go.behindthemarkets.com Open in urlscan Pro
35.202.21.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.s12.exct.net/?qs=87c9f2bbce9b0f0290589fc3c8e4ac12db4048e948b8a8c2e30916468455567a96f23100b7e660ff09b15847e65c...
Effective URL:
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_c...
Submission: On December 04 via api (December 4th 2023, 8:12:56 pm UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 25 domains to perform 112 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is go.behindthemarkets.com.
TLS certificate: Issued by R3 on November 26th 2023. Valid for: 3 months.

This is the only time go.behindthemarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.110.204.9 13.110.204.9	14340 (SALESFORCE) (SALESFORCE)
1 1	2606:4700:303... 2606:4700:3035::ac43:b8c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	50.97.212.250 50.97.212.250	36351 (SOFTLAYER) (SOFTLAYER)
1 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
2	34.225.139.193 34.225.139.193	14618 (AMAZON-AES) (AMAZON-AES)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
16	23.36.163.102 23.36.163.102	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
28	192.229.220.49 192.229.220.49	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	107.178.211.97 107.178.211.97	15169 (GOOGLE) (GOOGLE)
3	35.190.27.197 35.190.27.197	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:d... 2600:1901:0:df23::	15169 (GOOGLE) (GOOGLE)
112	26

1 13.110.204.9 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: cl.s12.exct.net

cl.s12.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b8c5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tracking.americanfinancecore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.97.212.250 (San Jose, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com

www.clkmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.behindthemarkets-btm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

go.behindthemarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
btm-btm-btm.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.139.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-139-193.compute-1.amazonaws.com

behindthemarkets.app.optipub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.36.163.102 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-102.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 192.229.220.49 (United States)

ASN15133 (EDGECAST, US)

fast.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.211.97 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 97.211.178.107.bc.googleusercontent.com

stats.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.27.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.27.190.35.bc.googleusercontent.com

analytics-ingress-global.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:df23:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

licensing.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	vidalytics.com fast.vidalytics.com — Cisco Umbrella Rank: 183195 stats.vidalytics.com — Cisco Umbrella Rank: 164190	8 MB
16	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	161 KB
8	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3138 gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	106 KB
5	bitmovin.com analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 27146 licensing.bitmovin.com — Cisco Umbrella Rank: 8818	945 B
5	google.de www.google.de — Cisco Umbrella Rank: 6765	840 B
5	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 39917	2 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	3 KB
5	gstatic.com fonts.gstatic.com	144 KB
4	center.io js.center.io — Cisco Umbrella Rank: 48396	15 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	353 KB
3	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 48	389 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2954	2 KB
2	optipub.com behindthemarkets.app.optipub.com	9 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
2	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 45323	29 KB
2	behindthemarkets-btm.com 1 redirects www.behindthemarkets-btm.com	20 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
1	lpages.co btm-btm-btm.lpages.co	18 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 57016	15 KB
1	behindthemarkets.com go.behindthemarkets.com	21 KB
1	clkmg.com 1 redirects www.clkmg.com — Cisco Umbrella Rank: 316678	1006 B
1	americanfinancecore.com 1 redirects tracking.americanfinancecore.com	873 B
1	exct.net 1 redirects cl.s12.exct.net — Cisco Umbrella Rank: 118169	262 B
112	25

	Domain	Requested by
28	fast.vidalytics.com	go.behindthemarkets.com fast.vidalytics.com
16	analytics.tiktok.com	go.behindthemarkets.com analytics.tiktok.com
5	www.google.de	go.behindthemarkets.com
5	api.leadpages.io	js.center.io embed.lpcontent.net
5	dynamic.criteo.com	www.googletagmanager.com
5	fonts.gstatic.com	fonts.googleapis.com
4	js.center.io	go.behindthemarkets.com js.center.io btm-btm-btm.lpages.co
4	www.googletagmanager.com	go.behindthemarkets.com www.googletagmanager.com
3	analytics-ingress-global.bitmovin.com	go.behindthemarkets.com
3	stats.vidalytics.com	go.behindthemarkets.com
3	www.google.com	1 redirects go.behindthemarkets.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	lh3.googleusercontent.com	go.behindthemarkets.com
2	licensing.bitmovin.com	go.behindthemarkets.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	dev.visualwebsiteoptimizer.com	go.behindthemarkets.com
2	behindthemarkets.app.optipub.com	go.behindthemarkets.com
2	fonts.googleapis.com	go.behindthemarkets.com btm-btm-btm.lpages.co
2	static.leadpages.net	go.behindthemarkets.com btm-btm-btm.lpages.co
2	www.behindthemarkets-btm.com	1 redirects go.behindthemarkets.com
1	mug.criteo.com	go.behindthemarkets.com
1	www.googleadservices.com	www.googletagmanager.com
1	btm-btm-btm.lpages.co	embed.lpcontent.net
1	embed.lpcontent.net	go.behindthemarkets.com
1	go.behindthemarkets.com
1	www.clkmg.com	1 redirects
1	tracking.americanfinancecore.com	1 redirects
1	cl.s12.exct.net	1 redirects
112	31

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
behindthemarkets.com

Subject Issuer	Validity	Valid
go.behindthemarkets.com R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2023-10-16` - `2024-01-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
behindthemarkets-btm.com E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
embed.lpcontent.net GTS CA 1D4	`2023-12-01` - `2024-02-29`	3 months	crt.sh
js.center.io GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
optipub.com Amazon RSA 2048 M02	`2023-09-05` - `2024-10-03`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.vidalytics.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-14` - `2024-12-14`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.lpages.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.leadpages.io R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.bitmovin.com Go Daddy Secure Certificate Authority - G2	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Frame ID: 5EFFD1C0D97BB2793BAD13FB039B325A
Requests: 105 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: B71A2B0124AAAAE875898B845954652F
Requests: 1 HTTP requests in this frame

Frame: https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=dde338660046412fb684511775149eb4&aff=82&id=mohester%40valvoline.com&iocid=&oid=118&utm_campaign=&utm_medium=&utm_source=82
Frame ID: 6E7494F519F2033C7EB71A03C26297A1
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag
Frame ID: EDCB396A9F6D28E62BEA5A2293BD26C6
Requests: 2 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: E74D5BA874DE34CD53EA86A1A450D367
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prepare for War

Page URL History Show full URLs

https://cl.s12.exct.net/?qs=87c9f2bbce9b0f0290589fc3c8e4ac12db4048e948b8a8c2e30916468455567a96f23100... HTTP 302
https://tracking.americanfinancecore.com/RA0110/mohester@valvoline.com/019AFC/K/BTPW79/ HTTP 302
https://www.clkmg.com/RomanAnal/RA0110/mohester@valvoline.com/019AFC/K/BTPW79/ HTTP 302
https://www.behindthemarkets-btm.com/4P7M9M/6ST7SM/?sub1=mohester@valvoline.com&sub2=019AFC&sub3=K&sub4=BTPW79&sub5= HTTP 302
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

112
Requests

95 %
HTTPS

57 %
IPv6

25
Domains

31
Subdomains

26
IPs

4
Countries

9659 kB
Transfer

13914 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://vidalytics.com/?utm_source=Powered%20By&utm_medium=Player&utm_content=PzpZ_7KZ
Title: Powered by Vidalytics

Search URL Search Domain Scan URL

URL: https://vidalytics.com/contact?utm_source=Report%20an%20issue&utm_medium=Player&utm_content=PzpZ_7KZ
Title: Report an issue

Search URL Search Domain Scan URL

URL: https://behindthemarkets.com/p/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://behindthemarkets.com/p/terms
Title: Terms & Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.s12.exct.net/?qs=87c9f2bbce9b0f0290589fc3c8e4ac12db4048e948b8a8c2e30916468455567a96f23100b7e660ff09b15847e65c6771089ed6524600af23 HTTP 302
https://tracking.americanfinancecore.com/RA0110/mohester@valvoline.com/019AFC/K/BTPW79/ HTTP 302
https://www.clkmg.com/RomanAnal/RA0110/mohester@valvoline.com/019AFC/K/BTPW79/ HTTP 302
https://www.behindthemarkets-btm.com/4P7M9M/6ST7SM/?sub1=mohester@valvoline.com&sub2=019AFC&sub3=K&sub4=BTPW79&sub5= HTTP 302
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/?random=2016032284&cv=11&fst=1701720770449&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=552168650.1701720770&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=wjJuZfTHIsqSgAe20J-oAw&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHN1clAxakR2QXdoRU5XS2VMSlcyaWVGWk1oSWFaOTBvMWtBV0hRMEFidEs2GldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE4VFdzUXdHaEhZRG1FeHhVUlE4UlNfZDZlQVp2SjVpQ1ByVThoZ2FJRjFSX0NpcXhfX3hKbDAiEwj0sKXwy_aCAxVKCeAKHTboBzU HTTP 302
https://www.google.com/pagead/1p-conversion/401032603/?random=2016032284&cv=11&fst=1701720770449&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=552168650.1701720770&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHN1clAxakR2QXdoRU5XS2VMSlcyaWVGWk1oSWFaOTBvMWtBV0hRMEFidEs2GldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE4VFdzUXdHaEhZRG1FeHhVUlE4UlNfZDZlQVp2SjVpQ1ByVThoZ2FJRjFSX0NpcXhfX3hKbDAiEwj0sKXwy_aCAxVKCeAKHTboBzU&is_vtc=1&ocp_id=wjJuZfTHIsqSgAe20J-oAw&cid=CAQSKQDICaaN22T75vhmA0SV3UEw6qPT26FdKRZsDMt9K6M2ybIiPSrfw9fP&random=3856180316 HTTP 302
https://www.google.de/pagead/1p-conversion/401032603/?random=2016032284&cv=11&fst=1701720770449&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=552168650.1701720770&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHN1clAxakR2QXdoRU5XS2VMSlcyaWVGWk1oSWFaOTBvMWtBV0hRMEFidEs2GldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE4VFdzUXdHaEhZRG1FeHhVUlE4UlNfZDZlQVp2SjVpQ1ByVThoZ2FJRjFSX0NpcXhfX3hKbDAiEwj0sKXwy_aCAxVKCeAKHTboBzU&is_vtc=1&ocp_id=wjJuZfTHIsqSgAe20J-oAw&cid=CAQSKQDICaaN22T75vhmA0SV3UEw6qPT26FdKRZsDMt9K6M2ybIiPSrfw9fP&random=3856180316&ipr=y

Request Chain 61

https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=LGbTcnxISWVST0E2YnhCV013SjVyazZyeDU1dUdXNjVicWg1c092dUd2Ty9FQ0NLa1V1M3Mzd250YkFjcWtERVQvSURDU1lCM0Q2MEN2djdKZnNMOEgxQjNVZXY1b2NMNDQ4VlplN01wK1JPcTVLdkRKM3g2Q0ovbXBwOUpSSitlRjQ4UkxQNWg5OGJhZzlsenZ0Mk95OC9ObC9FdlVmNVdiL21FTDhTYlRRd3o5WFlXU2ZwUnNWRytjVFpxdmlSZ2ZpUHVNVzc2Ykp6akFBV29Ud1J3aWtrT0xkWHJNNldzSWRqZGIrNEUwa1lCUkduNngxc3gzQmppb3hsVStqTXRIT2JPKzl1VHlxMGJtaWZZNWY4cFJYZFdGMFZ4T0NlUWVpZ0pYLzNBVDgvZ0VXYz18&cppv=2

112 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
go.behindthemarkets.com/prepare-for-war-video-1/
Redirect Chain

https://cl.s12.exct.net/?qs=87c9f2bbce9b0f0290589fc3c8e4ac12db4048e948b8a8c2e30916468455567a96f23100b7e660ff09b15847e65c6771089ed6524600af23
https://tracking.americanfinancecore.com/RA0110/mohester@valvoline.com/019AFC/K/BTPW79/
https://www.clkmg.com/RomanAnal/RA0110/mohester@valvoline.com/019AFC/K/BTPW79/
https://www.behindthemarkets-btm.com/4P7M9M/6ST7SM/?sub1=mohester@valvoline.com&sub2=019AFC&sub3=K&sub4=BTPW79&sub5=
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118

96 KB
21 KB

638ms
302ms

Document
text/html

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

683ed31b0ea6bc279e5782915d995401fc12e103bb23de62b6285ed032e34417

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Mon, 04 Dec 2023 20:12:49 GMT
etag: W/"8a7e3981de8a8487b800ced517b15d81"
last-modified: Mon, 06 Nov 2023 13:28:30 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8306b4d74f01193c-FRA
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 20:12:49 GMT
location: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VSVivVR0ocBBBMLlgeBne3HkrIVQqHwY0fXAr%2B3eAmkRB6Z06e92wyW4DBWH8ZOaMtIMzIDfd6qQ5J0%2FVXbF%2FGSHAMk1w51OsnhuIr21JozAB%2FK8SSy3OHt6XE%2FQD1g8edcR2bFc7GLOZOzVHpmUP52FCnFijdu0wJf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
via: 1.1 google
x-eflow-request-id: 46625338-6d94-4f45-8ab9-8d87d12a0d23

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 126ms
31ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 23:53:13 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 2146777
etag: "-Aynvg"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: f6d17cc5db75945e4acec46e969ca7a9
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Fri, 08 Nov 2024 23:53:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 125ms
42ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Requested by

Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eabd132c74d36305cc8685001eb2d2630fcd8125a50a3b1fd135e49f25b10235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 20:12:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 20:12:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 127ms
60ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-401032603

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0229e56b6f30645d4d5ec494db46aabd272135e3b8e1f6f1222d4d1849eb0edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77739
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 20:12:50 GMT

GET
H2 200 everflow.js Show response
www.behindthemarkets-btm.com/scripts/sdk/ 60 KB
19 KB 35ms
35ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bae72ea2a056b660b2aa5a28de47d0b4758ce08079c92c10243f045c5532594d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2381
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Dec 2023 19:33:08 GMT
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tssD9fDiNupR8znr10qOPEXyBZV6GxMunAY1HDX8JTXwx0TCXnVfVQruY5xOez39y6aNJUz0IAyjFhZLlskAi0B3kqR0LMR7%2FLPeYhFgPzGD0%2FCEaAYXLcxCACX7JVIbbxbe1PFkxohG0E9HFrzSzwxmV%2B3dvHejnC%2FV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: a2a3f8d0-c291-4edb-8966-7f08c3b18ac3
cf-ray: 8306b4dc4f2b193c-FRA

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 200ms
60ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:36 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 14
etag: "oHgkWw"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: ec3c1f9f26ce2dabe06e8e8b868f9650
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Mon, 04 Dec 2023 20:17:36 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 200ms
62ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:36 GMT
content-encoding: gzip
server: Google Frontend
age: 14
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: f0c7b6a90866bf8d89bcb559b234954d
cache-control: public, max-age=300
content-length: 5417
expires: Mon, 04 Dec 2023 20:17:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
95 KB 159ms
117ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a0bbc88b64cfb5df74d21074371490b6b894e0114d8915683a72f604e03a506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97092
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 20:12:50 GMT

GET
H/1.1 200
OK sdk.js Show response
behindthemarkets.app.optipub.com/sdk/ 17 KB
7 KB 698ms
262ms Script
application/javascript 34.225.139.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://behindthemarkets.app.optipub.com/sdk/sdk.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.139.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-139-193.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.3.33 / PHP/7.3.33
Resource Hash: d59a74862cc6c91ca00868fe7af4d67ee75532aab80a7c4f9922b50a8691d81f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 20:12:50 GMT
Content-Encoding: gzip
Server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.3.33
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: application/javascript
Cache-Control: max-age=3600, private
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 6633

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 4 KB
2 KB 199ms
64ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=601261&u=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&f=1&vn=1.5
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams2 /
Resource Hash: f1f7a0b43e9a2bca53bd817c593b360ed36fa760705b2297e6014f858889acac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:49 GMT
content-encoding: gzip
via: 1.1 google
server: gams2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 328ms
191ms Script
application/javascript 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCGDCQRC77UB2PF1K7AG&lib=ttq
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 102323eb6cdf8aa1a75caed0c590950e072e067cb906bbfd8ab1ece5676febf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: 4c1e164a.dd833a1b
date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 108,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=20, inner; dur=4
content-length: 1542
pragma: no-cache
server: nginx
x-tt-logid: 202312042012503D031D7098F8F964CB62
x-cache-remote: TCP_MISS from a23-48-200-209.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,23.48.200.209
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f293261705e3c15b272b38b25fe1952760077d3840c2d842521b685537d438c7285bd660814604b94fa30c8cc1662cca42b60e1da475b42e74f1d9676b1c0eeaaa2d79533edc18e82a44af24e5be7b8c915d695f06
expires: Mon, 04 Dec 2023 20:12:50 GMT

GET
H2 200 loader.min.js Show response
fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/ 42 KB
11 KB 226ms
43ms Script
application/javascript 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/loader.min.js
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D7) /
Resource Hash: 6aa8841da37d2b7ef7eb65a028f14130446a7cad8fa5983987d68a500f82f2e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: gzip
via: 1.1 google
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
x-cdn: 3
age: 6
x-cache: HIT
x-envoy-upstream-service-time: 55
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10594
surrogate-key: lb-api
last-modified: Mon, 04 Dec 2023 20:12:44 GMT
server: ECAcc (ama/48D7)
x-cdn-info: loader
vary: Accept-Encoding
x-cdn-site: c3-prod
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=60, s-maxage=600
x-lb-backend: api-prod
accept-ranges: bytes
x-lb-cache: disabled

GET
H2 200 q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=s16
lh3.googleusercontent.com/ 534 B
831 B 202ms
69ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=s16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

230ce7cbc4220c4724303b8a51e5de6f76093ac08c17af912082ab8488b32049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Dec 2023 20:12:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 192ms
59ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 272009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 201ms
68ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:35 GMT
x-content-type-options: nosniff
age: 80655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:48:35 GMT

GET
H2 200 AlZy_zVFtYP12Zncg2kRcn35.woff2
fonts.gstatic.com/s/rozhaone/v15/ 18 KB
18 KB 301ms
170ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rozhaone/v15/AlZy_zVFtYP12Zncg2kRcn35.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:39:25 GMT
x-content-type-options: nosniff
age: 9205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18176
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 17:39:25 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 285ms
155ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:37 GMT
x-content-type-options: nosniff
age: 429073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:37 GMT

GET
H2 200 q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1600
lh3.googleusercontent.com/ 194 KB
194 KB 190ms
70ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

42e6326211b739c4d83cc7899a38ec013ffacd2bba7df0fbf3c19a2989897c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198398
x-xss-protection: 0
expires: Tue, 05 Dec 2023 20:12:50 GMT

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
151 B 165ms
165ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=601261&d=go.behindthemarkets.com&u=DC1885EE93DAC45F9DCC349A636F66208&h=b925025e07a611ebddcd6c028c36774b&t=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:49 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv2c
content-type: image/gif
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 73ms
73ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.behindthemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 196541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame B71A 4 KB
2 KB 55ms
55ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 209
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Mon, 04 Dec 2023 20:09:21 GMT
etag: "OMWYXg"
expires: Mon, 04 Dec 2023 20:14:21 GMT
server: Google Frontend
x-cloud-trace-context: 828d68541c0efeebf2d4b583abdce799

GET
H2 200 / Show response
btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/ Frame 6E74 88 KB
18 KB 1472ms
426ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=dde338660046412fb684511775149eb4&aff=82&id=mohester%40valvoline.com&iocid=&oid=118&utm_campaign=&utm_medium=&utm_source=82

Requested by

Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

a5a03882d6cc3420749e95a6aa750c8e73f74a2ca75f1c778efd762784dcb22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Mon, 04 Dec 2023 20:12:51 GMT
etag: W/"020f2e7f5de46a783fcb76a76791482c"
last-modified: Mon, 31 Jan 2022 22:51:27 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/ 3 KB
2 KB 145ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/?random=1701720770442&cv=11&fst=1701720770442&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&auid=552168650.1701720770&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-401032603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4599f6e6c0ae09875cc0f808259127c33fe3f4a856fafe7e030bd44349278e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1384
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/401032603/ 3 KB
2 KB 148ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/401032603/?random=1701720770449&cv=11&fst=1701720770449&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=552168650.1701720770&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-401032603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

938f4156bd2f4badbb46ab94d9edda4cca0b6e4a1e4ec667cfe66bbf9cd107c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 player-dash-mse.min.js Show response
fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/ 2 MB
605 KB 121ms
34ms XHR
application/javascript 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/player-dash-mse.min.js?hash=vckwrgcs
Requested by: Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B7) /
Resource Hash: 0709767c144899edaae127f806108c6db57465b6fe25c90b0ee805ea354c75d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: gzip
via: 1.1 google
x-cdn: 3
age: 183813
x-guploader-uploadid: ABPtcPrwnhKIcDWYS8GLNkdUesMXpr4qnRH_aaI98ys-tFyMJI2dYKYt7t_ycv2ArwCEy-Mmn9JxWluIaf08n3Ty9eax4icyzfJW
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 618911
last-modified: Thu, 02 Nov 2023 16:49:52 GMT
server: ECAcc (ama/48B7)
etag: "af8bb2b25e47f77e29fbd18c6fda7c13"
vary: Accept-Encoding
x-cdn-site: c3-prod
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-generation: 1698943792227756
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=300, s-maxage=2592000
x-goog-hash: crc32c=C9J9BQ==, md5=r4uysl5H934p+9GMb9p8Ew==
x-goog-stored-content-length: 618911
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Wed, 03 Jan 2024 20:12:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
91 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3168078617b2269c673fe7059eafc5b141de5438a9fe3f2dc33742075078e51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92568
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 20:12:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

270ffa24a9156263921ef25688241d09a382e39f330976b72d6a63202dd995f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 20:12:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 107ms
28ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 18:31:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6072
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 20:31:38 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 201ms
132ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=93258

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e1593f989bc71975b054e1f520b562551eb15397a4ade1656b988a59e020dd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 133ms
65ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108898

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

007a4f37862f0939b008ddc457ce5f3ec02e6fe5cb2fb1f0f5fddc4e03170695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 98ms
30ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108895

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fbd1f6154a86a6b879f908847dcabb938d6716b66df5e0a1c0aefe8f5e58cd02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 253ms
185ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108896

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

df9dde0f6cd65bdb8fbfd852cc1a2b6a17a1600fdb29eec3ebd6d04368dd03c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 217ms
150ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108897

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

530a8eecb4ed2f70062659424d6ae1b929319154d02c665e07686ce7348f2639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 main.MTdjYzNiZDU2NA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 432 KB
113 KB 46ms
46ms Script
application/javascript 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCGDCQRC77UB2PF1K7AG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f0fc7af60b98a57cccf7d5d7ea6e10f640db6f7553fb131e991b120dd6a62e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: dd833d1f
date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023110907323545664C10941C41E06A5B
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01da0053408b52d5c92a299c1cb26fc23619188393d64f7a34fd130ad6d2035ffaa369c21db0e73788f2b474ac8f91951de537ce6f4182f986e73758c590903953a42a0503c455d08814a8af8d50f814a14f579489a9b4f93a11d82cddf2ce9726
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 115021

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
683 B 501ms
164ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=M8m8wKU9zxEvbxyryYiQ2B&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=HxVAcSuNPtRPVtREzoEAyy&sid=2zfziMarkRy2tHoyeSyj6G&cid=lp-M8m8wKU9zxEvbxyryYiQ2B&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 20:12:50 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 37.58.58.247
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 051i4pbckjllf24qmq0g

GET
H2 200 q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1600
lh3.googleusercontent.com/ 194 KB
194 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

42e6326211b739c4d83cc7899a38ec013ffacd2bba7df0fbf3c19a2989897c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198398
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Dec 2023 20:12:50 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 182ms
72ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDYSD5C2HD&gtm=45je3bt0v9125329637z8812088355&_p=1701720770106&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=258240335.1701720771&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701720770&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&dt=Prepare%20for%20War&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4558
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 612ms
479ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDYSD5C2HD&cid=258240335.1701720771&gtm=45je3bt0v9125329637z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDYSD5C2HD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 209ms
103ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDYSD5C2HD&cid=258240335.1701720771&gtm=45je3bt0v9125329637z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1049565182

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 154ms
73ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444z8812088355&_p=1701720770106&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=258240335.1701720771&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701720770&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&dt=Prepare%20for%20War&en=page_view&_fv=1&_ss=1&epn.variant_id=0&tfd=4587
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 534ms
479ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8R6YNFMJ23&cid=258240335.1701720771&gtm=45je3bt0v874108444z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 187ms
104ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=258240335.1701720771&gtm=45je3bt0v874108444z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=472940042

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 73ms
73ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1036169458&t=pageview&_s=1&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&ul=en-us&de=UTF-8&dt=Prepare%20for%20War&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1277015121&gjid=1589495646&cid=258240335.1701720771&tid=UA-102395123-1&_gid=1480750371.1701720771&_r=1&_slc=1&gtm=45He3bt0n81WNRH3TXv812088355&cd1=82&cd2=dde338660046412fb684511775149eb4&cd3=false&cd4=false&cd5=false&cd6=false&cd7=false&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=667471292

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 84ms
84ms Script
application/javascript 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: dd833fdd
date: Mon, 04 Dec 2023 20:12:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090732079155DF224A927CEA4CD7
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ffc34b0e63ca87afdea8ba3be9e45a1ebf44eec9737b58fad72fd676a7423525776ffcf7871b785dcce6b4424d8c7d67060d2246d65103ea33468efb4a60bd5cbcbc1c89677cf2b339112d9043ab4f1fa7b00de1b26fa10c353a79fe7286316d22faf5c809fe1fe3a370a7678e180771
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 36112

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
793 B 256ms
255ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a6673cf5.dd833fde
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 183,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=79, inner; dur=77
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312042012506D52BB63DCAAADAB1758
x-cache-remote: TCP_MISS from a23-48-200-200.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 79,23.48.200.200
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f29326170530f32aa0384da55e75c70d668c512651faecd64db9596d10031e46da54e9a21cc11dd4fb49e28d1ec6ac89370f8536d2901590b456716ab1454b2b080474a468279a9596ab8e4cb842f9a3efb9769a23
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
791 B 150ms
149ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1f8cd902.dd833fdf
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 94,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=10, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231204201250D1057E3ADE26AF883639
x-cache-remote: TCP_MISS from a23-48-200-211.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.48.200.211
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f293261705d731b3677959183f7e16a11ca32d4c2e6c0e31bb9f869f487be1ef620a12241376137380e7a2a45666bfe24f10d50b46d53191a9c7c5a46c208a0161b3539bedb4b92d357651b84466279fa52d8e0d2b
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
788 B 150ms
150ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a4b2fdd.dd833fe0
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 107,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=10, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023120420125064E62F95F8C99261DA40
x-cache-remote: TCP_MISS from a184-27-45-54.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,184.27.45.54
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dc2b63bd737527d9bd7076e8793a529ab13406f3fbeae8a6930b4c090a75874aa25715019cf4e762ddd408a72ead3d06cd0d1660d9036a68b083a05d518638c086f63554c8510a343941c7a888a9a4e8cf97510cca235aa30a249615a8f5303bfe
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
790 B 144ms
144ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1cb501a5.dd833fe1
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 98,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=12, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312042012505EF2C44026A9AE75278D
x-cache-remote: TCP_MISS from a23-48-200-197.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.48.200.197
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f29326170531d8c0904812bdb8ff072d90862243a1717035eca501ca78e67ce9a2a9c5433e756a29ed03943a873678fb77fe8a3a964f17dceaeff4b5cba5569875d1bbef0347af91af11039c8a642e7d90abe9dd36
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
789 B 249ms
249ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a6ab991e.dd833fe2
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 98,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=195, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023120420125083125766B7424486945E
x-cache-remote: TCP_MISS from a23-48-200-206.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.48.200.206
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f29326170520a230ab80eeed400d98b529f83d9845a4c39b7f5c0fcc82b485fe0ee28d3e9c024789f5d06c9115888ed3815cb88127e71fea2b7760cb2547ee8d759c99897ff8bb888be4482993660daeadb557c908
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
790 B 287ms
287ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: be72c9be.dd834109
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 180,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=91, inner; dur=89
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023120420125057DD5A7C2564C871985A
x-cache-remote: TCP_MISS from a23-48-200-203.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 91,23.48.200.203
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f293261705044e0584e2f2bfeea1910f9459158ad7f5c60c78f691181e484cf6aafc9bbe0a5ab72fc53401ed3ccfed4d0e65c0ec210468e3cc2f10d36506a84ec373b0aa75950880acd2eb876d0579672209cb7147
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
788 B 222ms
222ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: be84f082.dd83410a
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 110,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=107, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231204201250BD887B7005EE9DB6045D
x-cache-remote: TCP_MISS from a184-27-45-60.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,184.27.45.60
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dc2b63bd737527d9bd7076e8793a529ab19028d3e0d43b0f6a800a9a30b8b6d38ac1db6d993e1a0235bde0558c0dadf09439872c6e8f03c4e7e7ba8811ef29e290f98c1255a8718402d50533e7b862a15e6b87dd32a60bb75ca60e21834f5d8cc5
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
792 B 222ms
221ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a667381d.dd83410b
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 103,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=10, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231204201250CD134B4B56706A54C2EB
x-cache-remote: TCP_MISS from a23-48-200-200.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.48.200.200
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f29326170530f32aa0384da55e75c70d668c512651b8248d5d621d75503fc91fbb1a59814e6cf1f1ad30b9782870cdd029e4b9e5342d34ad54bdd17672bfcad4299f7803111284f17109ef3def8513387cbd4e760f
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
793 B 268ms
268ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a6abed15.dd83410c
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 159,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=134, origin; dur=35, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312042012503CA9207BDF3E67701A2A
x-cache-remote: TCP_MISS from a23-48-200-206.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,23.48.200.206
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f29326170520a230ab80eeed400d98b529f83d9845fd149bd81639591fcb138c7b409650f9b6ef38b6e86021d3b312fd8cc20605dca4349af873744dffbb4442a6cfe96ee21f7a18b361176f8c783873677726c62f
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
791 B 228ms
228ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: be730709.dd83410d
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 123,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=39, inner; dur=36
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023120420125047A277EA9C0747BF7407
x-cache-remote: TCP_MISS from a23-48-200-203.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.48.200.203
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f293261705044e0584e2f2bfeea1910f9459158ad7106c293b431ebbc9de0d9c428a26725865a9cbe79a91ce40db63c1eec3edb0d60af16a6b4786ac6f608d84986dc18e310b5f8aee428403780fa5fce2d7b4180e
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/401032603/ 42 B
455 B 161ms
56ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/401032603/?random=1701720770442&cv=11&fst=1701720000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&frm=0&tiba=Prepare%20for%20War&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN66jZOiJ1sWcw_z7-zNjnQfHC0RnFzQ&random=998889780&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/401032603/ 42 B
154 B 77ms
75ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/401032603/?random=1701720770442&cv=11&fst=1701720000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&frm=0&tiba=Prepare%20for%20War&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN66jZOiJ1sWcw_z7-zNjnQfHC0RnFzQ&random=998889780&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
788 B 211ms
205ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 49ab1692.dd83410e
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 107,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231204201250E3400E74C6B67891021A
x-cache-remote: TCP_MISS from a23-48-200-202.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.48.200.202
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f29326170519fc4c7186e18b5949b2c221fa4eaadd98eccdc1ae0e6bad165946d2990260441196964340bdb3358d73fd80152007afb84b0929e99cbf0cdb19a216d226cec826f52a697e7a9a6fd3c5119687262d06
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/401032603/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/?random=2016032284&cv=11&fst=1701720770449&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/401032603/?random=2016032284&cv=11&fst=1701720770449&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/401032603/?random=2016032284&cv=11&fst=1701720770449&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
108 B

52ms
49ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/401032603/?random=2016032284&cv=11&fst=1701720770449&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=552168650.1701720770&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHN1clAxakR2QXdoRU5XS2VMSlcyaWVGWk1oSWFaOTBvMWtBV0hRMEFidEs2GldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE4VFdzUXdHaEhZRG1FeHhVUlE4UlNfZDZlQVp2SjVpQ1ByVThoZ2FJRjFSX0NpcXhfX3hKbDAiEwj0sKXwy_aCAxVKCeAKHTboBzU&is_vtc=1&ocp_id=wjJuZfTHIsqSgAe20J-oAw&cid=CAQSKQDICaaN22T75vhmA0SV3UEw6qPT26FdKRZsDMt9K6M2ybIiPSrfw9fP&random=3856180316&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/401032603/?random=2016032284&cv=11&fst=1701720770449&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&label=V9dYCNaPvNwDEJuLnb8B&hn=www.googleadservices.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=552168650.1701720770&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHN1clAxakR2QXdoRU5XS2VMSlcyaWVGWk1oSWFaOTBvMWtBV0hRMEFidEs2GldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE4VFdzUXdHaEhZRG1FeHhVUlE4UlNfZDZlQVp2SjVpQ1ByVThoZ2FJRjFSX0NpcXhfX3hKbDAiEwj0sKXwy_aCAxVKCeAKHTboBzU&is_vtc=1&ocp_id=wjJuZfTHIsqSgAe20J-oAw&cid=CAQSKQDICaaN22T75vhmA0SV3UEw6qPT26FdKRZsDMt9K6M2ybIiPSrfw9fP&random=3856180316&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EDCB 15 KB
6 KB 131ms
38ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=108898

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:12:50 GMT
server: Kestrel
server-processing-duration-in-ticks: 328336
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
354 B 506ms
478ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102395123-1&cid=258240335.1701720771&jid=1277015121&gjid=1589495646&_gid=1480750371.1701720771&_u=YADAAEAAAAAAACAAI~&z=1823341051

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Dec 2023 20:12:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.behindthemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
790 B 185ms
185ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 9b8ea8ba.dd83417c
date: Mon, 04 Dec 2023 20:12:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 115,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231204201250C937D151482122573FB1
x-cache-remote: TCP_MISS from a23-48-200-207.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.48.200.207
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f293261705db41616e04c61da897515c2c7a59c5423516da7a9b56cd35606efe70115924534499c35addbe34ce5bfba23f5fd9bb83d4851d33779a351662748bbb452dca2c71262e8bb2ee88810a77ff61805073f2
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:50 GMT

GET
H/1.1 200
OK pixel.gif
behindthemarkets.app.optipub.com/sdk/ 1 KB
2 KB 304ms
302ms Image
image/gif 34.225.139.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://behindthemarkets.app.optipub.com/sdk/pixel.gif?page=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&referrer=&utmSource=82&counter=0.36882069257802663
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.139.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-139-193.compute-1.amazonaws.com
Software: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.3.33 / PHP/7.3.33
Resource Hash: 58d4b1bd9484ebd342399e408daeaa337b1c935091bd22c8d6ae49e1f828cb02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 20:12:50 GMT
Server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.3.33
X-Powered-By: PHP/7.3.33
Content-Type: image/gif
Cache-Control: no-cache, private
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 1101

GET
H2

200

sid Show response
mug.criteo.com/ Frame EDCB
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=LGbTcnxISWVST0E2YnhCV013SjVyazZyeDU1dUdXNjVicWg1c092dUd2Ty9FQ0NLa1V1M3Mzd250YkFjcWtERVQvSURDU1lCM0Q2MEN2djdKZnNMOEgxQjNVZXY1b2NMNDQ4VlplN01wK1JPcTVLdkRKM3g2Q0ovbXBwOU...

454 B
672 B

54ms
54ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LGbTcnxISWVST0E2YnhCV013SjVyazZyeDU1dUdXNjVicWg1c092dUd2Ty9FQ0NLa1V1M3Mzd250YkFjcWtERVQvSURDU1lCM0Q2MEN2djdKZnNMOEgxQjNVZXY1b2NMNDQ4VlplN01wK1JPcTVLdkRKM3g2Q0ovbXBwOUpSSitlRjQ4UkxQNWg5OGJhZzlsenZ0Mk95OC9ObC9FdlVmNVdiL21FTDhTYlRRd3o5WFlXU2ZwUnNWRytjVFpxdmlSZ2ZpUHVNVzc2Ykp6akFBV29Ud1J3aWtrT0xkWHJNNldzSWRqZGIrNEUwa1lCUkduNngxc3gzQmppb3hsVStqTXRIT2JPKzl1VHlxMGJtaWZZNWY4cFJYZFdGMFZ4T0NlUWVpZ0pYLzNBVDgvZ0VXYz18&cppv=2

Requested by

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f9853dfd24f875df3bdd7e6bfd6095837997055279708fdac11c9d0328c371a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2338629
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=LGbTcnxISWVST0E2YnhCV013SjVyazZyeDU1dUdXNjVicWg1c092dUd2Ty9FQ0NLa1V1M3Mzd250YkFjcWtERVQvSURDU1lCM0Q2MEN2djdKZnNMOEgxQjNVZXY1b2NMNDQ4VlplN01wK1JPcTVLdkRKM3g2Q0ovbXBwOUpSSitlRjQ4UkxQNWg5OGJhZzlsenZ0Mk95OC9ObC9FdlVmNVdiL21FTDhTYlRRd3o5WFlXU2ZwUnNWRytjVFpxdmlSZ2ZpUHVNVzc2Ykp6akFBV29Ud1J3aWtrT0xkWHJNNldzSWRqZGIrNEUwa1lCUkduNngxc3gzQmppb3hsVStqTXRIT2JPKzl1VHlxMGJtaWZZNWY4cFJYZFdGMFZ4T0NlUWVpZ0pYLzNBVDgvZ0VXYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 239838
content-length: 0
expires: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
792 B 201ms
201ms Ping
text/plain 23.36.163.102
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.102 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1cb5525c.dd834358
date: Mon, 04 Dec 2023 20:12:51 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 127,23.36.161.74
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=39, inner; dur=36
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023120420125017EA0DA4AC51937DB888
x-cache-remote: TCP_MISS from a23-48-200-197.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.48.200.197
x-tt-trace-host: 01414d6936ba5ea9b89ea84fa9f5a131dcf14c7be33659c8b70bec26f29326170531d8c0904812bdb8ff072d90862243a16d1d6958a36737a460aba7c345746b9309fdd33b61200b6bc82c7fb9a6a6afe2066488992e0e1d6e9e627f29cefa45a176a9459f38b833ab15e081428ee6ae7b
access-control-allow-headers: Authorization,*
expires: Mon, 04 Dec 2023 20:12:51 GMT

GET
H2 200 awesome-log Show response
stats.vidalytics.com/ 43 B
419 B 434ms
155ms XHR
image/gif 107.178.211.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:51 GMT
server: istio-envoy
etag: "PzpZ_7KZ/cXX7_MTlcnVbMlEX"
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
content-length: 43

POST
H2 200 licensing Show response
analytics-ingress-global.bitmovin.com/ 117 B
378 B 84ms
22ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/licensing
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.59.3 /
Resource Hash: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
via: 1.1 google
server: v1.59.3
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 117
alt-svc: clear

GET
H2 200 preview-5_0.jpg
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/thumb/ 2 KB
3 KB 21ms
20ms Image
image/jpeg 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/thumb/preview-5_0.jpg
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48AB) /
Resource Hash: ccd1c095f36d22ac57e0d479c5c360feac5c7b371fe1aa135ad696f895ededbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:51 GMT
via: 1.1 google
x-cdn: 3
age: 2776981
x-guploader-uploadid: ABPtcPoTJ9-5d1ZhLpaZcL2IgogBh2CpHwCeaYtgx0IF_FZCC2pnkVWCD4GBJfOAneiM60yYa1PX_jq-ESrO8JdLy_ildg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2106
last-modified: Thu, 02 Nov 2023 16:11:30 GMT
server: ECAcc (ama/48AB)
etag: "77f30386a811a81b7f5719d065cd9cdf"
x-cdn-site: c3-prod
content-type: image/jpeg
access-control-allow-origin: *
x-goog-generation: 1698941490014353
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=00eYXA==, md5=d/MDhqgRqBt/VxnQZc2c3w==
x-goog-stored-content-length: 2106
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:51 GMT

POST
H2 200 licensing Show response
licensing.bitmovin.com/ 165 B
442 B 225ms
163ms XHR
application/json 2600:1901:0:df23::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/licensing
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 20:12:51 GMT
via: 1.1 google
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 165

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
445 B 414ms
136ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=3hQDeas4roGmXbeaKwWZqr&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=357.8000000715256,1,RLh4RnBHt8S8rsns3Gvxq9
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 20:12:51 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 37.58.58.247
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 051i0p7msgq5uojdlfgg

GET
H3 200 stream.mpd Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/ 22 KB
22 KB 20ms
20ms XHR
application/dash+xml 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/stream.mpd
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48FB) /
Resource Hash: 7c0f8fa1338740f6e93a4b97de2d837519fba9ce1098720847ec659b5aba9388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:51 GMT
via: 1.1 google
x-cdn: 3
age: 2776981
x-guploader-uploadid: ABPtcPr57tNpzN09SWHWOkTGJ9l3cOh4tb-Ju_noFIOsdq1cdHHYhYRvMa4W53BnL93qKkl6KcwmGBV5M9kvtv6-wIBKSsPsIcF_
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22326
last-modified: Thu, 02 Nov 2023 16:47:49 GMT
server: ECAcc (ama/48FB)
etag: "81b3426fe85ce80363fb82490cc622a7"
x-cdn-site: c3-prod
content-type: application/dash+xml
access-control-allow-origin: *
x-goog-generation: 1698943669327110
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=xWJemw==, md5=gbNCb+hc6ANj+4JJDMYipw==
x-goog-stored-content-length: 22326
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:51 GMT

GET
DATA 200
OK truncated
/ 696 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/640x360_h264_1500000/ 875 B
910 B 18ms
18ms XHR
video/mp4 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/640x360_h264_1500000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/488C) /
Resource Hash: 527e656372de4c38e98e9da183000338d7d542dadab59c86a1cf732374cee1fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:51 GMT
via: 1.1 google
x-cdn: 3
age: 2776546
x-guploader-uploadid: ABPtcPqvNarQ9YbPTOlnyRvsvTmaEGFGEUbCaedJy2CJg6SB611Kp0l6Tib6ZNbWslmTuW3O0qpD6utL4u-DttjYNGCoKKHAm5ei
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 875
last-modified: Thu, 02 Nov 2023 16:46:43 GMT
server: ECAcc (ama/488C)
etag: "e3f8a1260eee73e759e27b62d1d268d4"
x-cdn-site: c3-prod
content-type: video/mp4
access-control-allow-origin: *
x-goog-generation: 1698943603692127
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=eeTbZg==, md5=4/ihJg7uc+dZ4nti0dJo1A==
x-goog-stored-content-length: 875
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:51 GMT

GET
H3 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 826 B
861 B 19ms
19ms XHR
video/mp4 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/488C) /
Resource Hash: 0832aa91aca8d5bbc50894ed6ef12223908a8ba77dd866d4c43d48741e75c0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:51 GMT
via: 1.1 google
x-cdn: 3
age: 2776981
x-guploader-uploadid: ABPtcPo84AlDu9l1I5Kau0AhxMP8nVUTph5-C_W_4vVcHX8lA7IoahLNJMIJlRj9UpkQsShdnmhwzeO1307uVgZZFHhA7A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 826
last-modified: Thu, 02 Nov 2023 16:47:49 GMT
server: ECAcc (ama/488C)
etag: "4a90cf81474a134fd4c04364ba95f2fd"
x-cdn-site: c3-prod
content-type: video/mp4
access-control-allow-origin: *
x-goog-generation: 1698943669002767
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=6k0utw==, md5=SpDPgUdKE0/UwENkupXy/Q==
x-goog-stored-content-length: 826
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:51 GMT

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 26ms
26ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.59.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 20:12:50 GMT
via: 1.1 google
server: v1.59.3
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 81ms
81ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102395123-1&cid=258240335.1701720771&jid=1277015121&_u=YADAAEAAAAAAACAAI~&z=323316803

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102395123-1&cid=258240335.1701720771&jid=1277015121&_u=YADAAEAAAAAAACAAI~&z=323316803

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/640x360_h264_1500000/ 125 KB
125 KB 498ms
498ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/640x360_h264_1500000/1.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (dac/9C85) /
Resource Hash: 565b692cef847fbd7af294d0ddc75828041695220ff33dd8461b6512acafa49a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:51 GMT
via: 1.1 google
x-cdn: 3
age: 2775868
x-guploader-uploadid: ABPtcPqcnJuuyIzF9fBARUPFmurGwUWCfatgiNvrz7cpaLdOZmRsBafDwvfH1FeOKHnrJhDzToPEGionkruOc_NnNGjowA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127591
last-modified: Thu, 02 Nov 2023 16:46:24 GMT
server: ECAcc (dac/9C85)
etag: "15a0aa244de8e3064adf0407595090dd"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943584159510
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=QH12GA==, md5=FaCqJE3o4wZK3wQHWVCQ3Q==
x-goog-stored-content-length: 127591
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:51 GMT

GET
H3 200 1.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 39 KB
39 KB 57ms
57ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/1.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CB) /
Resource Hash: d00c24b77f0cce63c40f8ebaf2812e1993279615e26f58b8d49c794bcf3c82a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:51 GMT
via: 1.1 google
x-cdn: 3
age: 2776982
x-guploader-uploadid: ABPtcPqSvrgedLGdmUKA7wcWYl7R_wttN4qSeGm-ZsSpdLXn-i6j1WLHsV8BijLejaN5SQ1Q9NLghMSVMOV95HuX5Xf7DExen5tC
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39784
last-modified: Thu, 02 Nov 2023 16:47:43 GMT
server: ECAcc (ama/48CB)
etag: "e5ef389460c25bb76db86f5d24bb60ec"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943663546288
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=+384bA==, md5=5e84lGDCW7dtuG9dJLtg7A==
x-goog-stored-content-length: 39784
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:51 GMT

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
84 B 145ms
145ms XHR
application/json 107.178.211.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 20:12:51 GMT
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time: 2
content-length: 16

POST
H2 200 scribe Show response
stats.vidalytics.com/ 16 B
56 B 136ms
136ms XHR
application/json 107.178.211.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.211.178.107.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 20:12:51 GMT
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time: 2
content-length: 16

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame 6E74 58 KB
14 KB 17ms
17ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=dde338660046412fb684511775149eb4&aff=82&id=mohester%40valvoline.com&iocid=&oid=118&utm_campaign=&utm_medium=&utm_source=82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 23:53:13 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 2146778
etag: "-Aynvg"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: f6d17cc5db75945e4acec46e969ca7a9
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Fri, 08 Nov 2024 23:53:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6E74 12 KB
955 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700

Requested by

Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=dde338660046412fb684511775149eb4&aff=82&id=mohester%40valvoline.com&iocid=&oid=118&utm_campaign=&utm_medium=&utm_source=82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

501c7d76cd9df45e974caf4a7bce411290d032e841df5ae74b690f0bc794e387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 20:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 20:12:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 20:12:51 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame 6E74 12 KB
5 KB 40ms
40ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=dde338660046412fb684511775149eb4&aff=82&id=mohester%40valvoline.com&iocid=&oid=118&utm_campaign=&utm_medium=&utm_source=82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btm-btm-btm.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:10:14 GMT
content-encoding: gzip
server: Google Frontend
age: 157
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: f4212b0b9d0a5c279d6cf4f84e2aa4a3
cache-control: public, max-age=300
content-length: 5417
expires: Mon, 04 Dec 2023 20:15:14 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame E74D 4 KB
2 KB 32ms
31ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://btm-btm-btm.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 222
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Mon, 04 Dec 2023 20:09:10 GMT
etag: "OMWYXg"
expires: Mon, 04 Dec 2023 20:14:10 GMT
server: Google Frontend
x-cloud-trace-context: 66b0d62e063ebe515b81ef1b9103909a

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
354 B 142ms
142ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,283,302,638,2,641,804,805,2725,2725
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 20:12:52 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 37.58.58.247
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 051i4pkoo9momch7id00

GET
BLOB 200
OK 287847ca-c487-401c-83f6-60c5523704ae
https://go.behindthemarkets.com/ 80 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.behindthemarkets.com/287847ca-c487-401c-83f6-60c5523704ae
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b1b4ae8f01d381a1856eb29539ef696f43a9ae59063cbc0b91c3130cf7e102a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 81800
Content-Type

GET
H3 200 2.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/640x360_h264_1500000/ 100 KB
100 KB 18ms
18ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/640x360_h264_1500000/2.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48C9) /
Resource Hash: 449dcabdcebccf10abf7cf3875a73dd8e2b04f106b8a2faa88088e35116f81da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:52 GMT
via: 1.1 google
x-cdn: 3
age: 2775503
x-guploader-uploadid: ABPtcPpvmj4zt-677Sc0Q7_7EXzT65-1wiokJ-MGuu_S5yULmrw4maCmQUQYag_KrBa-NsBjg0MmwgqZVOiZth6uXzVJqA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102310
last-modified: Thu, 02 Nov 2023 16:46:28 GMT
server: ECAcc (ama/48C9)
etag: "f108aeafa13bb2fecac81631bb90af88"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943588304423
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=NY7aQg==, md5=8Qiur6E7sv7KyBYxu5CviA==
x-goog-stored-content-length: 102310
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:52 GMT

POST
H2 204 impression Show response
licensing.bitmovin.com/ 0
41 B 64ms
63ms XHR
application/json 2600:1901:0:df23::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/impression
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 20:12:52 GMT
via: 1.1 google
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json

GET
H3 200 2.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 38ms
37ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/2.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48A7) /
Resource Hash: 7ef05fbbf556259c0458fa0dbd19c0689890efc28f9e4b2661c8a7501e6f5417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:52 GMT
via: 1.1 google
x-cdn: 3
age: 2776981
x-guploader-uploadid: ABPtcPqAjZZUqsraxObJA6EgAA-2cVOrXpOIioxPoVYGQTERLUE-NuAE1b3sVtFpj6zcE4hJAYxC2bdfrAPY1rk2sjMu34NW7AGn
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38708
last-modified: Thu, 02 Nov 2023 16:47:44 GMT
server: ECAcc (ama/48A7)
etag: "705f056fbf74c228232ea4a2298770a1"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943664729393
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=UdQ0HA==, md5=cF8Fb790wigjLqSiKYdwoQ==
x-goog-stored-content-length: 38708
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:52 GMT

GET
H3 200 init.mp4 Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/ 877 B
925 B 17ms
17ms XHR
video/mp4 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/init.mp4
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D5) /
Resource Hash: ec72a26fb61e50503fd5740ce76f1d0013ad88dca2292f554369fbbe0d93241d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:52 GMT
via: 1.1 google
x-cdn: 3
age: 2776982
x-guploader-uploadid: ABPtcPovDWq2lQNk2JwafU2Zdbgt9-FFWOZhxbOrhkK1_bwOG0Bl6WUJccS2ZZQCSSZmpX9Fpdl2H_-3nuXCiDmWgJRui0kbBLff
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 877
last-modified: Thu, 02 Nov 2023 16:47:42 GMT
server: ECAcc (ama/48D5)
etag: "9b2ab08fc3440814538c7c3555a1681c"
x-cdn-site: c3-prod
content-type: video/mp4
access-control-allow-origin: *
x-goog-generation: 1698943662516562
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=H5eWCw==, md5=myqwj8NECBRTjHw1VaFoHA==
x-goog-stored-content-length: 877
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:52 GMT

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 37ms
37ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.59.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.behindthemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 20:12:52 GMT
via: 1.1 google
server: v1.59.3
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear

GET
H3 200 3.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/ 959 KB
959 KB 24ms
24ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/3.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4888) /
Resource Hash: d2a16fd9ee29d47ba1ecb3323e9f8df0aa59a1f4b8c2466dd7fb944ea7233e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:52 GMT
via: 1.1 google
x-cdn: 3
age: 2776981
x-guploader-uploadid: ABPtcPr3QRJ-c4rF0qD1H_Tw6Nssmro3p4IrM3KnNFiQLnVWLr_9KZCB-Ky9oqTnvqviYCQmZCh2lfZJ0rBe_QvTRsN0IEi94pmj
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 981621
last-modified: Thu, 02 Nov 2023 16:47:29 GMT
server: ECAcc (ama/4888)
etag: "e7a43957735a11ba0ce0e393e1a9788e"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943649600723
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=t9gdWQ==, md5=56Q5V3NaEboM4OOT4al4jg==
x-goog-stored-content-length: 981621
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:52 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
445 B 167ms
167ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=3hQDeas4roGmXbeaKwWZqr&kind=timer&label=lb_embed_leadbox_load&value=1602.1999999284744
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 20:12:52 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 37.58.58.247
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 051i0pgvt9v9gbd8b8kg

GET
H3 200 3.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 33ms
33ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/3.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/488A) /
Resource Hash: 341410de257842c8105ff1fb00062f404bcf3ea33d8c0ef367723459e1dba4e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:52 GMT
via: 1.1 google
x-cdn: 3
age: 2776981
x-guploader-uploadid: ABPtcPqX0Vo1naab3A8z--DZKypP_kRA78XRY4ZWkFm7TNF5puZbW0c1msfuE-NwiJtqzovTLDmGKsMaoy4Fi508rfSM7Vq4s5qc
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38454
last-modified: Thu, 02 Nov 2023 16:47:45 GMT
server: ECAcc (ama/488A)
etag: "ee78e775371c0e9bcea301a5d0680d08"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943665348126
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=sf48Ag==, md5=7njndTccDpvOowGl0GgNCA==
x-goog-stored-content-length: 38454
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:52 GMT

GET
H3 200 4.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/ 2 MB
2 MB 22ms
22ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/4.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4899) /
Resource Hash: 7a328775024a4723889337143de786b952a4b9ae6758faf57d628f9908b6a1ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:52 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPpd1Wy7LaEuJbybDFthoBBankCFWgXub5aSoY5YPstIi16gPYP_uzWEaGQ9NeILEQaoRXDtNIZ1SHbhx7o3SP0xbiiltVI_
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1746307
last-modified: Thu, 02 Nov 2023 16:47:31 GMT
server: ECAcc (ama/4899)
etag: "4b5d6479caeb94ffb45f5c4dc307e67e"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943651908121
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=i3EAww==, md5=S11kecrrlP+0X1xNwwfmfg==
x-goog-stored-content-length: 1746307
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:52 GMT

GET
H3 200 4.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 40 KB
40 KB 32ms
32ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/4.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48C8) /
Resource Hash: 73d9a748dc6821a9d78b03b0855866d538924a6f8a61c7c85421cffefca5de66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:53 GMT
via: 1.1 google
x-cdn: 3
age: 2776981
x-guploader-uploadid: ABPtcPq7koaCjnYEiKTL9xlPc8WIdVI8SnKtzmGepuU1HRjw-QvHcS1svHInh_JphJ_1eU_gG1B4vS5BV1r6kTq5SgKhJvBhvnKc
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40524
last-modified: Thu, 02 Nov 2023 16:47:45 GMT
server: ECAcc (ama/48C8)
etag: "22ca50c782dd65ac3588d1fb971243b2"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943665970729
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=6yN3iw==, md5=IspQx4LdZaw1iNH7lxJDsg==
x-goog-stored-content-length: 40524
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:53 GMT

GET
H3 200 5.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/ 573 KB
573 KB 30ms
29ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/5.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B8) /
Resource Hash: a2ab91ff3413e24bc43be0943910e71705018d3a91c1851633fe0e94d0f8959c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:53 GMT
via: 1.1 google
x-cdn: 3
age: 2776981
x-guploader-uploadid: ABPtcPq7nnU58l_na6ge4AwrwL2U7zfxKheT6SB6QHaPi25Luy3zDKb8hPWugTwi5Ouu5bOByWKh81NeszaSMa06XHmjJGf303sq
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 586808
last-modified: Thu, 02 Nov 2023 16:47:33 GMT
server: ECAcc (ama/48B8)
etag: "b60e838b0f2dd20b4b7289c989d3c2ab"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943653980000
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=PlJw0w==, md5=tg6Diw8t0gtLconJidPCqw==
x-goog-stored-content-length: 586808
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:53 GMT

GET
H3 200 5.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 40ms
40ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/5.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F5) /
Resource Hash: 0fed22e4fcd2d46c6a3f525950f741c7b240c1cec956a59544da4a764cc447d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:53 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPqyUXrHK8UXB9tRIZRdvmeFVbZc1Ql4h4CvMXu_K_MaggUh4DXJNMlbXGJqj3stK67Wb8932VBMobLefGqNuuQYjg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38271
last-modified: Thu, 02 Nov 2023 16:47:46 GMT
server: ECAcc (ama/48F5)
etag: "f013d7c4cb8679587b355b7a1fe28a26"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943666739445
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=FVb/RQ==, md5=8BPXxMuGeVh7NVt6H+KKJg==
x-goog-stored-content-length: 38271
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:53 GMT

GET
H3 200 6.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/ 664 KB
664 KB 76ms
75ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/6.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48FB) /
Resource Hash: 456173976d852c4b0b92b04876cb2be17c86202cbea86a40a8112352e9ab5ad7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:53 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPpRcW-jE2_2e55trZjka3VN1Tg3b5qhMupijrvtVZdgbv2Vv9_Y6u65GyMKUYpFrr8uPAaF4MOx3-M7yxC7JJJzLQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 679989
last-modified: Thu, 02 Nov 2023 16:47:37 GMT
server: ECAcc (ama/48FB)
etag: "498bafd44cbd0303be2f6694a6d13387"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943657193144
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=DyZdUg==, md5=SYuv1Ey9AwO+L2aUptEzhw==
x-goog-stored-content-length: 679989
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:53 GMT

GET
H3 200 6.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 38 KB
38 KB 29ms
29ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/6.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48A8) /
Resource Hash: 693ba3c8c17bcb5fc92a7af916eb12cdd0bcea205aebdedec89c1b84293c4dd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:53 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPoSGgwbigw30swqlGRlzGmixY0t6bzNi2sC9cFtgbpB47aVanMYwzpTA186kc_Yd36yhCvRsTGBeEH58asXlNidfm8oc5J6
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38718
last-modified: Thu, 02 Nov 2023 16:47:47 GMT
server: ECAcc (ama/48A8)
etag: "90f3d3bb434a43101428c09cef50a84b"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943667494961
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=VbXHvg==, md5=kPPTu0NKQxAUKMCc71CoSw==
x-goog-stored-content-length: 38718
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:53 GMT

GET
H3 200 7.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/ 779 KB
779 KB 26ms
21ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/7.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48BE) /
Resource Hash: 72150905cff7b3720f271821217c264935a0f639e234a5c7dac787eb6cafdc9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:54 GMT
via: 1.1 google
x-cdn: 3
age: 2776981
x-guploader-uploadid: ABPtcPq8LbZ-W84dVBKf4XFctDnEOJIC1_pBpjZ6YaqYAH_Zc8eKvSk6x01pPjUIl310mgNanY3uqCYQjx_pWHqmsUqzlod8PeFQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 797397
last-modified: Thu, 02 Nov 2023 16:47:39 GMT
server: ECAcc (ama/48BE)
etag: "ca10aac4340726c5440dfe9ed2f0e1e8"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943659188257
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=O8KeOA==, md5=yhCqxDQHJsVEDf6e0vDh6A==
x-goog-stored-content-length: 797397
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:54 GMT

GET
H3 200 7.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 39ms
39ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/7.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CC) /
Resource Hash: ef1864695e2b5d03a8f654691df6a1e1f460b845ad26f204addfc048d887f492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:54 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPotr5rYu6oftoYXldFwLkD5eqdEr4hSBWglrM0QcQfelKveByuj7ukrDF8IoEb5OxLttLJA3CoS9gkR7QPQP0lx_Q
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37499
last-modified: Thu, 02 Nov 2023 16:47:48 GMT
server: ECAcc (ama/48CC)
etag: "ab93e0a859459eda0ca98e73b66f47e3"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943668013829
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=sHcT4Q==, md5=q5PgqFlFntoMqY5ztm9H4w==
x-goog-stored-content-length: 37499
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:54 GMT

GET
H3 200 8.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/ 686 KB
686 KB 36ms
36ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/8.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48BC) /
Resource Hash: 9db8a51c7a657ace729e69e1e09ed0aa6b8c63a7ca1e476e87f85ff435334eda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:54 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPqXopZg7FZi218Uho6BLVhwThBl58WI6YQ8xypKtQMQKLnael_ydu0AufNS3ma6I8hCikY5DcAPm8S3S53k2s5xXpgd4UmY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 702148
last-modified: Thu, 02 Nov 2023 16:47:41 GMT
server: ECAcc (ama/48BC)
etag: "289445b27cf76f0b40bf959eb58621d6"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943661298878
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=HHqjlA==, md5=KJRFsnz3bwtAv5WetYYh1g==
x-goog-stored-content-length: 702148
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:54 GMT

GET
H3 200 8.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 45ms
45ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/8.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48E0) /
Resource Hash: 9d3485f164f5e14e828694395146787a8e250d1cd6a9ac35cbac2afb4c05f686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:54 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPqMmIDHJjC7KoKY5V0iCEr-YNtDFTe8OsNO1SQxh9LknYz0t-Gn-BPp8HwLjmWclPmHygWIovzjT9Zbp7l_RPkmCQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38039
last-modified: Thu, 02 Nov 2023 16:47:48 GMT
server: ECAcc (ama/48E0)
etag: "e6a0655036edb4adc3d61e402930b148"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943668441989
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=ooIAJg==, md5=5qBlUDbttK3D1h5AKTCxSA==
x-goog-stored-content-length: 38039
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:54 GMT

GET
H3 200 9.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/ 761 KB
761 KB 39ms
39ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/9.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48AF) /
Resource Hash: 11c6ab531c33158e8d19b86e9cbb8671655a896f53167c3d88a33ec59288a313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:54 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPo6UuitC-tBow20nEV4mN0fjU6vDuijlVJlAlf2H9ZaTaFwPmua8nOW2E41ph8___ssekF9cZ_ITYiWA1uhL_rkxw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 779471
last-modified: Thu, 02 Nov 2023 16:47:42 GMT
server: ECAcc (ama/48AF)
etag: "f19027af56d91a3b164073430e82a3a0"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943662613546
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=XiCo2w==, md5=8ZAnr1bZGjsWQHNDDoKjoA==
x-goog-stored-content-length: 779471
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:54 GMT

GET
H3 200 9.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 35ms
35ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/9.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4890) /
Resource Hash: f15b88b3e1d169cc658c0d8c30e507527da1b5a6111658138a6660b50f644ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:54 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPr9_Rqq70WMm9g07oV6gommml3PKVHYY-j2xun-9vkpQGiqcHeR5M-wwaOUyBpJC0uQApv8TEsAyFxjFZhxBKww_w
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38049
last-modified: Thu, 02 Nov 2023 16:47:49 GMT
server: ECAcc (ama/4890)
etag: "a426b5cda92d19e74bb422cca40e8e80"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943669001337
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=MlsW7Q==, md5=pCa1zaktGedLtCLMpA6OgA==
x-goog-stored-content-length: 38049
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:54 GMT

GET
H3 200 10.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/ 973 KB
973 KB 44ms
43ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/10.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48FC) /
Resource Hash: 17471bf4e623606fe71a3259ea4ad9b44f46f5fe474be6296b08087a1129391d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:55 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPp28sd3BkVf_ydRRck6qwgswyj-addtxMrmZnZ2YM7GIkgzRzXQJrig7Kv4cgFIQFVI2vebJTd2S1W2OFmJqSmGDw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 996510
last-modified: Thu, 02 Nov 2023 16:47:25 GMT
server: ECAcc (ama/48FC)
etag: "ba3bfdd02bf22243015e457ee5a67777"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943645142119
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=PdcEJg==, md5=ujv90CvyIkMBXkV+5aZ3dw==
x-goog-stored-content-length: 996510
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:55 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
445 B 171ms
171ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=rhzX6z2F8TsVWaBxAZDXN2&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=208.79999995231628,79.29999995231628,1,502.10000002384186
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 20:12:55 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 37.58.58.247
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 051i4qcdo6oqac0j4b5g

GET
H3 200 10.m4s Show response
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/ 37 KB
37 KB 62ms
61ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/10.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48E4) /
Resource Hash: d73b01f056498bcb162f01f91058726d5c269c2743f42841f265853441e23cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:55 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPqb3IprDm-Q2rwm2jnztChpZYJyvHbieo4YXkasVxszg_ArtwuMWfG180BxswT1vw4McWGRzuNIFkA6Ff1wBw5amk5f4O2X
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37786
last-modified: Thu, 02 Nov 2023 16:47:43 GMT
server: ECAcc (ama/48E4)
etag: "3f3ea82ea8183b65d890aa33de78d282"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943663632744
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=w5STCg==, md5=Pz6oLqgYO2XYkKoz3njSgg==
x-goog-stored-content-length: 37786
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:55 GMT

GET
H3 200 11.m4s
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/ 900 KB
0 53ms
53ms XHR
video/iso.segment 192.229.220.49
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/1920x1080_h264_4000000/11.m4s
Requested by: Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=dde338660046412fb684511775149eb4&utm_source=82&utm_campaign=&utm_medium=&id=mohester%40valvoline.com&iocid=&aff=82&oid=118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D8) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.behindthemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:12:55 GMT
via: 1.1 google
x-cdn: 3
age: 2776980
x-guploader-uploadid: ABPtcPpDVI9wT3HyZ5ZRUvpRYy6y_u36Wfr9TTWT0-Ut1ZGon9u0xna1kdknrRTV3UCGagiTXog0dUUeOF467OWErVQT7A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311076
last-modified: Thu, 02 Nov 2023 16:47:25 GMT
server: ECAcc (ama/48D8)
etag: "810673ca52dd7bb6b1210b44a2fe245f"
x-cdn-site: c3-prod
content-type: video/iso.segment
access-control-allow-origin: *
x-goog-generation: 1698943645184296
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control: public, max-age=31104000
x-goog-hash: crc32c=hthUNw==, md5=gQZzylLde7axIQtEov4kXw==
x-goog-stored-content-length: 1311076
x-lb-backend: gcs-prod
accept-ranges: bytes
x-lb-cache: miss
expires: Thu, 28 Nov 2024 20:12:55 GMT

POST collect
region1.analytics.google.com/g/ 0
0

GET capture
api.leadpages.io/analytics/v1/observations/ Frame 6E74 0
0

POST scribe
stats.vidalytics.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444z8812088355&_p=1701720770106&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=258240335.1701720771&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1701720770&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3Ddde338660046412fb684511775149eb4%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dmohester%2540valvoline.com%26iocid%3D%26aff%3D82%26oid%3D118&dt=Prepare%20for%20War&en=fetch_user_data&epn.variant_id=0&_et=59&up.custom_client_id=258240335.1701720771.&upn.variant_id=0&upn.experiment_id=0&tfd=9650

Domain: api.leadpages.io
URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=v3AVzjZXg4KcZnkZe88dnL&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=44.699999928474426,45.300000071525574,1

Domain: stats.vidalytics.com
URL: https://stats.vidalytics.com/scribe

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 16:43:27	Name: view.bb4wMKcXKB896PwqF4vMVT-default-prop.M8m8wKU9zxEvbxyryYiQ2B Value: 1701720771000
.clkmg.com/	1970-01-21 01:27:36	Name: vid Value: 926867806
.go.behindthemarkets.com/	1970-01-21 01:29:03	Name: _vwo_uuid_v2 Value: DC1885EE93DAC45F9DCC349A636F66208\|b925025e07a611ebddcd6c028c36774b
.tiktok.com/	1970-01-21 02:03:36	Name: _ttp Value: 2Z5nNrSvbb3wbalAQbRFU97bhf3
.behindthemarkets.com/	1970-01-20 18:51:36	Name: _gcl_au Value: 1.1.552168650.1701720770
js.center.io/	1970-01-21 02:18:00	Name: centerVisitorId Value: HxVAcSuNPtRPVtREzoEAyy
.behindthemarkets.com/	1970-01-21 02:18:00	Name: _ga_KDYSD5C2HD Value: GS1.1.1701720770.1.0.1701720770.60.0.0
.behindthemarkets.com/	1970-01-21 02:18:00	Name: _ga Value: GA1.2.258240335.1701720771
.behindthemarkets.com/	1970-01-20 16:43:27	Name: _gid Value: GA1.2.1480750371.1701720771
.behindthemarkets.com/	1970-01-20 16:42:00	Name: _gat_UA-102395123-1 Value: 1
.behindthemarkets.com/	1970-01-21 02:03:36	Name: _tt_enable_cookie Value: 1
.behindthemarkets.com/	1970-01-21 02:03:36	Name: _ttp Value: JZ5zckI7ktkSX4O0BKbRivFcgAM
.behindthemarkets.com/	1970-01-21 02:18:00	Name: _ga_8R6YNFMJ23 Value: GS1.1.1701720770.1.0.1701720770.60.0.0
.doubleclick.net/	1970-01-21 02:03:36	Name: IDE Value: AHWqTUl8U7pjoJIA-1CQeW20BXF9mEvyzm5l1Kt_UnRxnYaFmUg89txk7X53jsrM
.criteo.com/	1970-01-21 02:03:36	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:03:36	Name: uid Value: 2c97c4a7-5259-4415-9e80-61d7e31d0c66
go.behindthemarkets.com/	1970-01-21 02:18:00	Name: bitmovin_analytics_uuid Value: 1bc28ecb-ec1f-435d-a7bb-cea9c0233cb8
.behindthemarkets.com/	1970-01-21 02:11:24	Name: cto_bundle Value: wyDkdV9iQ1F6Tnc1MloyYzd6eHdJRTdUdXpnS3BhR0VUd0g0VXIzVDF1cnFXJTJCTjNralFIZXc0dFhQeHluNlRBJTJGWE1QSFZCQWllb0V0cjg0WmhIQWtsUXZNJTJCdzA3bktVQ0Z2SWJhV3h2d1hWcHBsWXAlMkY0ZjZBbnRSMmYyUEFvTEd2cE9vbGM2bmx6QXJNNm14RUt0UWpldlc3azklMkJMbW9SMWF0b01QMnYwZDNjRDVVJTNE
behindthemarkets.app.optipub.com/	1970-01-20 17:25:12	Name: optipub Value: eyJpdiI6IklFUTBRZGFhN0FBaENML280SFUxT1E9PSIsInZhbHVlIjoiNG9PcGNTTnh0a0RYL25LZHBLanF2N1VCUFp2NmJwcC9HMmtPVjczNjRiOHBpdmQ5MDFBVzZKZGYxRFd2VFlnKzc4TUxYUkNMcVZhcXhMVUFHU1lBdXdiSHNnSzRIRUs2RitOMTd3QThiWFdnSWVwWG10MVJSZldvNlorYU50ZmU4emRDcFVqRG9EKzlTYlU1ZEEvKzlCY0tJTlZRSUJ4Yi9jUm1ua05sRU80d1NJRUl6U3RCWlBVYW5mVVU1Y1d6bDVVTkJOM25qMGZLQ3lMSnZBaklveHdDVHhWeThCRGZXTDcwU2s0dzNPWU5qRGI3U1FFMENDREwxMzJRREFvNUE0SmZ6SHBNYkhFQ01jdWdwZjcrUkU4TENaZ09HM1JtTjJqUktEdk9iOFI2c1JHWVBaSkNMOEZSZjZYaUtSSjhaSmJ2c1Brem41YVZHYmZzQVpjcTFJRTJHR3NyVHpKWWI0OVJveU9iODBvVGpINXF1NFY3bEtpbVpzV2NXYW9nMU5JV1Arcy9DWUpwL1FuSGZuZWJrbEdtWVVPdG5VcXNSZDB5UWdMT0dFWXVzVVZlNUtWaWJkam1ocmpsZ09EcWpNZS94SlFKRzkvei8zRC94UEIrcWZwNDZBYm9GS3R4TmpyYzl1M1J5S3NlRDRNRC84V3JodlVCQkgra3d0Q0UiLCJtYWMiOiI3YmRlNjQ0ZjBmZGRmNTRiNjYwM2Y4MzM0YmU4MGI3ZmZmOTg3NjZlMjBlNzIwMjQyMmRiNzMzNmRmZDU2MzVmIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-ingress-global.bitmovin.com
analytics.tiktok.com
api.leadpages.io
behindthemarkets.app.optipub.com
btm-btm-btm.lpages.co
cl.s12.exct.net
dev.visualwebsiteoptimizer.com
dynamic.criteo.com
embed.lpcontent.net
fast.vidalytics.com
fonts.googleapis.com
fonts.gstatic.com
go.behindthemarkets.com
googleads.g.doubleclick.net
gum.criteo.com
js.center.io
lh3.googleusercontent.com
licensing.bitmovin.com
mug.criteo.com
region1.analytics.google.com
static.leadpages.net
stats.g.doubleclick.net
stats.vidalytics.com
tracking.americanfinancecore.com
www.behindthemarkets-btm.com
www.clkmg.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api.leadpages.io
region1.analytics.google.com
stats.vidalytics.com
107.178.211.97
13.110.204.9
142.250.186.98
192.229.220.49
2001:4860:4802:34::15
2001:4860:4802:34::36
23.36.163.102
2600:1901:0:df23::
2606:4700:3035::ac43:b8c5
2a00:1450:4001:803::2003
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:810::200a
2a00:1450:4001:813::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9b
2a02:2638:3::c
2a02:2638:3::e
2a06:98c1:3121::3
34.107.203.240
34.225.139.193
34.96.102.137
35.190.27.197
35.192.151.63
35.202.21.90
50.97.212.250
007a4f37862f0939b008ddc457ce5f3ec02e6fe5cb2fb1f0f5fddc4e03170695
0229e56b6f30645d4d5ec494db46aabd272135e3b8e1f6f1222d4d1849eb0edb
0709767c144899edaae127f806108c6db57465b6fe25c90b0ee805ea354c75d6
0832aa91aca8d5bbc50894ed6ef12223908a8ba77dd866d4c43d48741e75c0f1
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
0fed22e4fcd2d46c6a3f525950f741c7b240c1cec956a59544da4a764cc447d7
102323eb6cdf8aa1a75caed0c590950e072e067cb906bbfd8ab1ece5676febf7
11c6ab531c33158e8d19b86e9cbb8671655a896f53167c3d88a33ec59288a313
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
17471bf4e623606fe71a3259ea4ad9b44f46f5fe474be6296b08087a1129391d
230ce7cbc4220c4724303b8a51e5de6f76093ac08c17af912082ab8488b32049
270ffa24a9156263921ef25688241d09a382e39f330976b72d6a63202dd995f8
2a0bbc88b64cfb5df74d21074371490b6b894e0114d8915683a72f604e03a506
2b1b4ae8f01d381a1856eb29539ef696f43a9ae59063cbc0b91c3130cf7e102a
3168078617b2269c673fe7059eafc5b141de5438a9fe3f2dc33742075078e51a
341410de257842c8105ff1fb00062f404bcf3ea33d8c0ef367723459e1dba4e6
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
42e6326211b739c4d83cc7899a38ec013ffacd2bba7df0fbf3c19a2989897c3f
449dcabdcebccf10abf7cf3875a73dd8e2b04f106b8a2faa88088e35116f81da
456173976d852c4b0b92b04876cb2be17c86202cbea86a40a8112352e9ab5ad7
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
4599f6e6c0ae09875cc0f808259127c33fe3f4a856fafe7e030bd44349278e12
501c7d76cd9df45e974caf4a7bce411290d032e841df5ae74b690f0bc794e387
527e656372de4c38e98e9da183000338d7d542dadab59c86a1cf732374cee1fb
530a8eecb4ed2f70062659424d6ae1b929319154d02c665e07686ce7348f2639
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
565b692cef847fbd7af294d0ddc75828041695220ff33dd8461b6512acafa49a
58d4b1bd9484ebd342399e408daeaa337b1c935091bd22c8d6ae49e1f828cb02
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
683ed31b0ea6bc279e5782915d995401fc12e103bb23de62b6285ed032e34417
693ba3c8c17bcb5fc92a7af916eb12cdd0bcea205aebdedec89c1b84293c4dd9
6aa8841da37d2b7ef7eb65a028f14130446a7cad8fa5983987d68a500f82f2e8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
72150905cff7b3720f271821217c264935a0f639e234a5c7dac787eb6cafdc9f
73d9a748dc6821a9d78b03b0855866d538924a6f8a61c7c85421cffefca5de66
7a328775024a4723889337143de786b952a4b9ae6758faf57d628f9908b6a1ec
7c0f8fa1338740f6e93a4b97de2d837519fba9ce1098720847ec659b5aba9388
7ef05fbbf556259c0458fa0dbd19c0689890efc28f9e4b2661c8a7501e6f5417
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
938f4156bd2f4badbb46ab94d9edda4cca0b6e4a1e4ec667cfe66bbf9cd107c2
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d3485f164f5e14e828694395146787a8e250d1cd6a9ac35cbac2afb4c05f686
9db8a51c7a657ace729e69e1e09ed0aa6b8c63a7ca1e476e87f85ff435334eda
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a2ab91ff3413e24bc43be0943910e71705018d3a91c1851633fe0e94d0f8959c
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
a5a03882d6cc3420749e95a6aa750c8e73f74a2ca75f1c778efd762784dcb22d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bae72ea2a056b660b2aa5a28de47d0b4758ce08079c92c10243f045c5532594d
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
ccd1c095f36d22ac57e0d479c5c360feac5c7b371fe1aa135ad696f895ededbd
d00c24b77f0cce63c40f8ebaf2812e1993279615e26f58b8d49c794bcf3c82a8
d2a16fd9ee29d47ba1ecb3323e9f8df0aa59a1f4b8c2466dd7fb944ea7233e1f
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e
d59a74862cc6c91ca00868fe7af4d67ee75532aab80a7c4f9922b50a8691d81f
d73b01f056498bcb162f01f91058726d5c269c2743f42841f265853441e23cdc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9dde0f6cd65bdb8fbfd852cc1a2b6a17a1600fdb29eec3ebd6d04368dd03c3
e1593f989bc71975b054e1f520b562551eb15397a4ade1656b988a59e020dd0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eabd132c74d36305cc8685001eb2d2630fcd8125a50a3b1fd135e49f25b10235
ec72a26fb61e50503fd5740ce76f1d0013ad88dca2292f554369fbbe0d93241d
ef1864695e2b5d03a8f654691df6a1e1f460b845ad26f204addfc048d887f492
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fc7af60b98a57cccf7d5d7ea6e10f640db6f7553fb131e991b120dd6a62e6e
f15b88b3e1d169cc658c0d8c30e507527da1b5a6111658138a6660b50f644ac9
f1f7a0b43e9a2bca53bd817c593b360ed36fa760705b2297e6014f858889acac
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9853dfd24f875df3bdd7e6bfd6095837997055279708fdac11c9d0328c371a4
fbd1f6154a86a6b879f908847dcabb938d6716b66df5e0a1c0aefe8f5e58cd02

go.behindthemarkets.com Open in urlscan Pro 35.202.21.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

95 %HTTPS

57 %IPv6

25 Domains

31 Subdomains

26 IPs

4 Countries

9659 kBTransfer

13914 kBSize

19 Cookies

4 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.behindthemarkets.com Open in urlscan Pro
35.202.21.90 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

95 %
HTTPS

57 %
IPv6

25
Domains

31
Subdomains

26
IPs

4
Countries

9659 kB
Transfer

13914 kB
Size

19
Cookies

112 HTTP transactions
2 data transactions