Report - click.thedailymoneytips.com/pfwvsl03/2ca5a957acf533363c9b27077151121c/48/1990905067/139350/cc64e73c59159ed629a91a705fe6c4c2/63293

Report Overview

Visited public
2023-12-08 21:25:11
Tags
URL
click.thedailymoneytips.com/pfwvsl03/2ca5a957acf533363c9b27077151121c/48/1990905067/139350/cc64e73c59159ed629a91a705fe6c4c2/63293
Finishing URL
go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
Prepare for War

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.behindthemarkets-btm.com	848293	2021-03-09	2021-03-11 20:23:38	2023-12-08 09:32:00	981 B	126 kB	188.114.96.1
go.behindthemarkets.com	815375	2017-03-30	2019-08-20 13:31:55	2023-12-08 08:27:53	650 B	98 kB	35.202.21.90
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-08 07:43:19	1.0 kB	41 kB	142.250.74.106
verifiedwebpage.com	unknown	2022-03-23	2022-03-23 19:03:14	2023-12-08 05:51:23	630 B	99 kB	188.114.96.1
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-08 05:47:56	6.9 kB	271 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-08 07:46:22	5.0 kB	344 kB	216.58.207.227
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	1.0 kB	1.4 kB	142.250.74.132
btm-btm-btm.lpages.co	unknown	2017-03-15	2022-07-01 17:54:14	2023-12-08 04:52:23	700 B	18 kB	35.202.21.90
api.leadpages.io	33876	2014-09-17	2016-01-27 23:05:06	2023-12-07 18:37:00	4.2 kB	2.7 kB	35.192.151.63
embed.lpcontent.net	50471	2020-06-17	2020-06-20 02:54:50	2023-12-08 08:27:56	440 B	15 kB	34.107.203.240
fast.vidalytics.com	218005	2007-05-15	2017-02-08 03:49:35	2023-12-07 08:39:27	4.3 kB	769 kB	151.101.129.91
licensing.bitmovin.com	19299	2013-01-21	2017-01-30 07:23:56	2023-12-08 13:06:19	525 B	600 B	35.227.229.24
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-08 05:12:42	2.0 kB	888 B	216.239.32.36
analytics-ingress-global.bitmovin.com	47119	2013-01-21	2017-08-18 07:30:44	2023-12-07 08:39:30	526 B	487 B	35.190.27.197
stats.vidalytics.com	153185	2007-05-15	2017-02-08 03:49:35	2023-12-07 08:39:30	3.1 kB	2.7 kB	107.178.211.97
static.leadpages.net	35995	2012-11-07	2016-05-28 02:45:21	2023-12-08 08:27:56	1.3 kB	33 kB	34.107.203.240
click.thedailymoneytips.com	unknown	2019-06-27	2023-03-10 21:57:35	2023-12-08 06:39:49	595 B	49 kB	188.114.97.1
js.center.io	39001	2011-09-13	2017-01-30 06:29:11	2023-12-08 16:49:15	2.0 kB	16 kB	216.239.36.21
lh3.googleusercontent.com	66	2008-11-17	2012-05-22 09:35:05	2023-12-08 18:12:16	1.1 kB	126 kB	142.250.74.97
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-08 07:38:21	1.6 kB	1.3 kB	142.250.74.131
behindthemarkets.app.optipub.com	unknown	2017-05-25	2023-07-06 20:00:52	2023-11-30 16:22:41	439 B	18 kB	34.225.139.193

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	thedailymoneytips.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (44)

	URL	From	Size	First Seen	Last Seen
	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	515 B	2023-03-12	2024-10-16
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:22 Last Seen2024-10-16 01:18 Times Seen36 Hash cd58e5eeceb693f9860a4d95bdb2b102 c8856fb4fedcb7b26e9181378c6392a9ad1d2fd8 6cb3ce91bc8bd218e97f42c2e6a492e7ce60cf68cf66b347cc22a48d70427248 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	414 B	2023-03-08	2025-04-17
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:09 Last Seen2025-04-17 20:21 Times Seen1060 Hash 0f1c1e338722cb680190732c4e8e3f3e de7e63cbcce170f77302100562443128f115ecbc ee29e0be4ce3b2f3bcfeddbb30b7594cc151657feba8d3760fb9835311116216 Loading...

	btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5	ScriptElement	447 B	2023-03-12	2024-10-16
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:22 Last Seen2024-10-16 01:18 Times Seen36 Hash 3027b07e2d44a61ebfbf776533b4d838 e4de3aa514d060507ca3a6336919532f923f4942 f703b3059220cb794bb3f3d605646df3a6247e048447976209ff3b274540096d Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	484 B	2023-07-15	2024-12-12
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-15 18:57 Last Seen2024-12-12 06:29 Times Seen105 Hash 321c8117d67c040e23de90186cb33e4b 1ad454d96a666669365e6b3706fd63f526eca80d 6765a314ea5853da05e975627987e92330672a35eb58458ccb72c900b65296a9 Loading...

	www.googletagmanager.com/gtag/js?id=AW-401032603	ScriptElement	223 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-401032603 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 22:25 Last Seen2023-12-08 22:25 Times Seen1 Hash e89ff876e365e96e4a0e0af2c8d6cf90 20d24e61e5513d36a03122bcfdfdb9bcb034a145 89bdee30be5ec3db842f24ce01602c2fe91415e05e617ce8475ee558fabb9370 Loading...

	btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5	ScriptElement	2.9 kB	2023-03-07	2025-04-23
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-04-23 13:41 Times Seen1284 Hash a3faab281a519d4ece6839d53701c840 4d0935708bd081919188e521931ce14f3cc7c59e ae42a47bdc6093b78f0b62277fab3d311c56337621d945fbc3c68d3216fd4343 Loading...

	unknown	ScriptElement	2.3 MB	2023-11-21	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 15:38 Last Seen2024-08-20 18:28 Times Seen19 Hash 67972eef0521b7aa61375d5406885a3c 760072e97d59cf0c583f929362b0bf4a3f70908c 0709767c144899edaae127f806108c6db57465b6fe25c90b0ee805ea354c75d6 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	2.2 kB	2023-05-24	2024-10-24
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 15:27 Last Seen2024-10-24 12:46 Times Seen100 Hash 132140ff41ff2b8093f5a0a17c2325ba 44cd600e1275977b3a737d7457f66d0c14e2cd07 5226f2e021abca13d2abd5fbda97c85f0a66841db67f2091fc1edf2bfcf91bda Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	153 B	2023-03-12	2024-10-16
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:22 Last Seen2024-10-16 01:18 Times Seen36 Hash 9e81737e2e39392367ffef0b462c1e9c 77deca3b1dc677d22acfdd048f2b8d4fba6bbbd5 6a2940d10dee4928d80738efa22d628ccc21c92581ef574d75b9cb89ac509923 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	82 B	2023-03-12	2024-10-16
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:22 Last Seen2024-10-16 01:18 Times Seen36 Hash a44970bef26bc7de771f148a0b928f29 7473762b44ac806384fefeeb2e4d6828fb04fe8f aa9517dd69c176a8e12188f6c43a078ded2df1872e64fe7a47bcd2dcd419e6b9 Loading...

	js.center.io/center.js	ScriptElement	13 kB	2023-03-07	2025-05-10
Pretty URL js.center.io/center.js IP 216.239.36.21 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15 Last Seen2025-05-10 20:57 Times Seen1307 Hash 60f05ff45d707fe36d87b75bf181800d e34d94b519ed465481596bcff099467feb0aafdd cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42 Loading...

	embed.lpcontent.net/leadboxes/current/embed.js	ScriptElement	43 kB	2023-03-07	2025-04-23
Pretty URL embed.lpcontent.net/leadboxes/current/embed.js IP 34.107.203.240 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15 Last Seen2025-04-23 13:41 Times Seen1174 Hash 7efcfabdb6209627ce8b016b1c4814eb f3b8ebfc5fe452333c0fa14b15b28567f30921b9 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296 Loading...

	btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5	ScriptElement	3.6 kB	2023-03-07	2025-04-19
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-04-19 23:47 Times Seen1251 Hash c164a88f770902ca8e62a5e399e32018 9d1ca269500112216a2b19d25b8c25440b2e89ba c53f0864a6382bf6866e66f734b2682161eb97cebed43234daf7ab086b4ca8c0 Loading...

	fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/loader.min.js	ScriptElement	43 kB	2023-11-21	2024-08-20
Pretty URL fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/loader.min.js IP 151.101.129.91 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 15:38 Last Seen2024-08-20 18:28 Times Seen19 Hash 206b0d439de787bc75fcbcf4ab570d1b 705996e59454f34dcf4adfc3348cdbc577d89a14 6aa8841da37d2b7ef7eb65a028f14130446a7cad8fa5983987d68a500f82f2e8 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 16:55 Times Seen341959 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5	ScriptElement	582 B	2023-03-07	2025-04-23
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-04-23 13:41 Times Seen1278 Hash 24959da5977b7558ff59cd5acdf88a1e 43c70045dc13d59dc973e90432261325421d8549 71e5a7aff94fa6fd0a971d99e54814a4131a061f2e361ffc73a5a6ef11d1062a Loading...

	btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5	ScriptElement	7.1 kB	2023-03-07	2025-04-23
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-04-23 13:41 Times Seen1270 Hash 54fcbe8bf78f4a60f28e2cdb6e694d36 20b842db1ad9bd92eed8c854065b761a84f69e27 72ceea7d54bdaa348bf0f1e1545e148dd2e9c248a2ca70482f8b5f0047587b4f Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 16:55 Times Seen341158 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	974 B	2023-03-12	2024-10-16
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:22 Last Seen2024-10-16 01:18 Times Seen36 Hash 4ac6a930e07adf3840260c72145a8c40 a9bdb50b425666198c2cf14de8f0dcc7e89342dd 5053c245850905659170c8ccea1471edbd8c0215e02ab6f75f8afe512ac9f8d7 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	917 B	2023-11-21	2024-08-20
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-21 15:38 Last Seen2024-08-20 18:28 Times Seen19 Hash 6e0865419e85e27aba08e4f427c517e5 6666c21eb969b8accfd8e74eb919a6c530604a04 1f7aa4b463d28c450b510226adfeaebe2d98c6aea9784d8902ab6500e5bdb140 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	603 B	2023-03-12	2024-10-16
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 23:22 Last Seen2024-10-16 01:18 Times Seen36 Hash 02668aa95e8bcf958fe48ac47cac5cdb 74fe3c1dfdb233c99b9e8bdc6b1dcc586d32a3d0 a9e508dfd2b79a1c57db13f49b62dae86c997d86293587e591a87613a394dd26 Loading...

	btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5	ScriptElement	2.5 kB	2023-03-07	2025-03-27
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-03-27 04:55 Times Seen424 Hash 0e02738ac706f2cc3dfb299a7fce970e 664081b30b8d227de4a54aca59e51f9c79986052 c36eb45451b0743dc65ca4bcfebc51511584a351ed4e6c8d98685b7eca9ddc26 Loading...

	btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5	ScriptElement	1.1 kB	2023-03-07	2025-04-23
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-04-23 13:41 Times Seen1279 Hash f243709fadf6e072fd4fc43a139860e6 21692bdbc65edff8eca41e13d7036235f8ece36f 942275c3ece75f2592f4947d4e306a2a594de12dddd152ca13eafb747166a35c Loading...

	behindthemarkets.app.optipub.com/sdk/sdk.js	ScriptElement	17 kB	2023-07-15	2024-12-12
Pretty URL behindthemarkets.app.optipub.com/sdk/sdk.js IP 34.225.139.193 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-15 18:57 Last Seen2024-12-12 06:29 Times Seen105 Hash e07901ec63e28b970a5aeb7c7bee1958 d6fe3cf6b202b29e97b1b9656bb9c7cdd7b30737 d59a74862cc6c91ca00868fe7af4d67ee75532aab80a7c4f9922b50a8691d81f Loading...

	www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c	ScriptElement	288 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 22:25 Last Seen2023-12-08 22:33 Times Seen5 Hash e3dacfc5bcbc9390ffa2731984531687 54c962593d203cede4993aa27cfba4e8d66b034c 3d54dddf1d426529f03d1db8049593a0e5bc7cef2504861cbd4e4c6ca81dc9ae Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	5.4 kB	2023-05-15	2025-04-19
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-15 23:35 Last Seen2025-04-19 23:47 Times Seen1241 Hash fc0b8de8bf07fe1f20ecbf76e15f87aa 57950c0b8f0f6768b595fd74ec115f032b03f9ed cf61f4a4f3c09feac95f312fe0115655571a65979b16e2c3468cd422a1ba0b8f Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	347 B	2023-03-07	2025-04-23
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-04-23 13:41 Times Seen1280 Hash 324d070d383d7e171663391494e4eaf1 147167b389b5672075f113a03583378a22149967 3dfd8ef986ba39418b44b6eeef78e69bb8d04e786e7479c37087cb70b4fa9c84 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	181 B	2023-03-07	2025-04-23
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:21 Last Seen2025-04-23 13:41 Times Seen1263 Hash 03c6f9076ca3a4dee82dff97b28e6e5f 34e14b9e6b7f1f25bacd50142f395e4409ca74f6 74b2d22da3e536e007235a166b47e5498591fef8dd5723ffedfbf5a89cd97aa6 Loading...

	btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5	ScriptElement	5.0 kB	2023-04-08	2025-03-27
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-08 09:51 Last Seen2025-03-27 04:55 Times Seen130 Hash 1e13762297d09589f422c7581104b099 849d7ecfaa531bd062f948d616950565664af76c 570168dbd1a9d171aa6468b12cc6d9e68c81d66ff2cd8f9f54c0e6289d93ca6d Loading...

	www.google.com/pagead/1p-conversion/401032603/?random=1702070700467&cv=11&fst=1702070700467&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.google.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=1997705690.1702070700&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4	ScriptElement	43 B	2023-03-07	2025-04-22
Pretty URL www.google.com/pagead/1p-conversion/401032603/?random=1702070700467&cv=11&fst=1702070700467&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.google.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=1997705690.1702070700&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-04-22 05:33 Times Seen9724 Hash ad8b6f08655797587cdec719a94efe59 182adf5a140796f81e930649d05654dbf22fd5b7 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Loading...

	www.behindthemarkets-btm.com/scripts/sdk/everflow.js	ScriptElement	61 kB	2023-11-21	2024-08-20
Pretty URL www.behindthemarkets-btm.com/scripts/sdk/everflow.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 15:38 Last Seen2024-08-20 18:28 Times Seen81 Hash 2fbd16eec2e2b92a0312d95ef87bd64d c9f8425947f072f63cded697f297e1784e37b634 bae72ea2a056b660b2aa5a28de47d0b4758ce08079c92c10243f045c5532594d Loading...

	www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX	ScriptElement	303 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 22:25 Last Seen2023-12-08 22:33 Times Seen5 Hash db86ad70b46baecc4e1c0757f4f51452 25b1018172a831da13b55d5f5b5465e85841d354 fd4c6b5792a63a432ba96b909dad6560a2add30cf42043b509275a38a5efaf56 Loading...

	unknown	EventHandler	16 B	2023-04-10	2025-05-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-05-11 16:35 Times Seen56716 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5	ScriptElement	156 B	2023-03-07	2025-04-17
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-04-17 05:15 Times Seen53 Hash 0cb3e2d5e510786705e5dab1afee1b51 28dfa425bc58e77bc8f9d979f763418295003ce7 7eb8f4d191d4a1199a8f95f57a661b59461ae6269abc05cc5b9c04a2b0bbe962 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	461 B	2023-03-08	2025-04-17
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:09 Last Seen2025-04-17 20:21 Times Seen1071 Hash e9565aa95958c3f427dd710f00d4a092 c596f2b7d288537ccac2c83942fe24643166ccea f36c51fc4c2bfd0402dc43fc85669439adc251635fa6db4600570b3766c07b99 Loading...

	unknown	ScriptElement	314 B	2023-07-15	2024-10-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-15 18:57 Last Seen2024-10-16 01:18 Times Seen36 Hash 91fc47c72be9e37099b4328a8fc326da 3aba6e8674cf9ca01be94fb9659dad70fb56b7dd 879d99da4539202cffecadca55e19f87fa47444d2871430dcebeb821e90a75c2 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	889 B	2023-03-07	2025-04-19
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:21 Last Seen2025-04-19 23:47 Times Seen1215 Hash e836a223299c66996d922f90cb0a7ed3 8bf67c5a1042829803fc04c4b047ec9f5482bf70 c77e92eba359ee71dbbc3d949be51ac51788cb30ef685ef643bf5c8961d7eff1 Loading...

	btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5	ScriptElement	4.0 kB	2023-03-07	2025-04-23
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-04-23 13:41 Times Seen1077 Hash ab3f007f9ddbf0f4583e6002fec81753 64833abe13132a7220b56d21255b5c5a4e8a0c0f 44a8607238597f4d1d1c5bd6cce5f871b987105d969aa5d492e1f37e23aca407 Loading...

	go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35	ScriptElement	934 B	2023-11-21	2024-08-20
Pretty URL go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 IP 35.202.21.90 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-21 15:38 Last Seen2024-08-20 18:28 Times Seen23 Hash 07b24f01b54a592c7e6fabdd6a36e8a5 ea90a4ea32143197aeabcd74d7a1cb2bdaedeb36 70ea82259e7d46e8a2dec90f0561109c924104d2d98bbe0af2015d780622d785 Loading...

		Size	First Seen	Last Seen
	#1 Eval - a434d8d70086c5b541cf953d46a6fcf9	65 B	2023-11-21 15:38	2025-04-17 17:17
Pretty Observations First Seen2023-11-21 15:38 Last Seen2025-04-17 17:17 Times Seen1007 Hash a434d8d70086c5b541cf953d46a6fcf9 651ac529314c0915b3d6f9af6dbf366d5e020ab6 bd79f3bace96866d957bfa99c34951689148707899756824ce4e9c0d1726ff37 Loading...

	#2 Eval - 70067a5e54adbe9d9567c09470b0a617	92 B	2023-03-08 02:09	2025-04-17 20:21
Pretty Observations First Seen2023-03-08 02:09 Last Seen2025-04-17 20:21 Times Seen1038 Hash 70067a5e54adbe9d9567c09470b0a617 4a47e4781b5bac3cdd38247db3fb87c63336c31a ad86521431911b76d497d5ebf350060c89e901d2bed2ebfa8a0d7b751b96f860 Loading...

	#3 Eval - ed6513f751a5ac340c506433a8932e4d	130 B	2023-07-15 18:57	2025-04-17 20:21
Pretty Observations First Seen2023-07-15 18:57 Last Seen2025-04-17 20:21 Times Seen557 Hash ed6513f751a5ac340c506433a8932e4d 2e9b4f77b90719e385fa5e1a6c64f1b64bb14c44 9be57bcecd8a6a38f5418f581494f966ff4fae4d54ec0b116c32ae3073083dca Loading...

	#4 Eval - 4fe7374212694d79957cd9a1bb8fdef2	126 B	2023-03-08 02:09	2025-04-17 20:21
Pretty Observations First Seen2023-03-08 02:09 Last Seen2025-04-17 20:21 Times Seen1059 Hash 4fe7374212694d79957cd9a1bb8fdef2 010e231568ee9c1bd7f2460c5a79da7f557fcc9a 93a694caf72303625617cfe8edbe6444a43454c3e34613487a74188f783c1e58 Loading...

	#5 Eval - 0a94139e4615771d6d97fb3d968225b2	80 B	2023-03-08 02:09	2025-04-17 20:21
Pretty Observations First Seen2023-03-08 02:09 Last Seen2025-04-17 20:21 Times Seen1057 Hash 0a94139e4615771d6d97fb3d968225b2 ede8882cf509b54d78f9ae6d0983cb4466a633b6 ca0059abf25af68454df89030c51cb41e112e2fa58ebb0b2ffa85b3fc6fee883 Loading...

HTTP Transactions (67)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=AW-401032603

142.250.74.168

200 OK

78 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=AW-401032603
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (7476)
Size
78 kB (77768 bytes)
Hash
e89ff876e365e96e4a0e0af2c8d6cf90
20d24e61e5513d36a03122bcfdfdb9bcb034a145
89bdee30be5ec3db842f24ce01602c2fe91415e05e617ce8475ee558fabb9370

HTTP Headers

GET /gtag/js?id=AW-401032603 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 21:24:53 GMT
expires: Fri, 08 Dec 2023 21:24:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 08 Dec 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77768
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

embed.lpcontent.net/leadboxes/current/embed.js

34.107.203.240

200 OK

15 kB

URL GET HTTP/2
embed.lpcontent.net/leadboxes/current/embed.js
IP
34.107.203.240:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subjectembed.lpcontent.net
FingerprintAA:24:86:3A:5D:5D:74:CB:4E:37:A3:58:A5:0C:08:15:8B:09:CE:85
ValidityFri, 01 Dec 2023 01:09:51 GMT - Thu, 29 Feb 2024 02:02:04 GMT

File type
ASCII text, with very long lines (30758)
Size
15 kB (14811 bytes)
Hash
7efcfabdb6209627ce8b016b1c4814eb
f3b8ebfc5fe452333c0fa14b15b28567f30921b9
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

HTTP Headers

GET /leadboxes/current/embed.js HTTP/1.1
Host: embed.lpcontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
x-cloud-trace-context: ea3d02ac866124c6cf32118b5c68fe3b
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14811
date: Fri, 08 Dec 2023 21:20:45 GMT
expires: Fri, 08 Dec 2023 21:25:45 GMT
cache-control: public, max-age=300
etag: "HsLdGg"
content-type: application/javascript
vary: Accept-Encoding
age: 248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css

34.107.203.240

200 OK

15 kB

URL GET HTTP/3
static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
IP
34.107.203.240:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subjectstatic.leadpages.net
Fingerprint74:ED:B8:2C:E0:C6:39:88:EB:34:E1:82:96:F0:49:60:2D:6B:6E:03
ValidityMon, 16 Oct 2023 23:07:53 GMT - Sun, 14 Jan 2024 23:59:05 GMT

File type
ASCII text, with very long lines (58749)
Size
15 kB (14628 bytes)
Hash
84d8ad2b4fcdc0f0c58247e778133b3a
6f33eae92d42fe209167139940a0ad6a3c6c167e
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

HTTP Headers

GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 4ac40d96e14324992918d97984059679
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14628
date: Wed, 15 Nov 2023 14:38:27 GMT
expires: Thu, 14 Nov 2024 14:38:27 GMT
cache-control: public, max-age=31536000
age: 2011586
etag: "CffC8Q"
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

142.250.74.168

200 OK

97 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (24792)
Size
97 kB (97192 bytes)
Hash
db86ad70b46baecc4e1c0757f4f51452
25b1018172a831da13b55d5f5b5465e85841d354
fd4c6b5792a63a432ba96b909dad6560a2add30cf42043b509275a38a5efaf56

HTTP Headers

GET /gtm.js?id=GTM-WNRH3TX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 21:24:53 GMT
expires: Fri, 08 Dec 2023 21:24:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 08 Dec 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

click.thedailymoneytips.com/pfwvsl03/2ca5a957acf533363c9b27077151121c/48/1990905067/139350/cc64e73c59159ed629a91a705fe6c4c2/63293

188.114.97.1

302 Found

48 kB

URL User Request GET HTTP/2
click.thedailymoneytips.com/pfwvsl03/2ca5a957acf533363c9b27077151121c/48/1990905067/139350/cc64e73c59159ed629a91a705fe6c4c2/63293
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectthedailymoneytips.com
Fingerprint79:EC:85:19:05:49:AD:6B:8A:A1:90:4E:B9:8D:91:79:4B:F6:6C:79
ValidityWed, 25 Oct 2023 16:41:13 GMT - Tue, 23 Jan 2024 16:41:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Size
48 kB (48208 bytes)
Hash
c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfwvsl03/2ca5a957acf533363c9b27077151121c/48/1990905067/139350/cc64e73c59159ed629a91a705fe6c4c2/63293 HTTP/1.1
Host: click.thedailymoneytips.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 08 Dec 2023 21:24:50 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=2ca5a957acf533363c9b27077151121c&product=2441&ar=48&cid=139350&lid=cc64e73c59159ed629a91a705fe6c4c2&slhash=63293&mtaid=[s7]&cid2=[s8]
cache-control: max-age=600
expires: Fri, 08 Dec 2023 21:34:50 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FZKHMgqS0hRoxLP3eHasM845mHBM4%2FLbDzsjEILGN7YuxRxLdCcX1WyKLaXyMZnRLKTvdC4Z1dyUlMg6FR%2BMja3OgThIfs3i4IOUVh%2BvjXI6Z0NVo%2B9ENbAi5zXJTucCy2pqWNW0L4%2FIHLWSwY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832813d4ec2ed922-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/rozhaone/v15/AlZy_zVFtYP12Zncg2kRcn35.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/rozhaone/v15/AlZy_zVFtYP12Zncg2kRcn35.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18176, version 1.0\012- data
Size
18 kB (18176 bytes)
Hash
bb35a7e4ed935bd3e56eaa8aabe2a268
b6f2b6682f7188b44b32b77475d8a8d9461b9e39
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff

HTTP Headers

GET /s/rozhaone/v15/AlZy_zVFtYP12Zncg2kRcn35.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 23:27:37 GMT
expires: Fri, 06 Dec 2024 23:27:37 GMT
cache-control: public, max-age=31536000
age: 79036
last-modified: Thu, 24 Aug 2023 20:21:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:58 GMT
expires: Fri, 06 Dec 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 145435
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:58 GMT
expires: Fri, 06 Dec 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 145435
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:25 GMT
expires: Fri, 06 Dec 2024 15:46:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 106708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.center.io/center.js

216.239.36.21

200 OK

5.4 kB

URL GET HTTP/2
js.center.io/center.js
IP
216.239.36.21:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subjectjs.center.io
Fingerprint6E:F1:81:B3:07:D7:9A:09:58:BD:C4:D1:90:7A:13:93:42:CC:A2:AC
ValidityWed, 08 Nov 2023 17:06:29 GMT - Tue, 06 Feb 2024 17:50:58 GMT

File type
ASCII text, with very long lines (566)
Size
5.4 kB (5417 bytes)
Hash
60f05ff45d707fe36d87b75bf181800d
e34d94b519ed465481596bcff099467feb0aafdd
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

HTTP Headers

GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-cloud-trace-context: 2f6fe55917b91100135db19677efa131
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Fri, 08 Dec 2023 21:24:53 GMT
expires: Fri, 08 Dec 2023 21:29:53 GMT
cache-control: public, max-age=300
etag: "OMWYXg"
content-type: application/javascript
age: 0
X-Firefox-Spdy: h2

fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/loader.min.js

151.101.129.91

200 OK

11 kB

URL GET HTTP/2
fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/loader.min.js
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (42630), with CRLF, LF line terminators
Size
11 kB (10594 bytes)
Hash
206b0d439de787bc75fcbcf4ab570d1b
705996e59454f34dcf4adfc3348cdbc577d89a14
6aa8841da37d2b7ef7eb65a028f14130446a7cad8fa5983987d68a500f82f2e8

HTTP Headers

GET /embeds/PzpZ_7KZ/a5iVVdifALA_06wV/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
x-envoy-upstream-service-time: 34
server: istio-envoy
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: api-prod
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=600
x-lb-cache: disabled
content-encoding: gzip
accept-ranges: bytes
date: Fri, 08 Dec 2023 21:24:53 GMT
age: 84
x-served-by: cache-dfw-kdfw8210078-DFW, cache-bma1675-BMA
x-cache: HIT, MISS
x-cache-hits: 10, 0
x-timer: S1702070694.529609,VS0,VE134
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10594
X-Firefox-Spdy: h2

www.googletagmanager.com/td?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=go.behindthemarkets.com%2Fprepare-for-war-video-1%2F&tdp=AW-401032603;73644296;0;0;0&z=0

142.250.74.168

204 No Content

0 B

URL GET HTTP/3
www.googletagmanager.com/td?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=go.behindthemarkets.com%2Fprepare-for-war-video-1%2F&tdp=AW-401032603;73644296;0;0;0&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /td?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=go.behindthemarkets.com%2Fprepare-for-war-video-1%2F&tdp=AW-401032603;73644296;0;0;0&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Fri, 08 Dec 2023 21:24:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=go.behindthemarkets.com%2Fprepare-for-war-video-1%2F&tdp=AW-401032603;73644296;0;0;0&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=go.behindthemarkets.com%2Fprepare-for-war-video-1%2F&tdp=AW-401032603;73644296;0;0;0&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=go.behindthemarkets.com%2Fprepare-for-war-video-1%2F&tdp=AW-401032603;73644296;0;0;0&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 21:24:53 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogtadsdatatos.1ogtgasend.1ogt1pdatav2.1ccdadsfirst.1ccdpreautopii.1ccdadslast&ti=2ogtadsdatatos.2ogtgasend.2ogt1pdatav2.2ccdadsfirst.2ccdpreautopii.2ccdadslast&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogtadsdatatos.1ogtgasend.1ogt1pdatav2.1ccdadsfirst.1ccdpreautopii.1ccdadslast&ti=2ogtadsdatatos.2ogtgasend.2ogt1pdatav2.2ccdadsfirst.2ccdpreautopii.2ccdadslast&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogtadsdatatos.1ogtgasend.1ogt1pdatav2.1ccdadsfirst.1ccdpreautopii.1ccdadslast&ti=2ogtadsdatatos.2ogtgasend.2ogt1pdatav2.2ccdadsfirst.2ccdpreautopii.2ccdadslast&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 21:24:53 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtag.config&eid=3&u=AAAAAAAAAAAAAIA&h=Ag&epr=1AW&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtag.config&eid=3&u=AAAAAAAAAAAAAIA&h=Ag&epr=1AW&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtag.config&eid=3&u=AAAAAAAAAAAAAIA&h=Ag&epr=1AW&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 21:24:53 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.js&eid=1&h=Ag&tr=1rep&ti=1rep&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.js&eid=1&h=Ag&tr=1rep&ti=1rep&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.js&eid=1&h=Ag&tr=1rep&ti=1rep&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 21:24:53 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=*&eid=4&u=AAAAAAAAAAAAAIA&h=Ag&epr=1AW&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=*&eid=4&u=AAAAAAAAAAAAAIA&h=Ag&epr=1AW&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=*&eid=4&u=AAAAAAAAAAAAAIA&h=Ag&epr=1AW&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 21:24:53 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c

142.250.74.168

200 OK

93 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (14860)
Size
93 kB (92683 bytes)
Hash
e3dacfc5bcbc9390ffa2731984531687
54c962593d203cede4993aa27cfba4e8d66b034c
3d54dddf1d426529f03d1db8049593a0e5bc7cef2504861cbd4e4c6ca81dc9ae

HTTP Headers

GET /gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 21:24:53 GMT
expires: Fri, 08 Dec 2023 21:24:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92683
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.behindthemarkets-btm.com/scripts/sdk/everflow.js

188.114.96.1

200 OK

26 kB

URL GET HTTP/2
www.behindthemarkets-btm.com/scripts/sdk/everflow.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerLet's Encrypt
Subjectbehindthemarkets-btm.com
Fingerprint90:FD:E6:D2:26:0E:7C:0D:2B:34:E4:B8:E0:73:40:2A:56:2A:7E:DB
ValidityTue, 31 Oct 2023 11:19:13 GMT - Mon, 29 Jan 2024 11:19:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (61239)
Size
26 kB (25998 bytes)
Hash
2fbd16eec2e2b92a0312d95ef87bd64d
c9f8425947f072f63cded697f297e1784e37b634
bae72ea2a056b660b2aa5a28de47d0b4758ce08079c92c10243f045c5532594d

HTTP Headers

GET /scripts/sdk/everflow.js HTTP/1.1
Host: www.behindthemarkets-btm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 21:24:53 GMT
content-type: text/javascript
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
cache-control: max-age=14400
vary: Origin, Accept-Encoding
x-eflow-request-id: 698afe41-9e34-4b32-b00b-a1f9f494a5de
via: 1.1 google
cf-cache-status: HIT
age: 11628
last-modified: Fri, 08 Dec 2023 18:11:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FPYCGM6X1dcz1cN3D%2FZW2FSwXUb0AC8V2SNWUXf%2BePq8iQ2OUe3XmwJuGCnBG%2FxXFxdJOxE5bXYcMNmWgNomcu2tvz42A3cUwa1wEOVJVOOhmxXGr8DDfnCeY0s7EGFFAlPd38E3LcL7SiWPIP5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832813e7597ad953-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

js.center.io/identify.html

216.239.36.21

200 OK

2.0 kB

URL GET HTTP/2
js.center.io/identify.html
IP
216.239.36.21:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subjectjs.center.io
Fingerprint6E:F1:81:B3:07:D7:9A:09:58:BD:C4:D1:90:7A:13:93:42:CC:A2:AC
ValidityWed, 08 Nov 2023 17:06:29 GMT - Tue, 06 Feb 2024 17:50:58 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (612)
Size
2.0 kB (2016 bytes)
Hash
0ba3629e9c8b8af4c7a13d344978898a
c05b5c80e1eec6e630547ecfacf11eb86391e4b6
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

HTTP Headers

GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-cloud-trace-context: 7de946b93912cbb00af0801082051d4c
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Fri, 08 Dec 2023 21:24:53 GMT
expires: Fri, 08 Dec 2023 21:29:53 GMT
cache-control: public, max-age=300
etag: "OMWYXg"
content-type: text/html
age: 1
X-Firefox-Spdy: h2

fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/player-dash-mse.min.js?hash=vckwrgcs

151.101.129.91

200 OK

619 kB

URL GET HTTP/3
fast.vidalytics.com/embeds/PzpZ_7KZ/a5iVVdifALA_06wV/player-dash-mse.min.js?hash=vckwrgcs
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65399)
Size
619 kB (618911 bytes)
Hash
67972eef0521b7aa61375d5406885a3c
760072e97d59cf0c583f929362b0bf4a3f70908c
0709767c144899edaae127f806108c6db57465b6fe25c90b0ee805ea354c75d6

HTTP Headers

GET /embeds/PzpZ_7KZ/a5iVVdifALA_06wV/player-dash-mse.min.js?hash=vckwrgcs HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 618911
x-guploader-uploadid: ABPtcPraU5dSKC-ndffMapZP3bJE9qFuQqHfwd7FOcU5H_tBM2LJzoPYWjnVVXKfoxrrw3kBlZz8X_E_9LuXSpToLcf4rmP_voxJ
cache-control: public, max-age=300, s-maxage=2592000
expires: Sat, 02 Dec 2023 17:08:53 GMT
last-modified: Thu, 02 Nov 2023 16:49:52 GMT
etag: "af8bb2b25e47f77e29fbd18c6fda7c13"
x-goog-generation: 1698943792227756
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 618911
content-type: application/javascript; charset=utf-8
content-encoding: gzip
x-goog-hash: crc32c=C9J9BQ==, md5=r4uysl5H934p+9GMb9p8Ew==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Fri, 08 Dec 2023 21:24:54 GMT
age: 129931
x-served-by: cache-dfw-kdfw8210091-DFW, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 44871, 1
x-timer: S1702070694.022379,VS0,VE4
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 04:57:34 GMT
expires: Fri, 06 Dec 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 145640
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=s16

142.250.74.97

200 OK

534 B

URL GET HTTP/2
lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=s16
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x12, components 3\012- data
Size
534 B (534 bytes)
Hash
a3aaf5b0ac3df3fd2980d99e3a5f40dc
3b1d694ffe85512b3626bc057825a7d42d9f6e79
230ce7cbc4220c4724303b8a51e5de6f76093ac08c17af912082ab8488b32049

HTTP Headers

GET /q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=s16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 534
x-xss-protection: 0
date: Fri, 08 Dec 2023 21:24:54 GMT
expires: Sat, 09 Dec 2023 21:24:54 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/pagead/1p-conversion/401032603/?random=1702070700467&cv=11&fst=1702070700467&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.google.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=1997705690.1702070700&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4

142.250.74.132

302 Found

63 B

URL GET HTTP/2
www.google.com/pagead/1p-conversion/401032603/?random=1702070700467&cv=11&fst=1702070700467&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.google.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=1997705690.1702070700&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

HTTP Headers

GET /pagead/1p-conversion/401032603/?random=1702070700467&cv=11&fst=1702070700467&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.google.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=1997705690.1702070700&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 21:24:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/401032603/?random=1702070700467&cv=11&fst=1702070700467&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.google.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=1997705690.1702070700&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css

34.107.203.240

200 OK

15 kB

URL GET HTTP/3
static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
IP
34.107.203.240:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subjectstatic.leadpages.net
Fingerprint74:ED:B8:2C:E0:C6:39:88:EB:34:E1:82:96:F0:49:60:2D:6B:6E:03
ValidityMon, 16 Oct 2023 23:07:53 GMT - Sun, 14 Jan 2024 23:59:05 GMT

File type
ASCII text, with very long lines (58749)
Size
15 kB (14628 bytes)
Hash
84d8ad2b4fcdc0f0c58247e778133b3a
6f33eae92d42fe209167139940a0ad6a3c6c167e
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

HTTP Headers

GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 4ac40d96e14324992918d97984059679
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14628
date: Wed, 15 Nov 2023 14:38:27 GMT
expires: Thu, 14 Nov 2024 14:38:27 GMT
cache-control: public, max-age=31536000
age: 2011587
etag: "CffC8Q"
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.leadpages.net/images/favicon.ico

34.107.203.240

2.6 kB

URL GET
static.leadpages.net/images/favicon.ico
IP
34.107.203.240:0
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subjectstatic.leadpages.net
Fingerprint74:ED:B8:2C:E0:C6:39:88:EB:34:E1:82:96:F0:49:60:2D:6B:6E:03
ValidityMon, 16 Oct 2023 23:07:53 GMT - Sun, 14 Jan 2024 23:59:05 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
2.6 kB (2594 bytes)
Hash
0210a839146c090d313d070610e16bd2
f87bd57affad1046bf0f44db93f7c23304e43d55
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: *
x-cloud-trace-context: d5e8bc1f8f5477d2c04f6ec41606b978
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 2594
date: Fri, 08 Dec 2023 21:22:03 GMT
expires: Fri, 08 Dec 2023 21:27:03 GMT
cache-control: public, max-age=300
age: 171
etag: "HsLdGg"
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1280

142.250.74.97

200 OK

124 kB

URL GET HTTP/2
lh3.googleusercontent.com/q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1280
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x960, components 3\012- data
Size
124 kB (124386 bytes)
Hash
4fb691d934a18e8719ce968db6296418
7b361dc88289be4c880fe080a566f900143f534d
6b630159160cde201e1b8a5072f02eaa2aa91274bedaf404f87df232991580b7

HTTP Headers

GET /q5avMORkzh_fchUXIkIwMskouEi9z_gtcSv273in0gP0OzgNj4ZrDwS9MC7qLcCgm65vGDpa_TMUIvpdCNmcggcf01fXfhNcWHo=w1280 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 124386
x-xss-protection: 0
date: Fri, 08 Dec 2023 19:26:38 GMT
expires: Sat, 09 Dec 2023 19:26:38 GMT
cache-control: public, max-age=86400, no-transform
age: 7096
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5

35.202.21.90

200 OK

18 kB

URL GET HTTP/2
btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5
IP
35.202.21.90:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerLet's Encrypt
Subject*.lpages.co
Fingerprint5E:8B:8D:95:C5:B5:4E:8A:09:3A:67:0C:16:48:D5:1B:BF:26:B0:33
ValidityWed, 29 Nov 2023 13:47:34 GMT - Tue, 27 Feb 2024 13:47:33 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (47746)
Size
18 kB (17815 bytes)
Hash
2f19c15c74080af390773dab3f233021
15115859f39486b01d6deec7c7551cf51f0c95f5
a5a03882d6cc3420749e95a6aa750c8e73f74a2ca75f1c778efd762784dcb22d

HTTP Headers

GET /serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5 HTTP/1.1
Host: btm-btm-btm.lpages.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 21:24:54 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: no-cache
x-cache: MISS, HIT
etag: W/"020f2e7f5de46a783fcb76a76791482c"
last-modified: Mon, 31 Jan 2022 22:51:27 GMT
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2

js.center.io/center.js

216.239.36.21

200 OK

5.4 kB

URL GET HTTP/2
js.center.io/center.js
IP
216.239.36.21:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subjectjs.center.io
Fingerprint6E:F1:81:B3:07:D7:9A:09:58:BD:C4:D1:90:7A:13:93:42:CC:A2:AC
ValidityWed, 08 Nov 2023 17:06:29 GMT - Tue, 06 Feb 2024 17:50:58 GMT

File type
ASCII text, with very long lines (566)
Size
5.4 kB (5417 bytes)
Hash
60f05ff45d707fe36d87b75bf181800d
e34d94b519ed465481596bcff099467feb0aafdd
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

HTTP Headers

GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Cookie: centerVisitorId=bGq3jLRcGKQctsYFzvn4cV
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-cloud-trace-context: b06019742792745610908c1174e4a577
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Fri, 08 Dec 2023 21:22:39 GMT
expires: Fri, 08 Dec 2023 21:27:39 GMT
cache-control: public, max-age=300
age: 135
etag: "OMWYXg"
content-type: application/javascript
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=1660508048.1702070701&gtm=45je3bt0v874108444z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2125424083

142.250.74.131

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=1660508048.1702070701&gtm=45je3bt0v874108444z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2125424083
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=1660508048.1702070701&gtm=45je3bt0v874108444z8812088355&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2125424083 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 21:24:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&e=gtm.init&eid=0&u=AgAAAAAAIAAAAIAI&h=Ag&tr=5ogtadsdatatos.5ogtgasend.5ogt1pdatav2.5ccdadsfirst.5ccdpreautopii.5ccdadslast&ti=2ogtadsdatatos.2ogtgasend.2ogt1pdatav2.2ccdadsfirst.2ccdpreautopii.2ccdadslast&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&e=gtm.init&eid=0&u=AgAAAAAAIAAAAIAI&h=Ag&tr=5ogtadsdatatos.5ogtgasend.5ogt1pdatav2.5ccdadsfirst.5ccdpreautopii.5ccdadslast&ti=2ogtadsdatatos.2ogtgasend.2ogt1pdatav2.2ccdadsfirst.2ccdpreautopii.2ccdadslast&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&e=gtm.init&eid=0&u=AgAAAAAAIAAAAIAI&h=Ag&tr=5ogtadsdatatos.5ogtgasend.5ogt1pdatav2.5ccdadsfirst.5ccdpreautopii.5ccdadslast&ti=2ogtadsdatatos.2ogtgasend.2ogt1pdatav2.2ccdadsfirst.2ccdpreautopii.2ccdadslast&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 21:24:54 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

216.58.207.227

200 OK

45 kB

URL GET HTTP/3
fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44584, version 1.0\012- data
Size
45 kB (44584 bytes)
Hash
e04669366cda1aca21161f9e22bac3ae
157532ec5cdb07c395eb96aa6e9d0de1eeb869a7
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47

HTTP Headers

GET /s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:21 GMT
expires: Fri, 06 Dec 2024 05:00:21 GMT
cache-control: public, max-age=31536000
age: 145473
last-modified: Mon, 03 Apr 2023 20:46:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:58 GMT
expires: Fri, 06 Dec 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 145436
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:58 GMT
expires: Fri, 06 Dec 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 145436
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

js.center.io/identify.html

216.239.36.21

200 OK

2.0 kB

URL GET HTTP/2
js.center.io/identify.html
IP
216.239.36.21:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subjectjs.center.io
Fingerprint6E:F1:81:B3:07:D7:9A:09:58:BD:C4:D1:90:7A:13:93:42:CC:A2:AC
ValidityWed, 08 Nov 2023 17:06:29 GMT - Tue, 06 Feb 2024 17:50:58 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (612)
Size
2.0 kB (2016 bytes)
Hash
0ba3629e9c8b8af4c7a13d344978898a
c05b5c80e1eec6e630547ecfacf11eb86391e4b6
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

HTTP Headers

GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Cookie: centerVisitorId=bGq3jLRcGKQctsYFzvn4cV
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-cloud-trace-context: 36d4e5bae6cfe328235bc9d651b8bee2
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Fri, 08 Dec 2023 21:24:25 GMT
expires: Fri, 08 Dec 2023 21:29:25 GMT
cache-control: public, max-age=300
age: 30
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444z8812088355&_p=1702070700079&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1660508048.1702070701&ul=en-us&sr=1280x1024&_s=1&sid=1702070701&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&dt=Prepare%20for%20War&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=4362

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444z8812088355&_p=1702070700079&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1660508048.1702070701&ul=en-us&sr=1280x1024&_s=1&sid=1702070701&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&dt=Prepare%20for%20War&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=4362
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444z8812088355&_p=1702070700079&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1660508048.1702070701&ul=en-us&sr=1280x1024&_s=1&sid=1702070701&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&dt=Prepare%20for%20War&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=4362 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://go.behindthemarkets.com
date: Fri, 08 Dec 2023 21:24:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/pagead/1p-conversion/401032603/?random=1702070700467&cv=11&fst=1702070700467&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.google.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=1997705690.1702070700&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y

142.250.74.131

200 OK

63 B

URL GET HTTP/3
www.google.no/pagead/1p-conversion/401032603/?random=1702070700467&cv=11&fst=1702070700467&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.google.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=1997705690.1702070700&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

HTTP Headers

GET /pagead/1p-conversion/401032603/?random=1702070700467&cv=11&fst=1702070700467&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v873644296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&label=V9dYCNaPvNwDEJuLnb8B&hn=www.google.com&frm=0&tiba=Prepare%20for%20War&gtm_ee=1&auid=1997705690.1702070700&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.behindthemarkets.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 21:24:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=M8m8wKU9zxEvbxyryYiQ2B&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=bGq3jLRcGKQctsYFzvn4cV&sid=edAzTuB7XtcKiCoLLqhFzA&cid=lp-M8m8wKU9zxEvbxyryYiQ2B&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&rf=&rx=1280&ry=1024&tz=%2B00%3A00

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=M8m8wKU9zxEvbxyryYiQ2B&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=bGq3jLRcGKQctsYFzvn4cV&sid=edAzTuB7XtcKiCoLLqhFzA&cid=lp-M8m8wKU9zxEvbxyryYiQ2B&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&rf=&rx=1280&ry=1024&tz=%2B00%3A00
IP
35.192.151.63:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintD2:26:1B:32:86:04:7E:BC:23:DA:F4:A3:3C:63:D0:4C:34:D3:87:54
ValidityWed, 29 Nov 2023 14:30:48 GMT - Tue, 27 Feb 2024 14:30:47 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/events/capture?k=view&a=leadpage&l=M8m8wKU9zxEvbxyryYiQ2B&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=bGq3jLRcGKQctsYFzvn4cV&sid=edAzTuB7XtcKiCoLLqhFzA&cid=lp-M8m8wKU9zxEvbxyryYiQ2B&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&rf=&rx=1280&ry=1024&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: view.bb4wMKcXKB896PwqF4vMVT-default-prop.M8m8wKU9zxEvbxyryYiQ2B=1702070695000; Domain=api.leadpages.io; expires=Sat, 09 Dec 2023 21:24:55 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
x-request-id: 0545ig3au37kab0n6b30
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: https://go.behindthemarkets.com
Server: Stargate
Date: Fri, 08 Dec 2023 21:24:55 GMT
X-Forwarded-For: 91.90.42.154

fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/thumb/preview-5_0.jpg

151.101.129.91

200 OK

2.1 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/thumb/preview-5_0.jpg
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 107x60, components 3\012- data
Size
2.1 kB (2106 bytes)
Hash
77f30386a811a81b7f5719d065cd9cdf
8a2d65bf7c2feb1e927f2da8cc41f4c612b58cd3
ccd1c095f36d22ac57e0d479c5c360feac5c7b371fe1aa135ad696f895ededbd

HTTP Headers

GET /video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/thumb/preview-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2106
x-guploader-uploadid: ABPtcPrzwoFUg6WZBcFcWF8ALO8xzTlnjjM2VwO6x1G-cP8AXDIrS078s4dHnomMEuYRj263riYejvGqICWbQWXimGg55g
cache-control: public, max-age=31104000
expires: Sun, 27 Oct 2024 17:08:54 GMT
last-modified: Thu, 02 Nov 2023 16:11:30 GMT
etag: "77f30386a811a81b7f5719d065cd9cdf"
x-goog-generation: 1698941490014353
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2106
content-type: image/jpeg
x-goog-hash: crc32c=00eYXA==, md5=d/MDhqgRqBt/VxnQZc2c3w==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Fri, 08 Dec 2023 21:24:55 GMT
age: 2695874
x-served-by: cache-dfw-kdfw8210115-DFW, cache-bma1671-BMA
x-cache: HIT, HIT
x-cache-hits: 21928, 1
x-timer: S1702070696.552938,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

analytics-ingress-global.bitmovin.com/licensing

35.190.27.197

200 OK

77 B

URL POST HTTP/2
analytics-ingress-global.bitmovin.com/licensing
IP
35.190.27.197:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bitmovin.com
FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C
ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
40f9443d5dc02e385b00b24c1f570269
c0e65fe8f73334d638173b9e33eff4f36d913104
ea71115c171f3b6874e256a1ff1e30431229a21b584371e0b36eae66cb5d2d9f

HTTP Headers

POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 110
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: v1.59.3
date: Fri, 08 Dec 2023 21:24:55 GMT
content-type: application/json
content-length: 77
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/stream.mpd

151.101.129.91

200 OK

22 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/stream.mpd
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
22 kB (22326 bytes)
Hash
81b3426fe85ce80363fb82490cc622a7
ce9382ca7d26426dd024e04ca5fac5fbd768f920
7c0f8fa1338740f6e93a4b97de2d837519fba9ce1098720847ec659b5aba9388

HTTP Headers

GET /video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/stream.mpd HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 22326
x-guploader-uploadid: ABPtcPo-vQO9_Yx7ibQ60CGztsnIv166sMAg2Q5xyQV7noFxSZJ4Uyu5mbhMz-1KjbzbQz6usq36qSV1wSrXR2i_dIUZbzp2crBU
cache-control: public, max-age=31104000
expires: Sun, 27 Oct 2024 17:08:54 GMT
last-modified: Thu, 02 Nov 2023 16:47:49 GMT
etag: "81b3426fe85ce80363fb82490cc622a7"
x-goog-generation: 1698943669327110
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 22326
content-type: application/dash+xml
x-goog-hash: crc32c=xWJemw==, md5=gbNCb+hc6ANj+4JJDMYipw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Fri, 08 Dec 2023 21:24:55 GMT
age: 3125761
x-served-by: cache-dfw-kdal2120100-DFW, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 487, 4
x-timer: S1702070696.765007,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ

107.178.211.97

200 OK

43 B

URL GET HTTP/2
stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /awesome-log?cid=PzpZ_7KZ HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "PzpZ_7KZ/PmNcb7AzoBG2kPwE"
date: Fri, 08 Dec 2023 21:24:55 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
X-Firefox-Spdy: h2

fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/480x270_h264_1000000/init.mp4

151.101.129.91

200 OK

875 B

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/480x270_h264_1000000/init.mp4
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
ISO Media, MP4 v1 [ISO 14496-1:ch13]\012- data
Size
875 B (875 bytes)
Hash
185d21587e817cc769768ce36cf06245
6b40ba7bd2c67ff0ea67daa3688c2ec41c78ca3e
04d08e2cc433fed84575d5c975b25353d97fe9a76846ee3e940cb38ef08e9310

HTTP Headers

GET /video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/480x270_h264_1000000/init.mp4 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 875
x-guploader-uploadid: ABPtcPrWg1eDej32t5oP50Yas_bdhrSGiIuKHF41kuy6npEIARXTwGlwmuHVu6dUPGfc1oScTTee5u0qgFCESSlCFVupaA
cache-control: public, max-age=31104000
expires: Tue, 05 Nov 2024 00:16:38 GMT
last-modified: Thu, 02 Nov 2023 16:46:15 GMT
etag: "185d21587e817cc769768ce36cf06245"
x-goog-generation: 1698943575718502
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 875
content-type: video/mp4
x-goog-hash: crc32c=bt3y4g==, md5=GF0hWH6BfMdpdozjbPBiRQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Fri, 08 Dec 2023 21:24:56 GMT
age: 2408897
x-served-by: cache-dfw-kdal2120115-DFW, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 3671, 2
x-timer: S1702070696.080117,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/init.mp4

151.101.129.91

200 OK

826 B

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/init.mp4
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
ISO Media, MP4 v1 [ISO 14496-1:ch13]\012- data
Size
826 B (826 bytes)
Hash
4a90cf81474a134fd4c04364ba95f2fd
d943d920f8846f1c3903d8c0d7e37ddb5af2fd4a
0832aa91aca8d5bbc50894ed6ef12223908a8ba77dd866d4c43d48741e75c0f1

HTTP Headers

GET /video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/init.mp4 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 826
x-guploader-uploadid: ABPtcPo84AlDu9l1I5Kau0AhxMP8nVUTph5-C_W_4vVcHX8lA7IoahLNJMIJlRj9UpkQsShdnmhwzeO1307uVgZZFHhA7A
x-goog-generation: 1698943669002767
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 826
x-goog-hash: crc32c=6k0utw==, md5=SpDPgUdKE0/UwENkupXy/Q==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
expires: Sun, 27 Oct 2024 16:49:50 GMT
cache-control: public, max-age=31104000
last-modified: Thu, 02 Nov 2023 16:47:49 GMT
etag: "4a90cf81474a134fd4c04364ba95f2fd"
content-type: video/mp4
x-lb-backend: gcs-prod
x-lb-cache: hit
accept-ranges: bytes
date: Fri, 08 Dec 2023 21:24:56 GMT
age: 1955606
x-served-by: cache-dfw-kdfw8210090-DFW, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 9107, 2
x-timer: S1702070696.084320,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=*&eid=20&u=AgAAAAAAIAAAAIAI&h=Ag&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=*&eid=20&u=AgAAAAAAIAAAAIAI&h=Ag&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=*&eid=20&u=AgAAAAAAIAAAAIAI&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 21:24:56 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4566
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Fri, 08 Dec 2023 21:24:56 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=48,270,246,567,5,834,1386,1403,4042,4042

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=48,270,246,567,5,834,1386,1403,4042,4042
IP
35.192.151.63:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintD2:26:1B:32:86:04:7E:BC:23:DA:F4:A3:3C:63:D0:4C:34:D3:87:54
ValidityWed, 29 Nov 2023 14:30:48 GMT - Tue, 27 Feb 2024 14:30:47 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=48,270,246,567,5,834,1386,1403,4042,4042 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
x-request-id: 0545igadt73jil4ej1r0
Date: Fri, 08 Dec 2023 21:24:56 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154

licensing.bitmovin.com/licensing

35.227.229.24

200 OK

165 B

URL POST HTTP/2
licensing.bitmovin.com/licensing
IP
35.227.229.24:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bitmovin.com
FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C
ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
165 B (165 bytes)
Hash
bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

HTTP Headers

POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 154
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Fri, 08 Dec 2023 21:24:56 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 291
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Fri, 08 Dec 2023 21:24:56 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=4MWX3CpRmdVTpww4SfDbRm&kind=timer&label=lb_embed_leadbox_load&value=802

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=4MWX3CpRmdVTpww4SfDbRm&kind=timer&label=lb_embed_leadbox_load&value=802
IP
35.192.151.63:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintD2:26:1B:32:86:04:7E:BC:23:DA:F4:A3:3C:63:D0:4C:34:D3:87:54
ValidityWed, 29 Nov 2023 14:30:48 GMT - Tue, 27 Feb 2024 14:30:47 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=4MWX3CpRmdVTpww4SfDbRm&kind=timer&label=lb_embed_leadbox_load&value=802 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
x-request-id: 0545igb6s735skp9v6g0
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-origin: https://go.behindthemarkets.com
Server: Stargate
Date: Fri, 08 Dec 2023 21:24:56 GMT
X-Forwarded-For: 91.90.42.154

fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/480x270_h264_1000000/1.m4s

151.101.129.91

200 OK

64 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/480x270_h264_1000000/1.m4s
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
data
Size
64 kB (63820 bytes)
Hash
0c25b9c53dd1b37b8d1587cbf269af11
20e0d23cbce2a46ebba0fdf5cbb5b4c275c2f863
17c214a29c6cb358c3cba4bb789b4628a9274120e2f19c9509d377c74dc08850

HTTP Headers

GET /video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/video/480x270_h264_1000000/1.m4s HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 63820
x-guploader-uploadid: ABPtcPpYt8UpS3W-iuz7lzWouE7GJCkn7-ZAuJTnimoC4qShOw9cHU2ntFn5ut1auhxC70m8NYEfNY4VAPDdJw0C5pGb0A
cache-control: public, max-age=31104000
expires: Mon, 11 Nov 2024 06:49:35 GMT
last-modified: Thu, 02 Nov 2023 16:46:08 GMT
etag: "0c25b9c53dd1b37b8d1587cbf269af11"
x-goog-generation: 1698943568822090
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63820
content-type: video/iso.segment
x-goog-hash: crc32c=p5NXLw==, md5=DCW5xT3Rs3uNFYfL8mmvEQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Fri, 08 Dec 2023 21:24:56 GMT
age: 1866922
x-served-by: cache-dfw-kdfw8210171-DFW, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 95, 2
x-timer: S1702070696.328703,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/1.m4s

151.101.129.91

200 OK

40 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/1.m4s
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
data
Size
40 kB (39784 bytes)
Hash
e5ef389460c25bb76db86f5d24bb60ec
35ff8a80a5567254aef4d042bd247d862a027302
d00c24b77f0cce63c40f8ebaf2812e1993279615e26f58b8d49c794bcf3c82a8

HTTP Headers

GET /video/PzpZ_7KZ/cb05rTXvHL_CVM0d/114799/116535__FFMPEG/m4s/audio/aac_96000/1.m4s HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 39784
x-guploader-uploadid: ABPtcPr11j60TrpAtTxWjgLz1jRdEbRX7f43ObGoaF5GPqjAYWbk5Myv6cOxagmEYVHS_kHz27aLElkQ2emkAxGo0QEkuALmjm0J
cache-control: public, max-age=31104000
expires: Sun, 27 Oct 2024 17:08:54 GMT
last-modified: Thu, 02 Nov 2023 16:47:43 GMT
etag: "e5ef389460c25bb76db86f5d24bb60ec"
x-goog-generation: 1698943663546288
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 39784
content-type: video/iso.segment
x-goog-hash: crc32c=+384bA==, md5=5e84lGDCW7dtuG9dJLtg7A==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Fri, 08 Dec 2023 21:24:56 GMT
age: 644336
x-served-by: cache-dfw-kdfw8210164-DFW, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 689, 2
x-timer: S1702070696.335126,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.load&eid=21&u=AgAAAAAAIAAAAIAI&h=Ag&z=0

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.load&eid=21&u=AgAAAAAAIAAAAIAI&h=Ag&z=0
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?id=AW-401032603&v=3&t=t&pid=1752402236&cv=2&rv=3bt0&tc=7&es=1&e=gtm.load&eid=21&u=AgAAAAAAIAAAAIAI&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 21:24:56 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 908
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Fri, 08 Dec 2023 21:24:56 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=mfb2SKjfTdgThxFSQHkMDW&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=282,247,1

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=mfb2SKjfTdgThxFSQHkMDW&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=282,247,1
IP
35.192.151.63:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintD2:26:1B:32:86:04:7E:BC:23:DA:F4:A3:3C:63:D0:4C:34:D3:87:54
ValidityWed, 29 Nov 2023 14:30:48 GMT - Tue, 27 Feb 2024 14:30:47 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=mfb2SKjfTdgThxFSQHkMDW&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=282,247,1 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
x-request-id: 0545ih3av3s6ic1tc6l0
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-origin: https://btm-btm-btm.lpages.co
Server: Stargate
Date: Fri, 08 Dec 2023 21:24:59 GMT
X-Forwarded-For: 91.90.42.154

api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=VdVmckd3RyAYtiP4vBDUwp&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=313,797,1,771

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=VdVmckd3RyAYtiP4vBDUwp&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=313,797,1,771
IP
35.192.151.63:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintD2:26:1B:32:86:04:7E:BC:23:DA:F4:A3:3C:63:D0:4C:34:D3:87:54
ValidityWed, 29 Nov 2023 14:30:48 GMT - Tue, 27 Feb 2024 14:30:47 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=VdVmckd3RyAYtiP4vBDUwp&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=313,797,1,771 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
x-request-id: 0545ih97b3uurklognt0
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-origin: https://go.behindthemarkets.com
Server: Stargate
Date: Fri, 08 Dec 2023 21:25:00 GMT
X-Forwarded-For: 91.90.42.154

region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444z8812088355&_p=1702070700079&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1660508048.1702070701&ul=en-us&sr=1280x1024&_s=2&sid=1702070701&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&dt=Prepare%20for%20War&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=1660508048.1702070701.&upn.variant_id=0&upn.experiment_id=0&tfd=9757

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444z8812088355&_p=1702070700079&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1660508048.1702070701&ul=en-us&sr=1280x1024&_s=2&sid=1702070701&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&dt=Prepare%20for%20War&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=1660508048.1702070701.&upn.variant_id=0&upn.experiment_id=0&tfd=9757
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je3bt0v874108444z8812088355&_p=1702070700079&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1660508048.1702070701&ul=en-us&sr=1280x1024&_s=2&sid=1702070701&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fprepare-for-war-video-1%2F%3F_ef_transaction_id%3D632a495ea2264b468afba4d9c7385c64%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3414994811412273154%26iocid%3D%26aff%3D5%26oid%3D35&dt=Prepare%20for%20War&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=1660508048.1702070701.&upn.variant_id=0&upn.experiment_id=0&tfd=9757 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://go.behindthemarkets.com
date: Fri, 08 Dec 2023 21:25:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 206
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Fri, 08 Dec 2023 21:25:01 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 206
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Fri, 08 Dec 2023 21:25:06 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35

35.202.21.90

200 OK

98 kB

URL User Request GET HTTP/2
go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
IP
35.202.21.90:443
ASN
#15169 GOOGLE

Certificate
IssuerLet's Encrypt
Subjectgo.behindthemarkets.com
FingerprintD6:BF:5C:18:00:A3:50:1B:0D:54:2F:58:6D:AF:A5:79:AA:DA:36:7D
ValiditySun, 26 Nov 2023 09:58:46 GMT - Sat, 24 Feb 2024 09:58:45 GMT

File type

Size
98 kB (98017 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35 HTTP/1.1
Host: go.behindthemarkets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 21:24:52 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: no-cache
x-cache: MISS, HIT
last-modified: Mon, 06 Nov 2023 13:28:30 GMT
etag: W/"8a7e3981de8a8487b800ced517b15d81"
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

142.250.74.106

200 OK

27 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
27 kB (27240 bytes)
Hash
fece6d50e4cbd92badab27e35c0308e7
6cc941b3ddd74495efa39051fb71975f20935347
eabd132c74d36305cc8685001eb2d2630fcd8125a50a3b1fd135e49f25b10235

HTTP Headers

GET /css?family=Rozha+One:300,400,500,700|Raleway:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 21:24:53 GMT
date: Fri, 08 Dec 2023 21:24:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

behindthemarkets.app.optipub.com/sdk/sdk.js

34.225.139.193

200 OK

17 kB

URL GET HTTP/1.1
behindthemarkets.app.optipub.com/sdk/sdk.js
IP
34.225.139.193:443
ASN
#14618 AMAZON-AES

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerAmazon
Subjectoptipub.com
FingerprintD7:4F:E8:15:5A:7D:96:91:9E:F1:FD:96:82:F7:6E:16:7D:CD:AC:54
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (17248), with no line terminators
Size
17 kB (17248 bytes)
Hash
e07901ec63e28b970a5aeb7c7bee1958
d6fe3cf6b202b29e97b1b9656bb9c7cdd7b30737
d59a74862cc6c91ca00868fe7af4d67ee75532aab80a7c4f9922b50a8691d81f

HTTP Headers

GET /sdk/sdk.js HTTP/1.1
Host: behindthemarkets.app.optipub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 21:24:53 GMT
Server: Apache/2.4.58 () OpenSSL/1.0.2k-fips PHP/7.3.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
X-Powered-By: PHP/7.3.33
Cache-Control: max-age=3600, private
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6633
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=4MWX3CpRmdVTpww4SfDbRm&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=258,1,RLh4RnBHt8S8rsns3Gvxq9

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=4MWX3CpRmdVTpww4SfDbRm&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=258,1,RLh4RnBHt8S8rsns3Gvxq9
IP
35.192.151.63:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintD2:26:1B:32:86:04:7E:BC:23:DA:F4:A3:3C:63:D0:4C:34:D3:87:54
ValidityWed, 29 Nov 2023 14:30:48 GMT - Tue, 27 Feb 2024 14:30:47 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=4MWX3CpRmdVTpww4SfDbRm&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=258,1,RLh4RnBHt8S8rsns3Gvxq9 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
x-request-id: 0545ifvrurhhubgaujig
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-origin: https://go.behindthemarkets.com
Server: Stargate
Date: Fri, 08 Dec 2023 21:24:54 GMT
X-Forwarded-For: 91.90.42.154

verifiedwebpage.com/go?ehash=2ca5a957acf533363c9b27077151121c&product=2441&ar=48&cid=139350&lid=cc64e73c59159ed629a91a705fe6c4c2&slhash=63293&mtaid=[s7]&cid2=[s8]

188.114.96.1

302 Found

98 kB

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=2ca5a957acf533363c9b27077151121c&product=2441&ar=48&cid=139350&lid=cc64e73c59159ed629a91a705fe6c4c2&slhash=63293&mtaid=[s7]&cid2=[s8]
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
Fingerprint0D:F8:EF:F4:23:CD:FB:7E:DE:C7:29:3C:B4:F7:A4:CE:6A:FB:89:AB
ValiditySat, 14 Oct 2023 13:52:56 GMT - Fri, 12 Jan 2024 13:52:55 GMT

File type

Size
98 kB (98017 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go?ehash=2ca5a957acf533363c9b27077151121c&product=2441&ar=48&cid=139350&lid=cc64e73c59159ed629a91a705fe6c4c2&slhash=63293&mtaid=[s7]&cid2=[s8] HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 08 Dec 2023 21:24:51 GMT
content-type: text/html; charset=UTF-8
location: https://www.behindthemarkets-btm.com/7BZ2W/2PKWQ8/?sub1=3414994811412273154
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=843ca64100aada7e3272b7974dfd6f4b; path=/
pixel_session_hash_2441=3414994811412273154; expires=Sun, 07-Jan-2024 21:24:51 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_2441=f2375cbb7fc5419e5254ff5f91fcbb2ec9752aaa8f6fb5d8312f7cf9fa1bea55; expires=Sun, 10-Dec-2023 21:24:51 GMT; Max-Age=172800
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7CCcmiUD10binx%2F3b4unspTR2AeZzqywV8x8XDAuUlz246%2BWHnV%2BFHdogVSam8GuUpwFiPLNbqV57e5B6%2FOcyvMljv49wwuR0N1qM4Lf9jVfZWu7ZX1wSW51xXzokhMvuOqBAO1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832813d9e85570f7-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.behindthemarkets-btm.com/7BZ2W/2PKWQ8/?sub1=3414994811412273154

188.114.96.1

302 Found

98 kB

URL User Request GET HTTP/2
www.behindthemarkets-btm.com/7BZ2W/2PKWQ8/?sub1=3414994811412273154
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectbehindthemarkets-btm.com
Fingerprint90:FD:E6:D2:26:0E:7C:0D:2B:34:E4:B8:E0:73:40:2A:56:2A:7E:DB
ValidityTue, 31 Oct 2023 11:19:13 GMT - Mon, 29 Jan 2024 11:19:12 GMT

File type

Size
98 kB (98017 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /7BZ2W/2PKWQ8/?sub1=3414994811412273154 HTTP/1.1
Host: www.behindthemarkets-btm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 08 Dec 2023 21:24:51 GMT
content-type: text/html; charset=utf-8
location: https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
set-cookie: uniqueClick_2PKWQ8=540ce774-dc71-4aa8-982e-f5e2eb416823:1702070691; Path=/; Expires=Sat, 09 Dec 2023 21:24:51 GMT; SameSite=None
transaction_id=632a495ea2264b468afba4d9c7385c64; Path=/; Expires=Thu, 07 Mar 2024 21:24:51 GMT; SameSite=None
vary: Origin
x-eflow-request-id: a4183ca3-a6a2-4ca2-b5c0-21884a3064ce
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kM74ZN5uB76PnoDNP64%2BNq6iuSgO1wHi8VrteC09V76dIauTgi7zeC2iweTv3FG7%2BBQMtIl95M0r7CgDSZ%2FjmAEaICmQbcmUdPegRYNm92JC%2BwTDuCgAiZLEZOQRAglcTGybsI1E2pOtC8ThyYC2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832813dfddcdd943-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/prepare-for-war-video-1/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&utm_source=5&utm_campaign=&utm_medium=&id=3414994811412273154&iocid=&aff=5&oid=35
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Size
48 kB (48208 bytes)
Hash
c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

HTTP Headers

GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:02:45 GMT
expires: Fri, 06 Dec 2024 16:02:45 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
age: 105728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700

142.250.74.106

200 OK

12 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/RLh4RnBHt8S8rsns3Gvxq9/?_ef_transaction_id=632a495ea2264b468afba4d9c7385c64&aff=5&id=3414994811412273154&iocid=&oid=35&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
12 kB (12444 bytes)
Hash
1ed9670a381b2c533ea5749eceaeb96d
68636951a53940f7d7b12f3d694a60dc5a9033aa
501c7d76cd9df45e974caf4a7bce411290d032e841df5ae74b690f0bc794e387

HTTP Headers

GET /css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 21:24:54 GMT
date: Fri, 08 Dec 2023 21:24:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash