbb479de0f98e875f27af0d60661b0ec