exoduseffect.com Open in urlscan Pro
2606:4700:3108::ac42:2912 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.blueheronhealthnews.net/click.html?x=a62e&lc=meK&mc=5&s=Cqhz&u=9&z=Rk1gKZM&
Effective URL:
https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBeli...
Submission: On July 20 via manual (July 20th 2022, 5:58:20 am UTC) from IN — Scanned from DE

Summary HTTP 110 Redirects Behaviour Indicators

Summary

This website contacted 55 IPs in 8 countries across 48 domains to perform 110 HTTP transactions. The main IP is 2606:4700:3108::ac42:2912, located in United States and belongs to CLOUDFLARENET, US. The main domain is exoduseffect.com. The Cisco Umbrella rank of the primary domain is 831631.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 27th 2022. Valid for: a year.

This is the only time exoduseffect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.160.72.23 104.160.72.23	46469 (GETRESPON...) (GETRESPONSE-IMPLIX)
1 1	18.233.68.85 18.233.68.85	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:310... 2606:4700:3108::ac42:2912	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:c00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.140 178.250.2.140	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	195.201.240.51 195.201.240.51	24940 (HETZNER-AS) (HETZNER-AS)
3	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.206.178 52.222.206.178	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b140:a190:a48a:e192:6627	14618 (AMAZON-AES) (AMAZON-AES)
1	52.7.56.125 52.7.56.125	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
5 6	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	23.23.180.42 23.23.180.42	14618 (AMAZON-AES) (AMAZON-AES)
4	2.16.241.99 2.16.241.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.209.74.230 34.209.74.230	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.156.141.237 35.156.141.237	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:600:1b:832b:ac00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.76.200.219 54.76.200.219	16509 (AMAZON-02) (AMAZON-02)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.224.57.214 3.224.57.214	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.223 64.202.112.223	23352 (SERVERCEN...) (SERVERCENTRAL)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.158.225.163 35.158.225.163	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.202.68.9 52.202.68.9	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.156.247.58 54.156.247.58	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:5071:4299:50e2:8b7b	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:224... 2600:9000:224a:b400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	18.66.2.102 18.66.2.102	16509 (AMAZON-02) (AMAZON-02)
2	78.47.243.139 78.47.243.139	24940 (HETZNER-AS) (HETZNER-AS)
1 2	54.154.32.144 54.154.32.144	16509 (AMAZON-02) (AMAZON-02)
1	52.25.10.74 52.25.10.74	16509 (AMAZON-02) (AMAZON-02)
1	34.250.36.127 34.250.36.127	16509 (AMAZON-02) (AMAZON-02)
2	88.198.239.117 88.198.239.117	24940 (HETZNER-AS) (HETZNER-AS)
1	3.128.220.23 3.128.220.23	16509 (AMAZON-02) (AMAZON-02)
110	55

1 104.160.72.23 (United States) 1 redirects

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: mta-3.blueheronhealthnews.net

www.blueheronhealthnews.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.233.68.85 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-68-85.compute-1.amazonaws.com

tr.rightwayshow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

handsinair.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
theexoduseffect.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3108::ac42:2912 (United States)

ASN13335 (CLOUDFLARENET, US)

exoduseffect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:c00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.140 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.240.51 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cache-05.pushwoosh.com

cdn.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-178.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:a190:a48a:e192:6627 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.56.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-56-125.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::13 (France) 5 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.23.180.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-180-42.compute-1.amazonaws.com

175132.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
175132.t.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.241.99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-99.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.209.74.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-74-230.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.150 (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.62 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.141.237 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-141-237.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:600:1b:832b:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cotads.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.200.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-200-219.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.57.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-57-214.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.223 (Harrodsburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.225.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-225-163.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.68.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-68-9.compute-1.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.247.58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-247-58.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:5071:4299:50e2:8b7b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:b400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.96.200.41 (Norfolk, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.2.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-102.txl50.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.47.243.139 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.139.243.47.78.clients.your-server.de

cp.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.32.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-32-144.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.10.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-10-74.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.36.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-36-127.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.239.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: r1-front-14.pushwoosh.com

redhotm.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.128.220.23 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-220-23.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	exoduseffect.com exoduseffect.com — Cisco Umbrella Rank: 831631	488 KB
14	criteo.com 8 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4345 gum.criteo.com — Cisco Umbrella Rank: 410 mug.criteo.com — Cisco Umbrella Rank: 2434 sslwidget.criteo.com — Cisco Umbrella Rank: 1616 widget.us.criteo.com — Cisco Umbrella Rank: 18816 dis.criteo.com — Cisco Umbrella Rank: 775 widget.eu.criteo.com — Cisco Umbrella Rank: 19207	30 KB
10	gstatic.com fonts.gstatic.com	175 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 2072 q.stripe.com — Cisco Umbrella Rank: 15477 m.stripe.com — Cisco Umbrella Rank: 1734	79 KB
7	pushwoosh.com cdn.pushwoosh.com — Cisco Umbrella Rank: 30754 cp.pushwoosh.com — Cisco Umbrella Rank: 51037 redhotm.pushwoosh.com — Cisco Umbrella Rank: 258270	136 KB
5	hyros.com 175132.tracking.hyros.com — Cisco Umbrella Rank: 395018 175132.t.hyros.com — Cisco Umbrella Rank: 396184	24 KB
5	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 3802 rp.liadm.com — Cisco Umbrella Rank: 2631 rp4.liadm.com — Cisco Umbrella Rank: 9695 i.liadm.com — Cisco Umbrella Rank: 580 i6.liadm.com — Cisco Umbrella Rank: 1601	13 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	577 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 138 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 223	3 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1039	89 KB
3	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3689 cotads.adscale.de — Cisco Umbrella Rank: 8231	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	194 KB
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4545 api.amplitude.com — Cisco Umbrella Rank: 1378	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 350 fonts.googleapis.com — Cisco Umbrella Rank: 81	8 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	137 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 213	2 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2241	18 KB
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3240	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 692	853 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 850	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 315	1 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1573	268 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 492	501 B
1	aralego.com sync.aralego.com — Cisco Umbrella Rank: 2234	413 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 681	239 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1961	220 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 448	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1686	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1227	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 663	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 563	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 372	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 664	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 750	476 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1467	40 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 566	785 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 365	340 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1382	235 B
1	google.cz www.google.cz — Cisco Umbrella Rank: 22849	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 17	548 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 134	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1393	5 KB
1	theexoduseffect.co 1 redirects theexoduseffect.co	1 KB
1	handsinair.co 1 redirects handsinair.co	695 B
1	rightwayshow.co 1 redirects tr.rightwayshow.co — Cisco Umbrella Rank: 570874	639 B
1	blueheronhealthnews.net 1 redirects www.blueheronhealthnews.net	2 KB
110	48

	Domain	Requested by
16	exoduseffect.com	exoduseffect.com static.cloudflareinsights.com cdn.pushwoosh.com
10	fonts.gstatic.com	fonts.googleapis.com
6	gum.criteo.com	5 redirects dynamic.criteo.com
4	175132.t.hyros.com	175132.tracking.hyros.com
4	www.facebook.com	exoduseffect.com
4	analytics.tiktok.com	exoduseffect.com analytics.tiktok.com
3	q.stripe.com	exoduseffect.com
3	connect.facebook.net	exoduseffect.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	js.stripe.com	exoduseffect.com js.stripe.com
3	cdn.pushwoosh.com	exoduseffect.com
3	www.googletagmanager.com	exoduseffect.com
2	redhotm.pushwoosh.com	cdn.pushwoosh.com
2	dpm.demdex.net	1 redirects
2	cp.pushwoosh.com	cdn.pushwoosh.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	ad.yieldlab.net
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ih.adscale.de	2 redirects
2	ib.adnxs.com	2 redirects
2	widget.eu.criteo.com
2	dis.criteo.com	2 redirects
2	x.bidswitch.net	1 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	api.amplitude.com	cdn.amplitude.com
2	fonts.googleapis.com	exoduseffect.com ajax.googleapis.com
1	s.thebrighttag.com
1	aa.agkn.com
1	m.stripe.com	m.stripe.network
1	sync.aralego.com
1	s.ad.smaato.net
1	i6.liadm.com
1	i.liadm.com	1 redirects
1	sync-criteo.ads.yieldmo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	idsync.rlcdn.com
1	visitor.omnitagjs.com
1	cotads.adscale.de
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com	exoduseffect.com
1	sslwidget.criteo.com	1 redirects
1	www.google.cz	exoduseffect.com
1	www.google.com	exoduseffect.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	mug.criteo.com	exoduseffect.com
1	175132.tracking.hyros.com	exoduseffect.com
1	www.googleadservices.com	www.googletagmanager.com
1	rp4.liadm.com	exoduseffect.com
1	rp.liadm.com	1 redirects
1	cdn.amplitude.com	exoduseffect.com
1	static.cloudflareinsights.com	exoduseffect.com
1	ajax.googleapis.com	exoduseffect.com
1	dynamic.criteo.com	exoduseffect.com
1	b-code.liadm.com	exoduseffect.com
1	theexoduseffect.co	1 redirects
1	handsinair.co	1 redirects
1	tr.rightwayshow.co	1 redirects
1	www.blueheronhealthnews.net	1 redirects
110	68

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-27` - `2023-05-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.pushwoosh.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-28` - `2022-07-27`	3 months	crt.sh
tracking.hyros.com Amazon	`2022-05-02` - `2023-05-31`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.cz GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
t.hyros.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-05-05` - `2023-06-03`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2022-10-19`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
Frame ID: 880D0D7D4EC47B1F241F73F31CBA21AC
Requests: 71 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=exoduseffect.com&origin=onetag
Frame ID: 313A4F27BE9903357717F88AE84909C9
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-b264dce0f6b368bd152098cad6b3c755.html
Frame ID: C2A8FF1CF71200C6DA69918F3083491C
Requests: 4 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-J4zkIi-BePsLUX6ketD6fr0UFhfN2OORJh0d3Q&expires=30
Frame ID: 7127B133FBEFB325221CA6617C1347A4
Requests: 27 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 888CB44B9B7E88B7395D363A17D759DE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Modern Health Discoveries

Page URL History Show full URLs

https://www.blueheronhealthnews.net/click.html?x=a62e&lc=meK&mc=5&s=Cqhz&u=9&z=Rk1gKZM& HTTP 302
https://tr.rightwayshow.co/d365f985-adc4-48cb-bca2-e20f599ea312?s1=BlueHeronHealthNews052422&s2=BlueHer... HTTP 302
https://handsinair.co/?a=82&c=277&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneW... HTTP 302
https://theexoduseffect.co/?a=82&c=277&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneW... HTTP 302
https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNew... Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

87 %
HTTPS

30 %
IPv6

48
Domains

68
Subdomains

55
IPs

8
Countries

1459 kB
Transfer

3088 kB
Size

62
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.blueheronhealthnews.net/click.html?x=a62e&lc=meK&mc=5&s=Cqhz&u=9&z=Rk1gKZM& HTTP 302
https://tr.rightwayshow.co/d365f985-adc4-48cb-bca2-e20f599ea312?s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1& HTTP 302
https://handsinair.co/?a=82&c=277&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8 HTTP 302
https://theexoduseffect.co/?a=82&c=277&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8&ckmguid=604799b2-7310-40c2-8a08-abc2f2769b60 HTTP 302
https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://rp.liadm.com/j?dtstmp=1658296694867&aid=a-06ld&se=e30&duid=875ea714f6f7--01g8d2yxyx0qwf1dw990t74z72&tna=v2.4.0&pu=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1658296694867&aid=a-06ld&se=e30&duid=875ea714f6f7--01g8d2yxyx0qwf1dw990t74z72&tna=v2.4.0&pu=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjIwYjI6ZTA4OmJhYzc%3D&n3pc=true

Request Chain 48

https://gum.criteo.com/sid/json?origin=onetag&domain=exoduseffect.com&sn=ChromeSyncframe&so=0&topUrl=exoduseffect.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=BdPIQnxGUVIyL0cxa01XSnREM3RVYTlEb29OY212RmowZ2g5N3BXNHQ0MGpxbmFaQkMrSFBiMGMzOHpvRDJzUjV2MDM0MmFWdDl0WG5VVUhnN2dtR1M4TGRBbzNGVjFVSjhmMVJidEhRQW1VVjZPakFxV3RWUGVjaDhHLzk5clM0NUd2V01TTDRQVU5MTS84djFyd3ZyYTNkTVZyVjNZd0o5a2ZDTlh5MVgzeXlxalVySmVyLzhyVHpGRWNEQUJHdENUT3pWSzU4WVFIamJiZUE4R3dEdDU5eFc1NkE4VW5raWNzZDN2RksxWlFBUmNVNGxXa05qTE5RZUliTmlibERGbS9zR1k2ZkxWOWVweUt2WDVVcWtFUXczMkVSUVVEcUVmN0F2SXV4OU5sVzdJWT18&cppv=2

Request Chain 53

https://sslwidget.criteo.com/event?a=95287&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=uqVDbV9QczJOaEkzOEk4dkQwb1VHRVJ5TExWQ1ppQ1B4eWQ4VnBkRTNvYlVTcmRMRzdyMmRXZDBVQUNQdDlzQnEzQkp5ZFJrWlNvMGpoTFFFWkVhOUlWVGF3JTJCbVdMdTlsTThMa1hUWXowUnhuUHZLUG8wQiUyQjVTUm14UW8lMkY5Z0o4ZGx1d3RwMmREOTVSbjhFczFOc3lQJTJCNnhZU3hEeUFNVVVIZWZ6NVdLSEg5Z1VQRSUzRA&tld=exoduseffect.com&dy=1&ful=402&fu=https%253A%252F%252Fexoduseffect.com%252Fmodern-health-og%253FaffId%253D82%2526c1%253DBlueHeronHealthNews052422%2526c2%253DBlueHeronHealthNews%2526c3%253DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%2526id%253D71162540%2526affid%253D82%2526cid%253D152%2526s1%253DBlueHeronHealthNews052422%2526s2%253DBlueHeronHealthNews%2526s3%253DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%2526s4%253DEmail35.1%2526s5%253Dw0m8bn8ljff2ddnhi141ai&dtycbr=61370 HTTP 302
https://widget.us.criteo.com/event?a=95287&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=uqVDbV9QczJOaEkzOEk4dkQwb1VHRVJ5TExWQ1ppQ1B4eWQ4VnBkRTNvYlVTcmRMRzdyMmRXZDBVQUNQdDlzQnEzQkp5ZFJrWlNvMGpoTFFFWkVhOUlWVGF3JTJCbVdMdTlsTThMa1hUWXowUnhuUHZLUG8wQiUyQjVTUm14UW8lMkY5Z0o4ZGx1d3RwMmREOTVSbjhFczFOc3lQJTJCNnhZU3hEeUFNVVVIZWZ6NVdLSEg5Z1VQRSUzRA&tld=exoduseffect.com&dy=1&ful=402&fu=https%253A%252F%252Fexoduseffect.com%252Fmodern-health-og%253FaffId%253D82%2526c1%253DBlueHeronHealthNews052422%2526c2%253DBlueHeronHealthNews%2526c3%253DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%2526id%253D71162540%2526affid%253D82%2526cid%253D152%2526s1%253DBlueHeronHealthNews052422%2526s2%253DBlueHeronHealthNews%2526s3%253DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%2526s4%253DEmail35.1%2526s5%253Dw0m8bn8ljff2ddnhi141ai&dtycbr=61370

Request Chain 63

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-J4zkIi-BePsLUX6ketD6fr0UFhfN2OORJh0d3Q&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-J4zkIi-BePsLUX6ketD6fr0UFhfN2OORJh0d3Q&expires=30

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XzbZky-BePsLUX6ketD6fr0UFhe7y98npl5lSQ&google_cm&google_hm=ay1YemJaa3ktQmVQc0xVWDZrZXRENmZyMFVGaGU3eTk4bnBsNWxTUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XzbZky-BePsLUX6ketD6fr0UFhe7y98npl5lSQ&google_gid=CAESEMrX54As-sUwUBkCbSOKdYQ&google_cver=1&google_ula=913071,0 HTTP 302
https://widget.eu.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XzbZky-BePsLUX6ketD6fr0UFhe7y98npl5lSQ&google_gid=CAESEMrX54As-sUwUBkCbSOKdYQ&google_cver=1&google_ula=913071,0

Request Chain 65

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2391904254307340872 HTTP 302
https://widget.eu.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2391904254307340872

Request Chain 66

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-xptycS-BePsLUX6ketD6fr0UFhdMusAiq3cvZg&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-xptycS-BePsLUX6ketD6fr0UFhdMusAiq3cvZg&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=56edef8492fb4ffabf604e4e48876d6e HTTP 307
https://cotads.adscale.de/ads/pixel/1by1.png?uid=a302bcf672d05a19dabd3aa8bcf873cdbdb8f21d5a63001d79a382e5b38a2ce8

Request Chain 68

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_761Fy-BePsLUX6ketD6fr0UFheOhT6Rttrofg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_761Fy-BePsLUX6ketD6fr0UFheOhT6Rttrofg&C=1

Request Chain 69

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-19SluS-BePsLUX6ketD6fr0UFhfeLaWoE3SiWQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-19SluS-BePsLUX6ketD6fr0UFhfeLaWoE3SiWQ

Request Chain 70

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=XLHj-47vALdFpwyupKlItTarpmIQEJuU

Request Chain 83

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-U-KrfS-BePsLUX6ketD6fr0UFhdrq6AESnoXiQ HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-U-KrfS-BePsLUX6ketD6fr0UFhdrq6AESnoXiQ

Request Chain 94

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=DP5nIoptiYJEmSQCfv7YO4lJoPTFrvT1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DP5nIoptiYJEmSQCfv7YO4lJoPTFrvT1

Request Chain 101

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=zNNatmil4oeP7pclzKdr826TZ3y2mv5V

Request Chain 105

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=olViI99wrVEq3ZZ0LwOOfL6Qd9Ifck-m

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request modern-health-og Show response
exoduseffect.com/
Redirect Chain

https://www.blueheronhealthnews.net/click.html?x=a62e&lc=meK&mc=5&s=Cqhz&u=9&z=Rk1gKZM&
https://tr.rightwayshow.co/d365f985-adc4-48cb-bca2-e20f599ea312?s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&
https://handsinair.co/?a=82&c=277&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
https://theexoduseffect.co/?a=82&c=277&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8&ckmg...
https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=B...

22 KB
9 KB

210ms
148ms

Document
text/html

2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec1cc44be5e7551c1ee37881754b7561d630c09d48e8a096755579dbd90da10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72d976c4ac9a9a2f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 20 Jul 2022 05:58:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNDvtJ%2B4c4BxuePqUVxBX%2Bo5Emt7GEr6eAmQiKrQlaWTL5LegqvT3Az4Alu7ozMdQNm8BQ9O5BYRa%2F%2FzGVktzq7ASIXxCRXfCo9SKHfsr7nNoLvAUoaHB40%2FnvmdamxqTg77d8CRv61zkmH4MN8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nosnippet

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 72d976c1a9d6695d-FRA
content-type: text/html; charset=utf-8
date: Wed, 20 Jul 2022 05:58:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5JSTQySvJaWxIw7bLGDYDEBZqnAofudaPThWyKVYVRz6P6CwV2rz6TUpoc8nlbA7%2BgbL6IXYzqkQJuiJHGIRiHG9ZOtdk6EqpDjd2ZqyidWQMq2NsVgxxMPyNPJXWdusrDcnJihrmYqKfU0WokE8AA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
42 KB 89ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-172780246-2

Requested by

Host: exoduseffect.com
URL: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1779463567d49a89ff96f57818df75e65f86276e01cb4442038d0a18ea68a624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42022
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Jul 2022 05:58:14 GMT

GET
H2 200 a-06ld.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 80ms
24ms Script
application/javascript 2600:9000:225e:c00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-06ld.min.js
Requested by: Host: exoduseffect.com
URL: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bbe7656b207b02a7d213b76bce8d50506c00ff0aa8e6b125484cdf2c0c73f2ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 09:12:44 GMT
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
age: 74730
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P4
content-encoding: gzip
x-amz-cf-id: y-R43zlbeDi5VCxPgfnnckVAfVdP6clKgbGj8hmlCmMOIvWIYl3T2Q==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
15 KB 91ms
30ms Script
application/javascript 178.250.2.140
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=95287

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

72b00aceb997e2010d37080f730409763a18030c18aed7af287663c50f65a7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:13 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 76ms
23ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 14:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 14:11:25 GMT

GET
H2 200 reset.css
exoduseffect.com/assets/style/ 923 B
839 B 122ms
115ms Stylesheet
text/css 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/assets/style/reset.css?v=10001

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c66125e56c6f77e4ae6e45ce3b9d29d46efbdb8919aa59d7261ecae9ff8675

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1270
x-robots-tag: noindex, noarchive, nosnippet
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: W/"4f6-593f4978bfbd3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzXww%2Fo5zmByD%2BVDn1sHvxPff6BKyiBZNd0cdNE9%2FObUPdhde%2Bl%2B3%2Fmlnp22LfPXEgebGi9uy8jnmEa9MzH9Dln7fThrVdpuEC0ZS8XJS74SarGZ%2FGaE2QsfhQ%2BhcbgaNPraeFcgcsew7HhWKcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 72d976c5bdca9a2f-FRA
cf-bgj: minify

GET
H2 200 global.css
exoduseffect.com/assets/style/ 6 KB
2 KB 120ms
114ms Stylesheet
text/css 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/assets/style/global.css?v=10017

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b983137077f81c960fff5bb7d0110705215444e15b4c0488b9bbf4c9897849ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8236
x-robots-tag: noindex, noarchive, nosnippet
last-modified: Thu, 29 Apr 2021 15:16:30 GMT
server: cloudflare
etag: W/"202c-5c11dfadc1393-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kj%2Fp%2F9Js1pjJ2Ql9NYtNutpO%2BFEn8icFt3pwP5tWQfK1%2FR0CcoD5pg3jdqB2mZ9ciBtkRPamExRT5GCL2s0VdB%2FE8EqM9%2FjVSL7h7UVJVvI%2F7fGex%2FUKzihXhkawGB76grG0r0TSe1SUsoy3Xs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 72d976c5cdcc9a2f-FRA
cf-bgj: minify

GET
H2 200 forms.css
exoduseffect.com/assets/style/ 5 KB
2 KB 33ms
28ms Stylesheet
text/css 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/assets/style/forms.css?v=10008

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1abfc16178b09de26b11065884d3afebe3c3c1c0a41ab099a83f7ebadd2f2d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5933
cf-polished: origSize=6825
x-robots-tag: noindex, noarchive, nosnippet
last-modified: Wed, 12 May 2021 02:57:31 GMT
server: cloudflare
etag: W/"1aa9-5c2192bf9993b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8I1uCt%2Btyzk4xrq3c5%2B56YLmlHRThniVTyGG%2FTwuAbO8%2ByEg4XXHjY%2BtJLqL9TLWx%2FvG%2FbQRs2U7lXsgActizaVnWqkjxVTCL59cm27WSYzBb8VpCn1xjHW3dlToIUQ5Xn%2BRm9pZ%2F%2FF0Is7Ab1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 72d976c5cdce9a2f-FRA
cf-bgj: minify

GET
H2 200 buttons.css
exoduseffect.com/assets/style/ 4 KB
1 KB 32ms
27ms Stylesheet
text/css 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/assets/style/buttons.css?v=10003

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef6e13231ec40eac8229a1af785e63b6e9b501d10e2b99fa6c301ddebd983692

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5964
cf-polished: origSize=5452
x-robots-tag: noindex, noarchive, nosnippet
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: W/"154c-593f4978bfbd3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWho5m4IkMQOqo8JfcC1rgqxDHMo%2B6mTRebNWpaafsu%2BCBaDzZeivhlkdxwe6KAeQBvNnt3rsm0bzvEkJ34oVzGRInI7nF9%2BWE8ToGVOSAIaK%2FLiVLXewzVofxoqcoY2D8l822jDb8eJrI895ho%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 72d976c5cdcf9a2f-FRA
cf-bgj: minify

GET
H2 200 jquery-2.2.0.min.js Show response
exoduseffect.com/assets/scripts/ 84 KB
31 KB 131ms
127ms Script
application/javascript 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/assets/scripts/jquery-2.2.0.min.js?v=10001

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
etag: W/"14e55-593f4978bec33-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YBxzkzjqI3994cMlcL3sYGZNgVyS%2Fyj6aCMOYedL3%2Ba61YkgJ0JxvkAjy5IZstsXkeHmykf3zeTIOl%2Fbw7OgM8hSyhZatFwNF940mgCcDQ4NC9I54THcs3cdBPkaevSGSHChWqc5RccPckWJeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
cf-ray: 72d976c5cdd19a2f-FRA
x-robots-tag: noindex, noarchive, nosnippet

GET
H2 200 global.js Show response
exoduseffect.com/assets/scripts/ 7 KB
3 KB 120ms
116ms Script
application/javascript 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/assets/scripts/global.js?v=10002

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a976576c30c8355b268f0503b84d260c4f3856bc7b5ce55cacc0ff4b5904595

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=12543
cf-ray: 72d976c5cdd29a2f-FRA
last-modified: Tue, 17 Nov 2020 17:16:11 GMT
server: cloudflare
etag: W/"30ff-5b450a6c6a087-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1q6tqtf6bezhnSZpGLDwqY8%2F6DI2RJkdTeGxCvJlfyLIxN%2FbV4CcOyEbvPE%2BBXH0HK%2FYFGqG5FU8%2BZXS8qpPJb3ZttAcNnaeQnDuP4ygdfQHw7KRyR0zNbmYeOmHOnzesibiQ1XxsjJ4W4r1HOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-bgj: minify

GET
H2 200 modernHealth.css
exoduseffect.com/assets/style/presell/ 1 KB
993 B 121ms
118ms Stylesheet
text/css 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/assets/style/presell/modernHealth.css?v=10014

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24f845bff92fbe1a77b9f0ad1e83c7f911647d1ce9c07811436360f6ecc8481e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1566
x-robots-tag: noindex, noarchive, nosnippet
last-modified: Wed, 02 Mar 2022 16:54:31 GMT
server: cloudflare
etag: W/"61e-5d93f22a89948-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuQSwIsFv4Ujb5qquwL4fpcPrRZMcz5XjjRhJthgTaLrRnDPW8Ufd3mowIaJT%2B7opbCecPu3aH%2FOmRVdU7CXep73CbQ7ovae6mPgJ9UGYZMsMZscrsqFVOrCG4zjrMebcM5HBq93b6HixFPw3WU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 72d976c5cdd09a2f-FRA
cf-bgj: minify

GET
H/1.1 200
OK pushwoosh-web-notifications.js Show response
cdn.pushwoosh.com/webpush/v3/ 197 KB
50 KB 159ms
60ms Script
application/javascript 195.201.240.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Requested by: Host: exoduseffect.com
URL: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.240.51 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cache-05.pushwoosh.com
Software: nginx /
Resource Hash: 84e00d3820f15af1b9f392b2164a50229e6d92ce1c4fae2f23c3b5c5f5dd071c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 05:58:15 GMT
Content-Encoding: gzip
X-Cache-Status: HIT
Transfer-Encoding: chunked
X-Amz-Storage-Class: STANDARD
Connection: keep-alive
Last-Modified: Tue, 12 Jul 2022 06:07:17 GMT
Server: nginx
Cache-Control: max-age=86400, public
ETag: W/"92302415f353a3a447c8365c158ee656"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-rgw-object-type: Normal
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
X-Proxy-Cache: HIT
Expires: Thu, 21 Jul 2022 05:58:15 GMT

GET
H2 200 logo_header.png
exoduseffect.com/assets/images/presells/ 2 KB
2 KB 142ms
136ms Image
image/webp 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exoduseffect.com/assets/images/presells/logo_header.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ad3abc86e39c697cbd14f2cd35d2a023ef906fd62d75f8232d569ec55e02d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4693
content-disposition: inline; filename="logo_header.webp"
content-length: 1748
x-robots-tag: noindex, noarchive, nosnippet
last-modified: Thu, 27 May 2021 16:48:56 GMT
server: cloudflare
etag: "1255-5c35288fa5ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBxGIqXu4G4gxsm09NNI%2Badff754rL%2BfyS13I9bHpgQH4hhlFHVoF004rc9%2FPf5tbBMa9WhDbpP%2FBZIO3SCyIpbNfORX%2Bh3RR%2BA9BwrzM56RyeBNnMe7y8h6unxVkItMb7q2murIRMoTyiiMjTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72d976c74f959a2f-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 graveyard.png
exoduseffect.com/assets/images/presells/modernHealth/ 419 KB
420 KB 121ms
115ms Image
image/webp 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exoduseffect.com/assets/images/presells/modernHealth/graveyard.png?v=10001

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86582d0955786b47d428cc5b400509070afff56dcd8d97341e0bab34595b0560

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=593031
content-disposition: inline; filename="graveyard.webp"
content-length: 429220
x-robots-tag: noindex, noarchive, nosnippet
last-modified: Mon, 16 Aug 2021 22:13:13 GMT
server: cloudflare
etag: "90c87-5c9b481ddb003"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzcFekYvFTWSXa24gEYneElgi1%2BtRZCwTHMShWVQRGvIjRIVKRU45sTI%2BQE3QI3kh6xmvGkIIKPSg%2Bk7C%2FI0T6jmW%2FC9VqnO%2Bltyiv9qNeB9v03%2BsST4gQTqRTlB0aOoCz3YftEum1myQuVwZRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72d976c74f979a2f-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 click_to_watch_video.png
exoduseffect.com/assets/images/presells/ 14 KB
14 KB 33ms
28ms Image
image/webp 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exoduseffect.com/assets/images/presells/click_to_watch_video.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3e27747d0305cf35aea9ad1adb1400624df2c279f1d367b6e5c7379391d35b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2233
cf-polished: origFmt=png, origSize=19721
content-disposition: inline; filename="click_to_watch_video.webp"
content-length: 13956
x-robots-tag: noindex, noarchive, nosnippet
last-modified: Thu, 27 May 2021 16:48:56 GMT
server: cloudflare
etag: "4d09-5c35288fa5ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM4pWUrghrak4ug91vucAfUN2cNtYn%2BZNtIEx6OcJxpovCDYiQ9OySR1dsvh%2B1XI8evP81Gfq2nfSAWhLsnDl3GP1BDvzmHmJupVqIBWETTIZC25CO6LugbgxdmKhcDCsUn06Q7Gl%2F2xeznpzb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 72d976c74f999a2f-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 / Show response
js.stripe.com/v3/ 319 KB
76 KB 295ms
22ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ee72ec2aeaf4009aafbdd583f50b0b12919156aba4b5935a4574b2841c545bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 53
x-cache: HIT
content-length: 77070
etag: "3781334316fbc9452884ce0c9afad8b5"
x-request-id: 02a34881-09bd-4c0e-a065-82c38bec2ca0
x-served-by: cache-hhn4077-HHN
access-control-allow-origin: *
last-modified: Tue, 19 Jul 2022 18:23:54 GMT
server: Fastly
date: Wed, 20 Jul 2022 05:58:15 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 112ms
60ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: exoduseffect.com
URL: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://exoduseffect.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 72d976c79a8e922f-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 93 KB
36 KB 41ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WW6NP2B

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fb0d060273ca4afd6d617b9fde599720b536c5074df155b18240b265876aa56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36558
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Jul 2022 05:58:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 168 KB
59 KB 49ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PP5N9TT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ded775fb6e7c927230db4e77d4c9daf076d4cf9fd65ec21aeb182e2a177cfc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60639
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Jul 2022 05:58:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172780246-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3137
date: Wed, 20 Jul 2022 05:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 20 Jul 2022 07:05:57 GMT

GET
H2 200 amplitude-7.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 59 KB
19 KB 84ms
26ms Script
application/javascript 52.222.206.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by: Host: exoduseffect.com
URL: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-178.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Referer: https://exoduseffect.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 01:43:24 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 3903291
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19222
access-control-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
server: AmazonS3
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: s_Q_sleM0zjEKIEDCod3dLg331_niJBIRb3PwDBupcshYcJyb1ajig==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 92ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora&display=swap

Requested by

Host: exoduseffect.com
URL: https://exoduseffect.com/assets/style/presell/modernHealth.css?v=10014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab127b8fa6eae69dfbfbe79c821b4511819e3e366ce802561c29d0acc93ec732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 05:58:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Jul 2022 05:58:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Jul 2022 05:58:14 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1658296694867&aid=a-06ld&se=e30&duid=875ea714f6f7--01g8d2yxyx0qwf1dw990t74z72&tna=v2.4.0&pu=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueH...
https://rp4.liadm.com/j?dtstmp=1658296694867&aid=a-06ld&se=e30&duid=875ea714f6f7--01g8d2yxyx0qwf1dw990t74z72&tna=v2.4.0&pu=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlue...

13 B
553 B

496ms
110ms

XHR
application/json

52.7.56.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1658296694867&aid=a-06ld&se=e30&duid=875ea714f6f7--01g8d2yxyx0qwf1dw990t74z72&tna=v2.4.0&pu=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjIwYjI6ZTA4OmJhYzc%3D&n3pc=true

Requested by

Protocol

Server

52.7.56.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-56-125.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
x-pixel-event-id: f766d000-738a-4701-9af8-77f6cdc1892a
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: b8f79b510316046c
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Wed, 20 Jul 2022 05:58:15 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1658296694867&aid=a-06ld&se=e30&duid=875ea714f6f7--01g8d2yxyx0qwf1dw990t74z72&tna=v2.4.0&pu=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjEwMTA6MjoxMDExOjIwYjI6ZTA4OmJhYzc%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://exoduseffect.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 58fb2f06f8dc4a01
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c98dd23111ee7a38d2a7256ee9756b4b069421c7584789f85a2c36cf46b3ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 05:58:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Jul 2022 05:58:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Jul 2022 05:58:14 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v25/ 19 KB
19 KB 118ms
65ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v25/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d707cc06b442a17dd58f0ed2176c626e6b7c5808d43c2bedf80136945c6994b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:22:14 GMT
x-content-type-options: nosniff
age: 41760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19068
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:50:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 18:22:14 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 313A 15 KB
6 KB 157ms
49ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=exoduseffect.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=95287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://exoduseffect.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 05:58:14 GMT
server-processing-duration-in-ticks: 1921
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 72ms
54ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:18:45 GMT
x-content-type-options: nosniff
age: 45569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19752
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 17:18:45 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 87ms
70ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 03:14:58 GMT
x-content-type-options: nosniff
age: 268996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jul 2023 03:14:58 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 98ms
81ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:16:54 GMT
x-content-type-options: nosniff
age: 45680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 17:16:54 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 92ms
75ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:08:53 GMT
x-content-type-options: nosniff
age: 110961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19816
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 23:08:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 40ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 134309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:39:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 103ms
87ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 125420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 63ms
47ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 147729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 12:56:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 105ms
89ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 134003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 46ms
30ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exoduseffect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 05:09:09 GMT
x-content-type-options: nosniff
age: 175745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 05:09:09 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 104ms
41ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PP5N9TT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:58:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 80ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: +ZPf8gf/gfwwjiJqimZZENSyxPRBECteQwBKgVtVSbiRGjrwzRCVrDFLRz90gcOnWd7Udth3Irpfi1zV1F3/aA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 20 Jul 2022 05:58:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 universal-script Show response
175132.tracking.hyros.com/v1/lst/ 23 KB
23 KB 462ms
223ms Script
text/plain 23.23.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!exoduseffect
Requested by: Host: exoduseffect.com
URL: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-180-42.compute-1.amazonaws.com
Software: /
Resource Hash: 9cba12a52d9475d30c0acfb64998c48eac7d8f3bc6a959a6ca5da668fd8943ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
access-control-allow-credentials: true
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/plain;charset=utf-8

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 126 KB
37 KB 220ms
122ms Script
application/javascript 2.16.241.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6TP3JRSVD35Q9TRPAO0&lib=ttq
Requested by: Host: exoduseffect.com
URL: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1eba8268d112d2903105c9b82da51799cd7467c382af9b3b94bcb41295d9c1dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220720055815010004003007735002062135FB8A3
vary: Accept-Encoding
x-cache: TCP_MISS from a2-16-240-35.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 98,2.16.240.35
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca795979c92352dfbcf00fdfbb32eee22dfa7ff6b56fc760092871044ab563f6fdd7cb5010fd2f571fbb9d2b3bb6b0cfcf26024ce73e545a1116f6a29397491c15e234d0995dd2c1a209d6c5a7a6a30638e8
server-timing: inner; dur=1, cdn-cache; desc=MISS, edge; dur=0, origin; dur=98
x-akamai-request-id: 1e67cafd
expires: Wed, 20 Jul 2022 05:58:15 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 73ms
28ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1944345120&t=pageview&_s=1&dl=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&ul=en-us&de=UTF-8&dt=Modern%20Health%20Discoveries&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1403404299&gjid=270301537&cid=1210159877.1658296695&tid=UA-172780246-2&_gid=732717623.1658296695&_r=1&gtm=2ou7i0&z=2033029628

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exoduseffect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
28ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1944345120&t=pageview&_s=1&dl=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&ul=en-us&de=UTF-8&dt=Modern%20Health%20Discoveries&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1711189447&gjid=1966450377&cid=1210159877.1658296695&tid=UA-172780246-2&_gid=732717623.1658296695&_r=1&gtm=2wg7i0PP5N9TT&z=923764649

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exoduseffect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 setAmplitudeDeviceId Show response
exoduseffect.com/ 5 B
569 B 164ms
163ms XHR
application/json 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/setAmplitudeDeviceId?amplitudeDeviceId=LA3veS1v8mESPk2Him69Uc

Requested by

Host: exoduseffect.com
URL: https://exoduseffect.com/assets/scripts/jquery-2.2.0.min.js?v=10001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10036cce39b0c2bfb70d5d1618f5806ddd2b0be75dd1b3656831f36b0db94bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: */*
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d976c8187f9a2f-FRA
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoO4SgT9U3Tjm7l%2BfBHm9ymnhXgCzuQXnnlEHEtB%2BCWKNXk8hcURCKZRwccoGPHEPAfq7GBv%2BYboxgHK8X4GxZKgIPKI%2BKykRJoWgFaStotW8Fm%2FaYh7kGHZDSxpNFKeStEnTDH1isRtmXubwqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://exoduseffect.com
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex, noarchive, nosnippet
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
206 B 619ms
202ms XHR
text/html 34.209.74.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.209.74.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-74-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 20 Jul 2022 05:58:15 GMT
trace-id: Root=1-62d79977-4438d4ed7d065a627d6795ce
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 import Show response
exoduseffect.com/click/ 458 B
578 B 912ms
911ms XHR
application/json 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/click/import

Requested by

Host: exoduseffect.com
URL: https://exoduseffect.com/assets/scripts/jquery-2.2.0.min.js?v=10001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91569057dc0449701f94bf73608363b785bd7adc1388d1d020d4149b528eb727

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: */*
Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72d976c838a39a2f-FRA
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4epzQQMOnUDuuGuRq9%2F8nBN3x%2FalpoVeRmzweELkJhmDRaYeg6MzjuqB7z3o9%2BVqWMPY9Jx46AliMUNAi9nx8KV%2FxLlJUdDzMCD6sQdezMXfvXBYXhY%2B%2BdDaH6wi%2FNPK0SXp%2BJxBgd3rQb0NBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://exoduseffect.com
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex, noarchive, nosnippet
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 rum Show response
exoduseffect.com/cdn-cgi/ 0
234 B 25ms
24ms XHR
text/plain 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://exoduseffect.com/modern-health-og
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://exoduseffect.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 72d976c838a49a2f-FRA
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 88ms
29ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-172780246-2&cid=1210159877.1658296695&jid=1711189447&gjid=1966450377&_gid=732717623.1658296695&_u=YEDAAUABAAAAAC~&z=987408724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Jul 2022 05:58:15 GMT
content-type: text/plain
access-control-allow-origin: https://exoduseffect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 88ms
30ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-172780246-2&cid=1210159877.1658296695&jid=1403404299&gjid=270301537&_gid=732717623.1658296695&_u=YEBAAUAAAAAAAC~&z=1937829472

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Jul 2022 05:58:15 GMT
content-type: text/plain
access-control-allow-origin: https://exoduseffect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 196687248304241 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 97ms
72ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/196687248304241?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13553f5d05692cd51a235c5c881c25e51a45a87d4edd158ad9943d353e9163cf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: AylGC/dpfvaNkvwCqkGnTwKQ/7yZ7Oj8UdabYB61BJHGrfNKzsl5kNiAo8hhMmuva8Lv02Ng+55bWxActV4FnQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 20 Jul 2022 05:58:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658296695183
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 313A
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=exoduseffect.com&sn=ChromeSyncframe&so=0&topUrl=exoduseffect.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=BdPIQnxGUVIyL0cxa01XSnREM3RVYTlEb29OY212RmowZ2g5N3BXNHQ0MGpxbmFaQkMrSFBiMGMzOHpvRDJzUjV2MDM0MmFWdDl0WG5VVUhnN2dtR1M4TGRBbzNGVjFVSjhmMVJidEhRQW1VVjZPakFxV3RWUGVjaDhHLz...

447 B
648 B

95ms
32ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=BdPIQnxGUVIyL0cxa01XSnREM3RVYTlEb29OY212RmowZ2g5N3BXNHQ0MGpxbmFaQkMrSFBiMGMzOHpvRDJzUjV2MDM0MmFWdDl0WG5VVUhnN2dtR1M4TGRBbzNGVjFVSjhmMVJidEhRQW1VVjZPakFxV3RWUGVjaDhHLzk5clM0NUd2V01TTDRQVU5MTS84djFyd3ZyYTNkTVZyVjNZd0o5a2ZDTlh5MVgzeXlxalVySmVyLzhyVHpGRWNEQUJHdENUT3pWSzU4WVFIamJiZUE4R3dEdDU5eFc1NkE4VW5raWNzZDN2RksxWlFBUmNVNGxXa05qTE5RZUliTmlibERGbS9zR1k2ZkxWOWVweUt2WDVVcWtFUXczMkVSUVVEcUVmN0F2SXV4OU5sVzdJWT18&cppv=2

Requested by

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4341ea62ef8149db69a4f78b0762634d083a866d5aa2718cdbda0647de5fcb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4770
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:14 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=BdPIQnxGUVIyL0cxa01XSnREM3RVYTlEb29OY212RmowZ2g5N3BXNHQ0MGpxbmFaQkMrSFBiMGMzOHpvRDJzUjV2MDM0MmFWdDl0WG5VVUhnN2dtR1M4TGRBbzNGVjFVSjhmMVJidEhRQW1VVjZPakFxV3RWUGVjaDhHLzk5clM0NUd2V01TTDRQVU5MTS84djFyd3ZyYTNkTVZyVjNZd0o5a2ZDTlh5MVgzeXlxalVySmVyLzhyVHpGRWNEQUJHdENUT3pWSzU4WVFIamJiZUE4R3dEdDU5eFc1NkE4VW5raWNzZDN2RksxWlFBUmNVNGxXa05qTE5RZUliTmlibERGbS9zR1k2ZkxWOWVweUt2WDVVcWtFUXczMkVSUVVEcUVmN0F2SXV4OU5sVzdJWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1445
content-length: 567
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/628433881/ 3 KB
2 KB 101ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628433881/?random=1658296695129&cv=9&fst=1658296695129&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&tiba=Modern%20Health%20Discoveries&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afa138c535b24092f46130621044e679d93335a23e571133e57b04e42f27f1c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1183
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/628433881/ 42 B
548 B 91ms
37ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/628433881/?random=1658296695129&cv=9&fst=1658293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&frm=0&url=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&tiba=Modern%20Health%20Discoveries&async=1&fmt=3&is_vtc=1&random=271962240&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.cz/pagead/1p-user-list/628433881/ 42 B
548 B 87ms
34ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.cz/pagead/1p-user-list/628433881/?random=1658296695129&cv=9&fst=1658293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&frm=0&url=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&tiba=Modern%20Health%20Discoveries&async=1&fmt=3&is_vtc=1&random=271962240&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2768546010100845 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 87ms
87ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2768546010100845?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8379a29ca2314444fc80430bff96de5c72b36f19b64adb65c7760c70006e0b2f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 3qOuQ5GLAJmmkE3QafibtYOUuwFS34Uym0RPb8euYbkhvNO20GLFQLpwiNHcjsUrvGLD7dQPflsquCLoaHrfjw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 20 Jul 2022 05:58:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658296695355
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=95287&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=uqVDbV9QczJOaEkzOEk4dkQwb1VHRVJ5TExWQ1ppQ1B4eWQ4VnBkRT...
https://widget.us.criteo.com/event?a=95287&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=uqVDbV9QczJOaEkzOEk4dkQwb1VHRVJ5TExWQ1ppQ1B4eWQ4VnBkRT...

8 KB
4 KB

354ms
122ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=95287&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=uqVDbV9QczJOaEkzOEk4dkQwb1VHRVJ5TExWQ1ppQ1B4eWQ4VnBkRTNvYlVTcmRMRzdyMmRXZDBVQUNQdDlzQnEzQkp5ZFJrWlNvMGpoTFFFWkVhOUlWVGF3JTJCbVdMdTlsTThMa1hUWXowUnhuUHZLUG8wQiUyQjVTUm14UW8lMkY5Z0o4ZGx1d3RwMmREOTVSbjhFczFOc3lQJTJCNnhZU3hEeUFNVVVIZWZ6NVdLSEg5Z1VQRSUzRA&tld=exoduseffect.com&dy=1&ful=402&fu=https%253A%252F%252Fexoduseffect.com%252Fmodern-health-og%253FaffId%253D82%2526c1%253DBlueHeronHealthNews052422%2526c2%253DBlueHeronHealthNews%2526c3%253DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%2526id%253D71162540%2526affid%253D82%2526cid%253D152%2526s1%253DBlueHeronHealthNews052422%2526s2%253DBlueHeronHealthNews%2526s3%253DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%2526s4%253DEmail35.1%2526s5%253Dw0m8bn8ljff2ddnhi141ai&dtycbr=61370

Requested by

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

90245cecc57b8784c14d189fe022da65acefb21f4b751134c0b8e438607f186d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11664809
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
server: Kestrel
location: https://widget.us.criteo.com/event?a=95287&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=uqVDbV9QczJOaEkzOEk4dkQwb1VHRVJ5TExWQ1ppQ1B4eWQ4VnBkRTNvYlVTcmRMRzdyMmRXZDBVQUNQdDlzQnEzQkp5ZFJrWlNvMGpoTFFFWkVhOUlWVGF3JTJCbVdMdTlsTThMa1hUWXowUnhuUHZLUG8wQiUyQjVTUm14UW8lMkY5Z0o4ZGx1d3RwMmREOTVSbjhFczFOc3lQJTJCNnhZU3hEeUFNVVVIZWZ6NVdLSEg5Z1VQRSUzRA&tld=exoduseffect.com&dy=1&ful=402&fu=https%253A%252F%252Fexoduseffect.com%252Fmodern-health-og%253FaffId%253D82%2526c1%253DBlueHeronHealthNews052422%2526c2%253DBlueHeronHealthNews%2526c3%253DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%2526id%253D71162540%2526affid%253D82%2526cid%253D152%2526s1%253DBlueHeronHealthNews052422%2526s2%253DBlueHeronHealthNews%2526s3%253DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%2526s4%253DEmail35.1%2526s5%253Dw0m8bn8ljff2ddnhi141ai&dtycbr=61370
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3971835
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 122ms
122ms Script
application/javascript 2.16.241.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6TP3JRSVD35Q9TRPAO0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id: f802f265.1e67cb7a
date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-211.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-240-35.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 97,2.16.240.35
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=6, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 20220720055815010004003007735002047015671E2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.211
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca7910e3bcee7bae52d917c82a51349f6e21dea038f9c07f35ba195e159a2ca19106f0469a07abed62273d0224c6a97554dd35576c1b02b4074e88c77527c02f5137d7d0bd7587c5bb08713e302d51cabc706d32f324ae12527d1b8ab0529a5be613
expires: Wed, 20 Jul 2022 05:58:15 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 59 KB
20 KB 120ms
120ms Script
application/javascript 2.16.241.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C6TP3JRSVD35Q9TRPAO0&hostname=exoduseffect.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6TP3JRSVD35Q9TRPAO0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 43832fbdcb20b10918d920dc6751b2afe3e4e1aaa8c1dc28f667c34c43d315dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id: f802f1e1.1e67cb95
date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-211.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-240-35.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 96,2.16.240.35
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=8, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20220720055815010004003007735002040114B4440
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.211
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca7910e3bcee7bae52d917c82a51349f6e21dea038f9c07f35ba195e159a2ca1910658ec91638aeb784c1a46ee6ee4cf72785a30f1c41e3740a54b1cbeb8bf5c860dce463d1353433520370caa731506a19e267d78e94d309383dd0eef7db905dfae
expires: Wed, 20 Jul 2022 05:58:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 80ms
25ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=196687248304241&ev=PageView&dl=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&rl=&if=false&ts=1658296695396&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658296695395.18322509&it=1658296695095&coo=false&exp=u0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 20 Jul 2022 05:58:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 80ms
26ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2768546010100845&ev=PageView&dl=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&rl=&if=false&ts=1658296695397&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658296695395.18322509&it=1658296695095&coo=false&exp=u0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 20 Jul 2022 05:58:15 GMT

GET
H2 200 gusid Show response
175132.t.hyros.com/v1/lst/ 0
501 B 347ms
125ms XHR
text/plain 23.23.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/gusid?
Requested by: Host: 175132.tracking.hyros.com
URL: https://175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!exoduseffect
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-180-42.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
Product-ID: 175132

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
session-id: HB-ET_f39a0ebfb0e6c20dc53838876d61b199900d9b8b9668f6e7b9fd8fa389e57777
etag: HB-ET_f39a0ebfb0e6c20dc53838876d61b199900d9b8b9668f6e7b9fd8fa389e57777
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://exoduseffect.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 gusid
175132.t.hyros.com/v1/lst/ Frame 0
0 354ms
112ms Preflight
application/vnd.sun.wadl+xml 23.23.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/gusid?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-180-42.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: product-id
Access-Control-Request-Method: GET
Origin: https://exoduseffect.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: product-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://exoduseffect.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: HEAD,GET,OPTIONS
content-length: 1432
content-type: application/vnd.sun.wadl+xml;charset=utf-8
date: Wed, 20 Jul 2022 05:58:15 GMT
last-modified: Wed, 20 Jul 2022 05:58:15 UTC

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
573 B 133ms
133ms Ping
application/octet-stream 2.16.241.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6TP3JRSVD35Q9TRPAO0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220720055815010004003007735002062135FB8EF
x-cache: TCP_MISS from a2-16-240-35.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,2.16.240.35
x-tt-trace-host: 017176fb18a495d13d06d0d207ec2dca795979c92352dfbcf00fdfbb32eee22dfa7ff6b56fc760092871044ab563f6fdd76a336bfb8e800ed0fcf2d56743f897b638bc084305f227e03bababef063320ce7fa007fc0434ee6ec193e556531a9853
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=3, origin; dur=107
x-akamai-request-id: 1e67cbe6
content-length: 0
expires: Wed, 20 Jul 2022 05:58:15 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 203ms
202ms XHR
text/html 34.209.74.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.209.74.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-74-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 20 Jul 2022 05:58:15 GMT
trace-id: Root=1-62d79977-5b8d48dd08b5dd9751ded7b0
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 m-outer-b264dce0f6b368bd152098cad6b3c755.html Show response
js.stripe.com/v3/ Frame C2A8 240 B
845 B 23ms
22ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-b264dce0f6b368bd152098cad6b3c755.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d5f0a30a2c5379450755929935a74d46cae420e9310098e66e6755e655b03ba5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://exoduseffect.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 43383
cache-control: max-age=31536000
content-encoding: br
content-length: 140
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 20 Jul 2022 05:58:15 GMT
etag: "b264dce0f6b368bd152098cad6b3c755"
last-modified: Tue, 19 Jul 2022 17:52:48 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 15938
x-content-type-options: nosniff
x-request-id: de75ca27-2c14-4db9-a428-bf29ae344892
x-served-by: cache-hhn4077-HHN

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 7127
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-J4zkIi-BePsLUX6ketD6fr0UFhfN2OORJh0d3Q&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-J4zkIi-BePsLUX6ketD6fr0UFhfN2OORJh0d3Q&expires=30

43 B
510 B

122ms
122ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-J4zkIi-BePsLUX6ketD6fr0UFhfN2OORJh0d3Q&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 05:58:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-J4zkIi-BePsLUX6ketD6fr0UFhfN2OORJh0d3Q&expires=30
Date: Wed, 20 Jul 2022 05:58:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
widget.eu.criteo.com/dis/rtb/google/ Frame 7127
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XzbZky-BePsLUX6ketD6fr0UFhe7y98npl5lSQ&google_cm&google_hm=ay1YemJaa3ktQmVQc0xVWDZrZXRENmZyMFVGaGU3eTk4b...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XzbZky-BePsLUX6ketD6fr0UFhe7y98npl5lSQ&google_gid=CAESEMrX54As-sUwUBkCbSOKdYQ&google_cver=1&google_ula=913071,0
https://widget.eu.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XzbZky-BePsLUX6ketD6fr0UFhe7y98npl5lSQ&google_gid=CAESEMrX54As-sUwUBkCbSOKdYQ&google_cver=1&google_ula=913071,0

43 B
371 B

89ms
30ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.eu.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XzbZky-BePsLUX6ketD6fr0UFhe7y98npl5lSQ&google_gid=CAESEMrX54As-sUwUBkCbSOKdYQ&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1085443
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://widget.eu.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XzbZky-BePsLUX6ketD6fr0UFhe7y98npl5lSQ&google_gid=CAESEMrX54As-sUwUBkCbSOKdYQ&google_cver=1&google_ula=913071,0
date: Wed, 20 Jul 2022 05:58:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 295975
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2

200

cookiematch.aspx
widget.eu.criteo.com/dis/rtb/appnexus/ Frame 7127
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2391904254307340872
https://widget.eu.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2391904254307340872

43 B
370 B

90ms
30ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.eu.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2391904254307340872

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1860799
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://widget.eu.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2391904254307340872
date: Wed, 20 Jul 2022 05:58:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 131376
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2

200

1by1.png
cotads.adscale.de/ads/pixel/ Frame 7127
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-xptycS-BePsLUX6ketD6fr0UFhdMusAiq3cvZg&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-xptycS-BePsLUX6ketD6fr0UFhdMusAiq3cvZg&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=56edef...
https://cotads.adscale.de/ads/pixel/1by1.png?uid=a302bcf672d05a19dabd3aa8bcf873cdbdb8f21d5a63001d79a382e5b38a2ce8

321 B
702 B

75ms
21ms

Image
image/png

2600:9000:225e:600:1b:832b:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cotads.adscale.de/ads/pixel/1by1.png?uid=a302bcf672d05a19dabd3aa8bcf873cdbdb8f21d5a63001d79a382e5b38a2ce8
Protocol: H2
Server: 2600:9000:225e:600:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
last-modified: Tue, 08 Sep 2020 23:05:25 GMT
server: AmazonS3
age: 135457
etag: "c1ab48a971e5c1a7eae346346487762d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Wed, 20 Jul 2022 01:19:10 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 321
x-amz-cf-id: 7nsNRY7DpnU_IJiT5uk3UtR4rOKzlKNJ0r3dxPOB3FYPzGk9-dNRuw==

Redirect headers

location: https://cotads.adscale.de/ads/pixel/1by1.png?uid=a302bcf672d05a19dabd3aa8bcf873cdbdb8f21d5a63001d79a382e5b38a2ce8
date: Wed, 20 Jul 2022 05:58:15 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 7127 49 B
235 B 119ms
40ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-37DylC-BePsLUX6ketD6fr0UFhdZgazd8RNLyA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H3

200

rum
r.casalemedia.com/ Frame 7127
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_761Fy-BePsLUX6ketD6fr0UFheOhT6Rttrofg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_761Fy-BePsLUX6ketD6fr0UFheOhT6Rttrofg&C=1

43 B
930 B

76ms
40ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_761Fy-BePsLUX6ketD6fr0UFheOhT6Rttrofg&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72d976cd9a289bfa-FRA
pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zjr8sRWPgejmakX8T4RSpPUmW7F86vM7s5Q1tQFjp5l%2Fy7eaC8V3PcLOC8uMcWvKVKEofJKZZPYvEXaw25CR6043dag3Atx%2FOge1aN2uXAWsBtAJn%2BAADNK6IrWtNkt5kbmG"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfqP4lUZydZapn8rU8E6bmp2dBRxxuKRFzXiosnew2HYY5Zdj8ehfsDmRrdC3Hwd92UeznLfrmsC%2FayeuGXR7oyDrn4qbYWdeXxLyceWwi62WVHcUhbBD2n1pAjAqqdaLAzr"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-_761Fy-BePsLUX6ketD6fr0UFheOhT6Rttrofg&C=1
cache-control: no-cache
cf-ray: 72d976cd1eb1995a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 7127
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-19SluS-BePsLUX6ketD6fr0UFhfeLaWoE3SiWQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-19SluS-BePsLUX6ketD6fr0UFhfeLaWoE3SiWQ

43 B
448 B

49ms
47ms

Image
image/gif

54.76.200.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-19SluS-BePsLUX6ketD6fr0UFhfeLaWoE3SiWQ
Protocol: H2
Server: 54.76.200.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-200-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Jul 2022 05:58:15 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-19SluS-BePsLUX6ketD6fr0UFhfeLaWoE3SiWQ
date: Wed, 20 Jul 2022 05:58:15 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 7127
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=XLHj-47vALdFpwyupKlItTarpmIQEJuU

42 B
340 B

194ms
135ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=XLHj-47vALdFpwyupKlItTarpmIQEJuU
Protocol: H2
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Jul 2022 05:58:15 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=XLHj-47vALdFpwyupKlItTarpmIQEJuU
date: Wed, 20 Jul 2022 05:58:14 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2733
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 cksync.php
contextual.media.net/ Frame 7127 45 B
785 B 100ms
52ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-s7EN8y-BePsLUX6ketD6fr0UFhcenYP3INKjkA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Wed, 20 Jul 2022 05:58:15 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 20 Jul 2022 05:58:15 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 7127 40 B
40 B 334ms
110ms Image
text/html 3.224.57.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Y8kdSS-BePsLUX6ketD6fr0UFhdN7BtveeVdDg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.57.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-57-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 7127 0
476 B 434ms
110ms Image
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-keSmFC-BePsLUX6ketD6fr0UFhfXcDKeQwfdiA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 05:58:16 GMT
Cache-Control: no-cache
X-TraceId: 8d47dac4a89c8b90cd64b2fa8257dadd
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7127 0
225 B 95ms
29ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Og3eeS-BePsLUX6ketD6fr0UFhfGCN_AabZJEA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:47:13 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 7127 0
239 B 100ms
25ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-jnPPFS-BePsLUX6ketD6fr0UFhcDikLMTM4Uzg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 7127 0
35 B 80ms
24ms Image
text/plain 35.158.225.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Vq6Ywi-BePsLUX6ketD6fr0UFhftbDlEOFpzGg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.225.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-225-163.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 7127 43 B
163 B 113ms
38ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-CO5mmy-BePsLUX6ketD6fr0UFhc4Y98bO38Z8w
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 7127 0
99 B 88ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-bSxwsS-BePsLUX6ketD6fr0UFheQ-oZpG5k6tw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27997

GET
H2 200 um
criteo-sync.teads.tv/ Frame 7127 23 B
172 B 119ms
47ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-eFQQPC-BePsLUX6ketD6fr0UFhc3usCmlPE-OQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:16 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 20 Jul 2022 05:58:16 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 7127 37 B
140 B 70ms
23ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-7xybNC-BePsLUX6ketD6fr0UFhd-wA9yA3MySw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 7127 0
522 B 75ms
29ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-F-6PgS-BePsLUX6ketD6fr0UFhdky1uUwHkrSA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Jul 2022 05:58:16 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 19 Jul 2022 05:58:16 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 7127 43 B
220 B 346ms
110ms Image
image/gif 52.202.68.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-e89czC-BePsLUX6ketD6fr0UFhcEDC9uK9nhkg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.68.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-68-9.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 20 Jul 2022 05:58:16 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 7127
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-U-KrfS-BePsLUX6ketD6fr0UFhdrq6AESnoXiQ
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-U-KrfS-BePsLUX6ketD6fr0UFhdrq6AESnoXiQ

43 B
419 B

324ms
109ms

Image
image/gif

2600:1f18:444a:4602:5071:4299:50e2:8b7b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-U-KrfS-BePsLUX6ketD6fr0UFhdrq6AESnoXiQ

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:5071:4299:50e2:8b7b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 05:58:16 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-U-KrfS-BePsLUX6ketD6fr0UFhdrq6AESnoXiQ
Date: Wed, 20 Jul 2022 05:58:16 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 204 /
s.ad.smaato.net/c/ Frame 7127 0
239 B 73ms
24ms Image
text/plain 2600:9000:224a:b400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-6LMIuS-BePsLUX6ketD6fr0UFhchT5Z9HoKb2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: G3OdAvv1Z2Fpqe6vsBGkTp8x1Ox-GO-kHKcplq2N8la7dy8ALscb2Q==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame 7127 35 B
413 B 460ms
114ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-Sy9CnC-BePsLUX6ketD6fr0UFhfHq_GA1XgweA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Norfolk, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 05:58:16 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

POST
H2 200 rum Show response
exoduseffect.com/cdn-cgi/ 0
77 B 43ms
42ms XHR
text/plain 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Wed, 20 Jul 2022 05:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://exoduseffect.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 72d976ccbd6f9a2f-FRA
vary: Origin

POST
H2 200 csp-report
q.stripe.com/ Frame C2A8 0
570 B 615ms
195ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C2A8 0
571 B 613ms
193ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-1f270b8fd2c2e3cf8410a1ea3ccb1934.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C2A8 1 KB
797 B 22ms
22ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1f270b8fd2c2e3cf8410a1ea3ccb1934.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-b264dce0f6b368bd152098cad6b3c755.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-b264dce0f6b368bd152098cad6b3c755.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 1
x-cache: HIT
content-length: 670
etag: "77711798ecf99b8bb8207cf88a10d73c"
x-request-id: 034f6cdd-ee5d-4a71-8b7f-bb129ac4a6b3
x-served-by: cache-hhn4077-HHN
access-control-allow-origin: *
last-modified: Tue, 19 Jul 2022 17:52:47 GMT
server: Fastly
date: Wed, 20 Jul 2022 05:58:15 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 888C 930 B
2 KB 210ms
25ms Document
text/html 18.66.2.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1f270b8fd2c2e3cf8410a1ea3ccb1934.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-102.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 234
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 20 Jul 2022 05:54:26 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 15d276defa1bb032a264992771fcf3e4.cloudfront.net (CloudFront)
x-amz-cf-id: ms7mxqtIXAjjwR6iHjA8gyCmP9cOaSZb6XgWsYCGWFTJM6UR3XaTSw==
x-amz-cf-pop: TXL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H/1.1 200
OK getConfig Show response
cp.pushwoosh.com/json/1.3/ 1 KB
1 KB 140ms
30ms Fetch
application/json 78.47.243.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/getConfig
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.47.243.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.139.243.47.78.clients.your-server.de
Software: nginx / pushwoosh/device-api
Resource Hash: ba161899e315035cced4345334ce601f8a380589583cc5a2fec30bae2a50409d

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
content-encoding: gzip
server: nginx
x-powered-by: pushwoosh/device-api
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

POST
H2 200 csp-report
q.stripe.com/ Frame 888C 0
344 B 375ms
195ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 888C 86 KB
16 KB 31ms
31ms Script
text/javascript 18.66.2.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-102.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 158
date: Wed, 20 Jul 2022 05:55:43 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 15d276defa1bb032a264992771fcf3e4.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: eRI9aRCYKRUgwYj49pZJmfYh1sni3m6PGvR-ry1bUF2X8dFSIQ9lRw==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 7127
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=DP5nIoptiYJEmSQCfv7YO4lJoPTFrvT1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DP5nIoptiYJEmSQCfv7YO4lJoPTFrvT1

42 B
942 B

116ms
115ms

Image
image/gif

54.154.32.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DP5nIoptiYJEmSQCfv7YO4lJoPTFrvT1

Protocol

HTTP/1.1

Server

54.154.32.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-32-144.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v036-05d78f288.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xZ25aLdyT6s=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v036-023fa7181.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: bhiNzB0GT0I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DP5nIoptiYJEmSQCfv7YO4lJoPTFrvT1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 7127 0
522 B 31ms
30ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-F-6PgS-BePsLUX6ketD6fr0UFhdky1uUwHkrSA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Jul 2022 05:58:16 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 19 Jul 2022 05:58:16 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 888C 156 B
524 B 604ms
201ms XHR
application/json 52.25.10.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.10.74 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-10-74.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

75eb901110fe8dc71bf937e53e5e8b0794e0fe0f315814f7423857abf2bf5d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 pc Show response
175132.t.hyros.com/v1/lst/ 117 B
368 B 119ms
119ms XHR
application/json 23.23.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F103.0.5060.53+Safari%2F537.36
Requested by: Host: 175132.tracking.hyros.com
URL: https://175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!exoduseffect
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-180-42.compute-1.amazonaws.com
Software: /
Resource Hash: 6af37045545780946e62b0f6421a5be8882fc55dfcb8d9c9c966ba54020007bf

Request headers

Session-ID: HB-ET_f39a0ebfb0e6c20dc53838876d61b199900d9b8b9668f6e7b9fd8fa389e57777
Product-ID: 175132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
Access-Control-Allow-Headers: *

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: application/json;charset=utf-8
access-control-allow-origin: https://exoduseffect.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 117

OPTIONS
H2 200 pc
175132.t.hyros.com/v1/lst/ Frame 0
0 112ms
112ms Preflight
application/vnd.sun.wadl+xml 23.23.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F103.0.5060.53+Safari%2F537.36
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-180-42.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: GET
Origin: https://exoduseffect.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://exoduseffect.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: HEAD,GET,OPTIONS
content-length: 4175
content-type: application/vnd.sun.wadl+xml;charset=utf-8
date: Wed, 20 Jul 2022 05:58:16 GMT
last-modified: Wed, 20 Jul 2022 05:58:16 UTC

POST
H/1.1 200
OK applicationOpen Show response
cp.pushwoosh.com/json/1.3/ 128 B
647 B 42ms
42ms Fetch
application/json 78.47.243.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/applicationOpen
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.47.243.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.139.243.47.78.clients.your-server.de
Software: nginx /
Resource Hash: bda0488cafa2fa2eac0079294db23250768172ab0e36269db46a1fdc99d51f67

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H2 200 manifest.json Show response
exoduseffect.com/ 228 B
515 B 118ms
118ms Fetch
application/json 2606:4700:3108::ac42:2912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exoduseffect.com/manifest.json

Requested by

Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5299bb2e133843c854d6a966630afb13c6edecf4d3738a6c4760cf6f9f1cf2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://exoduseffect.com/modern-health-og?affId=82&c1=BlueHeronHealthNews052422&c2=BlueHeronHealthNews&c3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&id=71162540&affid=82&cid=152&s1=BlueHeronHealthNews052422&s2=BlueHeronHealthNews&s3=EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind&s4=Email35.1&s5=w0m8bn8ljff2ddnhi141aif8
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 15 Jul 2020 16:51:04 GMT
server: cloudflare
etag: W/"e4-5aa7dbac975ed-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ol8Jcx8CDSTSSXjB36W%2FaziW93XpPu4dJKAWSzRedF4sVpAFVPgeLqM8P8dFDdufkIYNxsxm3YH4w1Id%2FsA4AHLSTb4kqV4xcUszBtX7guc1xeIWQjCfm8MVv1d9vQNfK25ovkpKbLjhXo2nw1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex, noarchive, nosnippet
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
cf-ray: 72d976cff8ed9a2f-FRA

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame 7127
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=zNNatmil4oeP7pclzKdr826TZ3y2mv5V

43 B
501 B

137ms
45ms

Image
image/gif

34.250.36.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=zNNatmil4oeP7pclzKdr826TZ3y2mv5V
Protocol: H2
Server: 34.250.36.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-36-127.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 05:58:16 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=zNNatmil4oeP7pclzKdr826TZ3y2mv5V
date: Wed, 20 Jul 2022 05:58:15 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2473
content-length: 208
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

POST
H2 200 checkDevice Show response
redhotm.pushwoosh.com/json/1.3/ 145 B
475 B 112ms
31ms Fetch
application/json 88.198.239.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://redhotm.pushwoosh.com/json/1.3/checkDevice
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.198.239.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: r1-front-14.pushwoosh.com
Software: nginx /
Resource Hash: 7941bdd6e9a47deed782bab18eccfbf84a7bb77fdabdf6fb264c2ad070074f8b

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 45ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=196687248304241&ev=Microdata&dl=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&rl=&if=false&ts=1658296696908&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Modern%20Health%20Discoveries%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658296695395.18322509&it=1658296695095&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 20 Jul 2022 05:58:16 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 44ms
22ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2768546010100845&ev=Microdata&dl=https%3A%2F%2Fexoduseffect.com%2Fmodern-health-og%3FaffId%3D82%26c1%3DBlueHeronHealthNews052422%26c2%3DBlueHeronHealthNews%26c3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26id%3D71162540%26affid%3D82%26cid%3D152%26s1%3DBlueHeronHealthNews052422%26s2%3DBlueHeronHealthNews%26s3%3DEveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%26s4%3DEmail35.1%26s5%3Dw0m8bn8ljff2ddnhi141aif8&rl=&if=false&ts=1658296696910&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Modern%20Health%20Discoveries%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658296695395.18322509&it=1658296695095&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 20 Jul 2022 05:58:16 GMT

GET
H2

200

cs
s.thebrighttag.com/ Frame 7127
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=olViI99wrVEq3ZZ0LwOOfL6Qd9Ifck-m

35 B
268 B

353ms
118ms

Image
image/gif

3.128.220.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=olViI99wrVEq3ZZ0LwOOfL6Qd9Ifck-m
Protocol: H2
Server: 3.128.220.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-128-220-23.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
x-bt-requestid: f33a67b0-07f0-11ed-ba16-0000ac17015c
server: nginx
date: Wed, 20 Jul 2022 05:58:17 GMT
p3p: CP=NOI DSP COR NID
access-control-allow-origin
cache-control: private, must-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=olViI99wrVEq3ZZ0LwOOfL6Qd9Ifck-m
date: Wed, 20 Jul 2022 05:58:15 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2680
content-length: 203
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

POST
H2 200 getInboxMessages Show response
redhotm.pushwoosh.com/json/1.3/ 92 B
529 B 32ms
32ms Fetch
application/json 88.198.239.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://redhotm.pushwoosh.com/json/1.3/getInboxMessages
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.198.239.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: r1-front-14.pushwoosh.com
Software: nginx / phpDaemon/1.0-beta3
Resource Hash: 66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423

Request headers

Referer: https://exoduseffect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Jul 2022 05:58:16 GMT
content-encoding: gzip
server: nginx
x-powered-by: phpDaemon/1.0-beta3
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
x-pw-cluster-node: inbox-api-85dfbb48cd-kj5sm
x-pw-front-node: inbox-api-85dfbb48cd-kj5sm
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H/1.1 200
OK chrome.jpg
cdn.pushwoosh.com/webpush/img/ 37 KB
38 KB 28ms
27ms Image
image/jpeg 195.201.240.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pushwoosh.com/webpush/img/chrome.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.240.51 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cache-05.pushwoosh.com
Software: nginx /
Resource Hash: 1d9d7ae5da2739bb3c90c97c41799f0555a7711122deebad64ff48789b30671e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 05:58:17 GMT
X-Cache-Status: HIT
Connection: keep-alive
Content-Length: 38391
Last-Modified: Wed, 09 Jun 2021 13:23:33 GMT
Server: nginx
Cache-Control: max-age=3600, public
ETag: "a4a1bfc744068b330bbb9fd7ad8f4d6e"
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-rgw-object-type: Normal
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
X-Proxy-Cache: HIT
Expires: Wed, 20 Jul 2022 06:58:17 GMT

GET
H/1.1 200
OK chrome_unlock.jpg
cdn.pushwoosh.com/webpush/img/ 45 KB
45 KB 114ms
61ms Image
image/jpeg 195.201.240.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pushwoosh.com/webpush/img/chrome_unlock.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.240.51 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cache-05.pushwoosh.com
Software: nginx /
Resource Hash: c9c4b6ee5cd74a8dae3caa85f95678aa592c060d18c6f21e37c0d0e1446dc4af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exoduseffect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 05:58:17 GMT
X-Cache-Status: HIT
Connection: keep-alive
Content-Length: 45797
Last-Modified: Wed, 09 Jun 2021 13:23:33 GMT
Server: nginx
Cache-Control: max-age=3600, public
ETag: "9c37d8ab595f88bac2d323e77ff5e5dc"
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-rgw-object-type: Normal
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
X-Proxy-Cache: HIT
Expires: Wed, 20 Jul 2022 06:58:17 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 05:21:28	Name: _li_ss Value: MgkI_____wcQ5xI
.blueheronhealthnews.net/	1970-01-20 13:23:31	Name: tms Value: a%3A1%3A%7Bi%3A0%3Ba%3A6%3A%7Bi%3A0%3Bs%3A3%3A%229Gm%22%3Bi%3A1%3Bs%3A1%3A%22b%22%3Bi%3A2%3Bs%3A4%3A%22Cqhz%22%3Bi%3A3%3Bs%3A4%3A%22a62e%22%3Bi%3A4%3Bs%3A3%3A%22meK%22%3Bi%3A5%3Bs%3A1%3A%229%22%3B%7D%7D
.blueheronhealthnews.net/	1970-01-20 13:23:31	Name: tmc Value: a%3A1%3A%7Bi%3A0%3Ba%3A4%3A%7Bi%3A0%3Bs%3A3%3A%229Gm%22%3Bi%3A1%3Bs%3A4%3A%22Cqhz%22%3Bi%3A2%3Bs%3A3%3A%22meK%22%3Bi%3A3%3Bs%3A4%3A%22a62e%22%3B%7D%7D
.blueheronhealthnews.net/	1970-01-20 13:23:31	Name: xsid Value: a62e_Cqhz
.tr.rightwayshow.co/	1970-01-20 04:39:43	Name: d365f985-adc4-48cb-bca2-e20f599ea312-v4 Value: 1KRmk0n4wcJi_2gxTJ8QBRSrBIX2gSGJIQjZ5jRLvw8
.tr.rightwayshow.co/	1970-01-20 13:23:52	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22w0m8bn8ljff2ddnhi141aif8%22%2C%22caid%22%3A%22d365f985-adc4-48cb-bca2-e20f599ea312%22%7D
.theexoduseffect.co/	1969-12-31 23:59:59	Name: som Value: xMjIKkYWd9Sk78JZ2HyNjSRcJTZefoXFgqhD/zdaaKZDLFd40kdAYA==
.theexoduseffect.co/	1970-01-20 22:10:55	Name: tm Value: E8n9vsl1Gnyk78JZ2HyNjSRcJTZefoXFgqhD/zdaaKZDLFd40kdAYA==
.theexoduseffect.co/	1970-01-20 05:21:28	Name: c11 Value: xMjIKkYWd9RoM/iVGCDzZ47o4llB8GpwdlxtvL/+mdg=
.exoduseffect.com/	1970-01-20 04:52:40	Name: PHPSESSID Value: aaoq279b04mq0npjds4j7hs26d
exoduseffect.com/	1970-01-20 04:52:40	Name: 100001_Affiliate Value: a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A8%3A%2271162540%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2282%22%3Bs%3A6%3A%22campid%22%3Bs%3A3%3A%22152%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A25%3A%22BlueHeronHealthNews052422%22%3Bs%3A2%3A%22s2%22%3Bs%3A19%3A%22BlueHeronHealthNews%22%3Bs%3A2%3A%22s3%22%3Bs%3A57%3A%22EveryoneWhoBelievesInGodShouldWatchThisItWillBlowYourMind%22%3Bs%3A2%3A%22s4%22%3Bs%3A9%3A%22Email35.1%22%3Bs%3A2%3A%22s5%22%3Bs%3A24%3A%22w0m8bn8ljff2ddnhi141aif8%22%3B%7D%7D
.exoduseffect.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .exoduseffect.com
.exoduseffect.com/	1970-01-20 22:09:28	Name: _lc2_fpi Value: 875ea714f6f7--01g8d2yxyx0qwf1dw990t74z72
.exoduseffect.com/	1970-01-20 06:47:52	Name: _gcl_au Value: 1.1.1732427023.1658296695
.exoduseffect.com/	1970-01-20 22:09:28	Name: _ga Value: GA1.2.1210159877.1658296695
.exoduseffect.com/	1970-01-20 04:39:43	Name: _gid Value: GA1.2.732717623.1658296695
.exoduseffect.com/	1970-01-20 04:38:16	Name: _gat_gtag_UA_172780246_2 Value: 1
.exoduseffect.com/	1970-01-20 04:38:16	Name: _gat_UA-172780246-2 Value: 1
exoduseffect.com/	1970-01-20 04:48:21	Name: AMPLITUDE_DEVICE_ID Value: LA3veS1v8mESPk2Him69Uc
.exoduseffect.com/	1970-01-23 20:14:16	Name: amp_0a2f9a Value: LA3veS1v8mESPk2Him69Uc...1g8d2uu80.1g8d2uu87.1.2.3
.criteo.com/	1970-01-20 13:59:52	Name: uid Value: 37e9fd24-b8db-4f83-86c7-f2b844ac047b
.liadm.com/	1970-01-20 22:09:28	Name: lidid Value: 256f492b-5233-4ec5-ab1e-977669b33453
.exoduseffect.com/	1970-01-20 14:07:40	Name: cto_bundle Value: uqVDbV9QczJOaEkzOEk4dkQwb1VHRVJ5TExWQ1ppQ1B4eWQ4VnBkRTNvYlVTcmRMRzdyMmRXZDBVQUNQdDlzQnEzQkp5ZFJrWlNvMGpoTFFFWkVhOUlWVGF3JTJCbVdMdTlsTThMa1hUWXowUnhuUHZLUG8wQiUyQjVTUm14UW8lMkY5Z0o4ZGx1d3RwMmREOTVSbjhFczFOc3lQJTJCNnhZU3hEeUFNVVVIZWZ6NVdLSEg5Z1VQRSUzRA
.exoduseffect.com/	1970-01-20 06:47:52	Name: _fbp Value: fb.1.1658296695395.18322509
.tiktok.com/	1970-01-20 13:59:52	Name: _ttp Value: 2CCBThrdO85zGmFP0HIDu3euhyG
.exoduseffect.com/	1970-01-20 13:59:52	Name: _tt_enable_cookie Value: 1
.exoduseffect.com/	1970-01-20 13:59:52	Name: _ttp Value: 62f34bf4-191b-4132-965f-87d292121f31
.adscale.de/	1970-01-20 13:20:32	Name: uu Value: 56edef8492fb4ffabf604e4e48876d6e
.adscale.de/	1970-01-20 13:20:32	Name: cct Value: 1658296695854
.adnxs.com/	1970-01-20 06:47:52	Name: uuid2 Value: 2391904254307340872
.doubleclick.net/	1970-01-20 13:59:52	Name: IDE Value: AHWqTUnu2I5o89rlG3cOjpoHsUPm7BCkCIfW7uY6Xwf5IuU802FFh9V34QpV0KNtkys
.casalemedia.com/	1970-01-20 13:23:52	Name: CMID Value: YteZdzNL32JFazH.fV1JYgAA
.casalemedia.com/	1970-01-20 06:47:52	Name: CMPS Value: 1148
.casalemedia.com/	1970-01-20 06:47:52	Name: CMPRO Value: 1148
.media.net/	1970-01-20 13:23:52	Name: visitor-id Value: 3012982957631289000V10
.media.net/	1970-01-20 05:21:28	Name: data-c-ts Value: 1658296695
.media.net/	1970-01-20 05:21:28	Name: data-c Value: k-s7EN8y-BePsLUX6ketD6fr0UFhcenYP3INKjkA~~3
.ih.adscale.de/	1970-01-20 13:20:32	Name: tu Value: 4#2241637889#40~k-xptycS-BePsLUX6ketD6fr0UFhdMusAiq3cvZg~460637~0~0
.360yield.com/	1970-01-20 06:47:52	Name: tuuid Value: 05f2a085-ce24-445f-b033-e216276df35c
.360yield.com/	1970-01-20 06:47:52	Name: tuuid_lu Value: 1658296695
.casalemedia.com/	1970-01-20 06:47:52	Name: CMTS Value: 1150
.360yield.com/	1970-01-20 06:47:52	Name: um Value: !38,G.uDzCMCJ0yvCypHtLYW1jFz7otwVuKBJ5ANzx7BqpbHXrNjj3OR9dUY-iWGGjlP2QhvfvDT,1666072695
.360yield.com/	1970-01-20 06:47:52	Name: umeh Value: !38,0,1720504695,-1
.rlcdn.com/	1970-01-20 06:04:40	Name: pxrc Value: CAA=
exchange.mediavine.com/	1970-01-20 04:58:26	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22f2841000-07f0-11ed-a9aa-c3fd779706ab%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 04:58:26	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22f2841000-07f0-11ed-a9aa-c3fd779706ab%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 04:58:26	Name: criteo Value: %7B%22id%22%3A%22k-Y8kdSS-BePsLUX6ketD6fr0UFhdN7BtveeVdDg%22%2C%22version%22%3A%22criteo%22%7D
.yieldlab.net/	1970-01-20 13:23:52	Name: id Value: 2a569d8d-d3ff-4dcb-bdd0-c7f53af310b9
.bidswitch.net/	1970-01-20 13:23:52	Name: tuuid Value: b84ebf60-53d7-4441-bb8a-0bcf7c75a01d
.bidswitch.net/	1970-01-20 13:23:52	Name: c Value: 1658296696
.bidswitch.net/	1970-01-20 13:23:52	Name: tuuid_lu Value: 1658296696
175132.t.hyros.com/	1970-01-24 19:44:56	Name: __mh_tt_s Value: HB-ET_f39a0ebfb0e6c20dc53838876d61b199900d9b8b9668f6e7b9fd8fa389e57777
.outbrain.com/	1970-01-20 06:47:52	Name: obuid Value: b3acd564-41d5-42d1-b445-011d53576fdc
.outbrain.com/	1970-01-20 04:58:26	Name: criteo Value: k-keSmFC-BePsLUX6ketD6fr0UFhfXcDKeQwfdiA
.aralego.com/	1970-01-20 13:23:52	Name: gdpr Value: 1
.aralego.com/	1970-01-20 13:23:52	Name: sspid Value: a51eaa9c-5f3d-3e1b-a814-63d65685ae59
.demdex.net/	1970-01-20 08:57:28	Name: demdex Value: 24419134138716832312176165466686316701
.dpm.demdex.net/	1970-01-20 08:57:28	Name: dpm Value: 24419134138716832312176165466686316701
m.stripe.com/	1970-01-20 22:09:28	Name: m Value: 47c575c5-fd0e-4998-96a6-b768166645e444a87b
.exoduseffect.com/	1970-01-20 13:23:52	Name: __stripe_mid Value: 6bd312d8-9ee8-4d9e-b2b0-35f826a9cf43692ecd
.exoduseffect.com/	1970-01-20 04:38:18	Name: __stripe_sid Value: df3759b8-adb5-4bf6-8dde-7bc8e3e6679c5ce562
.agkn.com/	1970-01-20 13:23:52	Name: ab Value: 0001%3AorNs%2F3oAHiOhdFT%2FByV07GY8rwVcdsgo

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

175132.t.hyros.com
175132.tracking.hyros.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ajax.googleapis.com
analytics.tiktok.com
api.amplitude.com
b-code.liadm.com
cdn.amplitude.com
cdn.pushwoosh.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cotads.adscale.de
cp.pushwoosh.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
exoduseffect.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
handsinair.co
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
ih.adscale.de
js.stripe.com
m.stripe.com
m.stripe.network
match.sharethrough.com
mug.criteo.com
pixel.rubiconproject.com
q.stripe.com
r.casalemedia.com
redhotm.pushwoosh.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.aralego.com
sync.outbrain.com
theexoduseffect.co
tr.rightwayshow.co
visitor.omnitagjs.com
widget.eu.criteo.com
widget.us.criteo.com
www.blueheronhealthnews.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.cz
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.111.242.245
104.160.72.23
104.18.18.126
141.226.228.48
142.250.185.66
142.250.186.130
151.101.0.176
178.250.0.163
178.250.2.140
178.250.2.146
178.250.2.151
18.233.68.85
18.66.2.102
185.255.84.152
185.64.189.110
185.86.139.106
192.96.200.41
195.201.240.51
2.16.241.99
2.18.235.93
23.23.180.42
2600:1f18:444a:4602:5071:4299:50e2:8b7b
2600:1f18:730:b140:a190:a48a:e192:6627
2600:9000:224a:b400:1b:5138:8a40:93a1
2600:9000:225e:600:1b:832b:ac00:93a1
2600:9000:225e:c00:8:8845:1500:93a1
2606:4700:3108::ac42:2912
2606:4700:440e::6812:2fe6
2a00:1450:4001:801::2003
2a00:1450:4001:811::2008
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:400c:c00::9b
2a02:2638:1::13
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
3.128.220.23
3.224.57.214
34.209.74.230
34.250.36.127
35.156.141.237
35.158.225.163
35.190.60.146
35.211.178.172
37.252.173.62
52.202.68.9
52.222.206.178
52.25.10.74
52.7.56.125
54.154.32.144
54.156.247.58
54.187.159.182
54.76.200.219
64.202.112.223
69.173.144.165
74.119.119.150
76.223.111.18
78.47.243.139
88.198.239.117
96.16.132.239
0d707cc06b442a17dd58f0ed2176c626e6b7c5808d43c2bedf80136945c6994b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13553f5d05692cd51a235c5c881c25e51a45a87d4edd158ad9943d353e9163cf
1779463567d49a89ff96f57818df75e65f86276e01cb4442038d0a18ea68a624
1d9d7ae5da2739bb3c90c97c41799f0555a7711122deebad64ff48789b30671e
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
1eba8268d112d2903105c9b82da51799cd7467c382af9b3b94bcb41295d9c1dc
24f845bff92fbe1a77b9f0ad1e83c7f911647d1ce9c07811436360f6ecc8481e
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2c3e27747d0305cf35aea9ad1adb1400624df2c279f1d367b6e5c7379391d35b
2c98dd23111ee7a38d2a7256ee9756b4b069421c7584789f85a2c36cf46b3ded
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
4341ea62ef8149db69a4f78b0762634d083a866d5aa2718cdbda0647de5fcb89
43832fbdcb20b10918d920dc6751b2afe3e4e1aaa8c1dc28f667c34c43d315dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5299bb2e133843c854d6a966630afb13c6edecf4d3738a6c4760cf6f9f1cf2f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58c66125e56c6f77e4ae6e45ce3b9d29d46efbdb8919aa59d7261ecae9ff8675
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5ded775fb6e7c927230db4e77d4c9daf076d4cf9fd65ec21aeb182e2a177cfc4
5fb0d060273ca4afd6d617b9fde599720b536c5074df155b18240b265876aa56
66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee
6a976576c30c8355b268f0503b84d260c4f3856bc7b5ce55cacc0ff4b5904595
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af37045545780946e62b0f6421a5be8882fc55dfcb8d9c9c966ba54020007bf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
72b00aceb997e2010d37080f730409763a18030c18aed7af287663c50f65a7f5
75eb901110fe8dc71bf937e53e5e8b0794e0fe0f315814f7423857abf2bf5d9d
7941bdd6e9a47deed782bab18eccfbf84a7bb77fdabdf6fb264c2ad070074f8b
7ad3abc86e39c697cbd14f2cd35d2a023ef906fd62d75f8232d569ec55e02d5b
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8379a29ca2314444fc80430bff96de5c72b36f19b64adb65c7760c70006e0b2f
84e00d3820f15af1b9f392b2164a50229e6d92ce1c4fae2f23c3b5c5f5dd071c
86582d0955786b47d428cc5b400509070afff56dcd8d97341e0bab34595b0560
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
90245cecc57b8784c14d189fe022da65acefb21f4b751134c0b8e438607f186d
91569057dc0449701f94bf73608363b785bd7adc1388d1d020d4149b528eb727
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9cba12a52d9475d30c0acfb64998c48eac7d8f3bc6a959a6ca5da668fd8943ad
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ab127b8fa6eae69dfbfbe79c821b4511819e3e366ce802561c29d0acc93ec732
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
afa138c535b24092f46130621044e679d93335a23e571133e57b04e42f27f1c9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1abfc16178b09de26b11065884d3afebe3c3c1c0a41ab099a83f7ebadd2f2d4
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b983137077f81c960fff5bb7d0110705215444e15b4c0488b9bbf4c9897849ca
ba161899e315035cced4345334ce601f8a380589583cc5a2fec30bae2a50409d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe7656b207b02a7d213b76bce8d50506c00ff0aa8e6b125484cdf2c0c73f2ed
bda0488cafa2fa2eac0079294db23250768172ab0e36269db46a1fdc99d51f67
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
c9c4b6ee5cd74a8dae3caa85f95678aa592c060d18c6f21e37c0d0e1446dc4af
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d10036cce39b0c2bfb70d5d1618f5806ddd2b0be75dd1b3656831f36b0db94bf
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d5f0a30a2c5379450755929935a74d46cae420e9310098e66e6755e655b03ba5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1cc44be5e7551c1ee37881754b7561d630c09d48e8a096755579dbd90da10a
ee72ec2aeaf4009aafbdd583f50b0b12919156aba4b5935a4574b2841c545bdb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6e13231ec40eac8229a1af785e63b6e9b501d10e2b99fa6c301ddebd983692
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

exoduseffect.com Open in urlscan Pro 2606:4700:3108::ac42:2912 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

87 %HTTPS

30 %IPv6

48 Domains

68 Subdomains

55 IPs

8 Countries

1459 kBTransfer

3088 kBSize

62 Cookies

0 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

exoduseffect.com Open in urlscan Pro
2606:4700:3108::ac42:2912 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

87 %
HTTPS

30 %
IPv6

48
Domains

68
Subdomains

55
IPs

8
Countries

1459 kB
Transfer

3088 kB
Size

62
Cookies

110 HTTP transactions
0 data transactions