theexoduseffect.com Open in urlscan Pro
2606:4700:3036::681b:a3f8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C/
Effective URL:
https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Submission: On February 12 via manual (February 12th 2020, 12:26:09 pm UTC) from IN

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3036::681b:a3f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is theexoduseffect.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 30th 2019. Valid for: a year.

This is the only time theexoduseffect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.98.199.131 172.98.199.131	31863 (DACEN-2) (DACEN-2)
1	174.128.224.73 174.128.224.73	46844 (ST-BGP) (ST-BGP)
1 1	3.217.49.197 3.217.49.197	14618 (AMAZON-AES) (AMAZON-AES)
22	2606:4700:303... 2606:4700:3036::681b:a3f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3035::681f:5531	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.201.240.51 195.201.240.51	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
7	2600:9000:20e... 2600:9000:20eb:c200:9:8536:59c0:21	16509 (AMAZON-02) (AMAZON-02)
3	35.190.25.25 35.190.25.25	15169 (GOOGLE) (GOOGLE)
57	12

2 172.98.199.131 (Rochester, United States)

ASN31863 (DACEN-2, US)

www.presideit.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.128.224.73 (Denver, United States)

ASN46844 (ST-BGP, US)
PTR: shop.onetiptop.com

www.riffwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.49.197 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-49-197.compute-1.amazonaws.com

dbhtrkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3036::681b:a3f8 (United States)

ASN13335 (CLOUDFLARENET, US)

theexoduseffect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::681f:5531 (United States)

ASN13335 (CLOUDFLARENET, US)

fastcdnhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.240.51 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cache-05.pushwoosh.com

cdn.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:20eb:c200:9:8536:59c0:21 (United States)

ASN16509 (AMAZON-02, US)

d2tjsej3ucxx0n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.25.25 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	theexoduseffect.com theexoduseffect.com	673 KB
9	gstatic.com fonts.gstatic.com	103 KB
7	cloudfront.net d2tjsej3ucxx0n.cloudfront.net	259 KB
5	fastcdnhost.com fastcdnhost.com	304 KB
3	mixpanel.com api-js.mixpanel.com	541 B
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
2	presideit.info www.presideit.info	858 B
1	mxpnl.com cdn.mxpnl.com	24 KB
1	pushwoosh.com cdn.pushwoosh.com	106 KB
1	dbhtrkg.com 1 redirects dbhtrkg.com	745 B
1	riffwork.com www.riffwork.com	381 B
57	11

	Domain	Requested by
22	theexoduseffect.com	www.riffwork.com theexoduseffect.com
9	fonts.gstatic.com	ajax.googleapis.com
7	d2tjsej3ucxx0n.cloudfront.net	fastcdnhost.com
5	fastcdnhost.com	theexoduseffect.com
3	api-js.mixpanel.com	cdn.mxpnl.com
2	www.presideit.info	www.presideit.info
1	cdn.mxpnl.com	theexoduseffect.com
1	fonts.googleapis.com	ajax.googleapis.com
1	cdn.pushwoosh.com	theexoduseffect.com
1	ajax.googleapis.com	theexoduseffect.com
1	dbhtrkg.com	1 redirects
1	www.riffwork.com	www.presideit.info
57	12

This site contains no links.

Subject Issuer	Validity	Valid
www.riffwork.com Let's Encrypt Authority X3	`2020-01-26` - `2020-04-25`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-05-30` - `2020-05-29`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.pushwoosh.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-27` - `2020-02-27`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.mixpanel.com RapidSSL RSA CA 2018	`2018-01-11` - `2020-05-01`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Frame ID: FD0AA8298E82B1CB6032B0FB2CC9B6D9
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C/ Page URL
http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C//RDiR3KT/ Page URL
https://www.riffwork.com/cabdf1acbbe78f35e907a830e399d9fadd1cf87c-0-0-0/31447 Page URL
https://dbhtrkg.com/?a=5&c=14&s1=331564&s2=657857407 HTTP 302
https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5= Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

57
Requests

89 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

12
IPs

2
Countries

1481 kB
Transfer

3648 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C/ Page URL
http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C//RDiR3KT/ Page URL
https://www.riffwork.com/cabdf1acbbe78f35e907a830e399d9fadd1cf87c-0-0-0/31447 Page URL
https://dbhtrkg.com/?a=5&c=14&s1=331564&s2=657857407 HTTP 302
https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C/ 220 B
442 B 516ms
462ms Document
text/html 172.98.199.131
DACEN-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C/
Protocol: HTTP/1.1
Server: 172.98.199.131 Rochester, United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6070a1ba3dd9e8294bbae218e4e0ff79563cb8d3259f5577cbf8f278f961c391

Request headers

Host: www.presideit.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 12:25:45 GMT
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=UTF-8
Set-Cookie: RDiR3KT=172.98.199.131
Connection: close
Transfer-Encoding: chunked

GET
H/1.1 200
OK Cookie set / Show response
www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C//RDiR3KT/ 208 B
416 B 519ms
507ms Document
text/html 172.98.199.131
DACEN-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C//RDiR3KT/
Requested by: Host: www.presideit.info
URL: http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C/
Protocol: HTTP/1.1
Server: 172.98.199.131 Rochester, United States, ASN31863 (DACEN-2, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 678189993223e1d8eb855e4b37b78036d9891092da17cc74b4452728c0cdd4a5

Request headers

Host: www.presideit.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: RDiR3KT=172.98.199.131
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C/

Response headers

Date: Wed, 12 Feb 2020 12:25:46 GMT
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=UTF-8
Set-Cookie: RDiR3KT=
Connection: close
Transfer-Encoding: chunked

GET
H/1.1 200
OK Cookie set 31447 Show response
www.riffwork.com/cabdf1acbbe78f35e907a830e399d9fadd1cf87c-0-0-0/ 115 B
381 B 871ms
435ms Document
text/html 174.128.224.73
ST-BGP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riffwork.com/cabdf1acbbe78f35e907a830e399d9fadd1cf87c-0-0-0/31447
Requested by: Host: www.presideit.info
URL: http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C//RDiR3KT/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.128.224.73 Denver, United States, ASN46844 (ST-BGP, US),
Reverse DNS: shop.onetiptop.com
Software: Apache /
Resource Hash: 554a3244d91fe720a095e0b1529f5bfe329aee036fefed91586b86bc1a595c8d

Request headers

Host: www.riffwork.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C//RDiR3KT/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: http://www.presideit.info/1a8ee94edf24d77a4397547405_7c6e435e-010102020001/C//RDiR3KT/

Response headers

Date: Wed, 12 Feb 2020 12:25:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 115
Server: Apache
Set-Cookie: uid22475=657857407-20200212072547-bed829bd444cd2885d4d4a2c82739928-; domain=riffwork.com; path=/; SameSite=None; Secure

GET
H2

200

Primary Request / Show response
theexoduseffect.com/
Redirect Chain

https://dbhtrkg.com/?a=5&c=14&s1=331564&s2=657857407
https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

23 KB
9 KB

403ms
319ms

Document
text/html

2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Requested by

Host: www.riffwork.com
URL: https://www.riffwork.com/cabdf1acbbe78f35e907a830e399d9fadd1cf87c-0-0-0/31447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bc9ea9bb3aaefd8bccd497b30bed1f6af86a3af6c3d379f5055bd52461bdeb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:method: GET
:authority: theexoduseffect.com
:scheme: https
:path: /?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.riffwork.com/cabdf1acbbe78f35e907a830e399d9fadd1cf87c-0-0-0/31447
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://www.riffwork.com/cabdf1acbbe78f35e907a830e399d9fadd1cf87c-0-0-0/31447

Response headers

status: 200
date: Wed, 12 Feb 2020 12:25:48 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8c339611450d59ae244f9e533b5ad0e51581510347; expires=Fri, 13-Mar-20 12:25:47 GMT; path=/; domain=.theexoduseffect.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=ecmd3spm5vd7tnm2623k3to7vr; path=/; domain=.theexoduseffect.com; secure; HttpOnly 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A7%3A%224686623%22%3Bs%3A4%3A%22afid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2283%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A6%3A%22331564%22%3Bs%3A2%3A%22s2%22%3Bs%3A9%3A%22657857407%22%3Bs%3A2%3A%22s3%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A0%3A%22%22%3B%7D%7D; expires=Tue, 12-May-2020 12:25:47 GMT; Max-Age=7776000
strict-transport-security: max-age=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 563e8c1a1998dfa9-FRA
content-encoding: br

Redirect headers

Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Wed, 12 Feb 2020 12:25:26 GMT
Location: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=Ajb2DmJTeEr/1trmFDhOjcG8+O3t4TpI6RJT2cWjNzMKo8VlebFZ9g==; domain=.dbhtrkg.com; path=/; HttpOnly trk=fPK1jwGS2Xf/1trmFDhOjcG8+O3t4TpI6RJT2cWjNzMKo8VlebFZ9g==; domain=.dbhtrkg.com; expires=Wed, 12-Feb-2025 07:25:27 GMT; path=/; HttpOnly c11=Ajb2DmJTeEp+LrUFfAU9r9pnoT/AEDhAqV7J8+YRKg0=; domain=.dbhtrkg.com; expires=Fri, 13-Mar-2020 12:25:27 GMT; path=/; HttpOnly
Connection: close

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 04 Feb 2020 17:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 672825
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 17:32:03 GMT

GET
H2 200 reset.css
theexoduseffect.com/assets/style/ 923 B
564 B 32ms
29ms Stylesheet
text/css 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theexoduseffect.com/assets/style/reset.css?v=10001

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c66125e56c6f77e4ae6e45ce3b9d29d46efbdb8919aa59d7261ecae9ff8675

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4284516
cf-polished: origSize=1270
status: 200
last-modified: Wed, 15 May 2019 23:48:52 GMT
server: cloudflare
etag: W/"5e0aed-4f6-588f5caa92100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css
access-control-allow-origin: *
expires: Tue, 01 Sep 2020 15:10:34 GMT
cache-control: max-age=31536000
cf-ray: 563e8c1c2fc0dfa9-FRA
cf-bgj: minify

GET
H2 200 global.css
theexoduseffect.com/assets/style/ 6 KB
2 KB 31ms
28ms Stylesheet
text/css 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theexoduseffect.com/assets/style/global.css?v=10008

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fe67ae34afa6879faa5959ebac06a72e0543a64f40061879d3d22a39760e77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4284516
cf-polished: origSize=8326
status: 200
last-modified: Tue, 02 Jul 2019 22:37:10 GMT
server: cloudflare
etag: W/"5e0ae7-2086-58cba629fd180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css
access-control-allow-origin: *
expires: Tue, 01 Sep 2020 15:10:34 GMT
cache-control: max-age=31536000
cf-ray: 563e8c1c2fc9dfa9-FRA
cf-bgj: minify

GET
H2 200 forms.css
theexoduseffect.com/assets/style/ 3 KB
946 B 39ms
36ms Stylesheet
text/css 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theexoduseffect.com/assets/style/forms.css?v=10003

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a61cd30dc3a8a2363c1dd41aaa25cfe66b8780d8f1d652bc74e3d2d66fad91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4280516
cf-polished: origSize=4468
status: 200
last-modified: Thu, 20 Jun 2019 21:22:15 GMT
server: cloudflare
etag: W/"5e0ae6-1174-58bc7f09b0fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css
access-control-allow-origin: *
expires: Tue, 15 Sep 2020 10:51:03 GMT
cache-control: max-age=31536000
cf-ray: 563e8c1c2fcddfa9-FRA
cf-bgj: minify

GET
H2 200 buttons.css
theexoduseffect.com/assets/style/ 4 KB
1 KB 31ms
28ms Stylesheet
text/css 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theexoduseffect.com/assets/style/buttons.css?v=10003

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef6e13231ec40eac8229a1af785e63b6e9b501d10e2b99fa6c301ddebd983692

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3096080
cf-polished: origSize=5452
status: 200
last-modified: Mon, 10 Jun 2019 22:01:45 GMT
server: cloudflare
etag: W/"5e0acc-154c-58aff5374a440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css
access-control-allow-origin: *
expires: Tue, 01 Sep 2020 15:55:40 GMT
cache-control: max-age=31536000
cf-ray: 563e8c1c2fd1dfa9-FRA
cf-bgj: minify

GET
H2 200 jquery-2.2.0.min.js Show response
theexoduseffect.com/assets/scripts/ 84 KB
29 KB 41ms
38ms Script
application/javascript 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theexoduseffect.com/assets/scripts/jquery-2.2.0.min.js?v=10001

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 485
etag: W/"14e55-593f4978bec33-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
cf-ray: 563e8c1c282cdfa9-FRA

GET
H2 200 global.min.js Show response
theexoduseffect.com/assets/scripts/ 7 KB
3 KB 37ms
34ms Script
application/javascript 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theexoduseffect.com/assets/scripts/global.min.js?v=10001

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3c5f834243e251c68143b161e8a857829031c826c84a5323e73178172d7e802

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 May 2019 21:13:46 GMT
server: cloudflare
age: 440842
etag: W/"5e0ac9-1b65-588df82237680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=0
cf-ray: 563e8c1c282fdfa9-FRA
expires: Tue, 01 Sep 2020 15:10:34 GMT

GET
H2 200 videojs.min.js Show response
fastcdnhost.com/shared/videojs20180711/ 386 KB
99 KB 63ms
22ms Script
application/javascript 2606:4700:3035::681f:5531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdnhost.com/shared/videojs20180711/videojs.min.js?v=10002
Requested by: Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da72d9aa3422e0794715e9ae41458d1236b8e23a310388f533cfe6380b6dca64

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Jul 2018 19:38:06 GMT
server: cloudflare
age: 7132
etag: W/"f0fc80ebd2abb9ecc0d74b68bd790d44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=259200
cf-ray: 563e8c1c69ad3233-FRA
x-amz-request-id: EE93EB52959736B6
x-amz-id-2: /0WafXACogA4fZCc3q5aIczPRZwuCW8xPiSMVC6KpTZ0KydDfMsoe1TlxFGD+bVz3MH1McTmHnw=

GET
H2 200 dash.all.min.js Show response
fastcdnhost.com/shared/videojs20180711/ 556 KB
140 KB 91ms
50ms Script
application/javascript 2606:4700:3035::681f:5531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdnhost.com/shared/videojs20180711/dash.all.min.js?v=10002
Requested by: Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a57c67d03a5e0f843d45d214fb2e0c60ff5987d2d7eed409d1683e06b819748b

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Jul 2018 19:38:04 GMT
server: cloudflare
age: 7131
etag: W/"ae53e67baa0a4442ce751ca7219fcddd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=259200
cf-ray: 563e8c1c69af3233-FRA
x-amz-request-id: DF68216FB54E9BB4
x-amz-id-2: mipUlQvWac/NEH2bRRXnSdhb8FLKTPKcDy7PPPWthDzO8Prc0OUaZqPHQ5lkDRnrKxDWtk04IpY=

GET
H2 200 videojs-dash.min.js Show response
fastcdnhost.com/shared/videojs20180711/ 8 KB
3 KB 59ms
18ms Script
application/javascript 2606:4700:3035::681f:5531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdnhost.com/shared/videojs20180711/videojs-dash.min.js?v=10002
Requested by: Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db0e52f266c0f7905e647dba377cb25f8aca8a152c50cebfdbb2c59e08e4245

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Jul 2018 19:38:07 GMT
server: cloudflare
age: 7131
etag: W/"4d2e75df4236af04131acf45a77e6020"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=259200
cf-ray: 563e8c1c69b53233-FRA
x-amz-request-id: 2AF50A71410D858C
x-amz-id-2: Yfx05IM4cvWDAknS0zvU028URJhvdNhouT3RFpTY3Hsvi0GnHoJpZ6RGESJ/cZwlw1Q3EHDjImI=

GET
H2 200 videojs-contrib-hls.min.js Show response
fastcdnhost.com/shared/videojs20180711/ 227 KB
53 KB 60ms
19ms Script
application/javascript 2606:4700:3035::681f:5531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdnhost.com/shared/videojs20180711/videojs-contrib-hls.min.js?v=10002
Requested by: Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e01d2473096e9ebafb493d80dce879d677d52f4bb5715df39c46de4ab7466b0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Jul 2018 19:38:06 GMT
server: cloudflare
age: 7131
etag: W/"3adeebb3bdecfce17a1fc6bb074d184c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=259200
cf-ray: 563e8c1c69b63233-FRA
x-amz-request-id: 787409055E8B98A7
x-amz-id-2: qvFiPS0d99IZYisP03RhvwEya64Qr6zH0I1HH8ZXlRwMfOl/32WwIq9q1Eee8G9cvqRVaidL6OQ=

GET
H2 200 video-js.min.css
fastcdnhost.com/shared/videojs20180711/ 38 KB
10 KB 58ms
17ms Stylesheet
text/css 2606:4700:3035::681f:5531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdnhost.com/shared/videojs20180711/video-js.min.css?v=10002
Requested by: Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac3413e159dc43ed92cc5180595cc75bae4e95e722a021100c0898d9922f8b96

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Jul 2018 19:38:05 GMT
server: cloudflare
age: 2693
etag: W/"f42acd51904ead4e027ccf24cc753a9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=259200
cf-ray: 563e8c1c69ab3233-FRA
x-amz-request-id: E6E31B65A4479A1F
x-amz-id-2: AgZTyTwDGni7EKKatfIilJoiO1fdKI4S1rKYjMaZ18wgdkI4/+AWQGXkw2Dg7oEAYjeaN/0tTrQ=

GET
H2 200 VSL.css
theexoduseffect.com/assets/style/ 8 KB
2 KB 39ms
37ms Stylesheet
text/css 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theexoduseffect.com/assets/style/VSL.css?v=10016

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0499437281d608cc610b05cf9eca02568e5bd5be10074afa2008be18ff9e97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3325622
cf-polished: origSize=10188
status: 200
last-modified: Wed, 18 Sep 2019 16:17:10 GMT
server: cloudflare
etag: W/"5e0b03-27cc-592d62b42ad80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css
access-control-allow-origin: *
expires: Thu, 17 Sep 2020 16:35:30 GMT
cache-control: max-age=31536000
cf-ray: 563e8c1c2fd4dfa9-FRA
cf-bgj: minify

GET
H2 200 slideInOnScroll.css
theexoduseffect.com/assets/style/ 2 KB
628 B 34ms
32ms Stylesheet
text/css 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theexoduseffect.com/assets/style/slideInOnScroll.css?v=10001

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d852a478da86a57ea6001d3c6189a400023c810dcb89fc57e64c8283dff7ee9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 661872
cf-polished: origSize=2925
status: 200
last-modified: Wed, 31 Jul 2019 18:00:29 GMT
server: cloudflare
etag: W/"5e0c47-b6d-58efde6868940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css
access-control-allow-origin: *
expires: Tue, 15 Sep 2020 10:51:03 GMT
cache-control: max-age=31536000
cf-ray: 563e8c1c282bdfa9-FRA
cf-bgj: minify

GET
H2 200 pushwoosh-web-notifications.js Show response
cdn.pushwoosh.com/webpush/v3/ 415 KB
106 KB 71ms
23ms Script
application/javascript 195.201.240.51
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.240.51 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

cache-05.pushwoosh.com

Software

nginx /

Resource Hash

67e091580581d1fbf936acd639957769269dea281ab0b41e904b16ed31599b30

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 10:10:37 GMT
server: nginx
etag: W/"a3977f8d6f8562ed66aca7f5003bd3fc-1"
x-cache-status: HIT
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=86400, public
content-security-policy: block-all-mixed-content
x-proxy-cache: HIT
x-xss-protection: 1; mode=block
expires: Thu, 13 Feb 2020 12:25:48 GMT

GET
H2 200 unmute.svg
theexoduseffect.com/assets/images/ 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/unmute.svg

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

574be775e6c5a0ceee6f9a3b93c92fc987fb0f9bdb12f932fa2f25d05ee93c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 739
etag: W/"9a8-593f4978bec33-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
cf-ray: 563e8c1c6873dfa9-FRA

GET
H2 200 bundleWithGuarantee.png
theexoduseffect.com/assets/images/lander/ 208 KB
209 KB 18ms
18ms Image
image/png 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/lander/bundleWithGuarantee.png

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e2e1aaf4c4f2100a397cf272da178c54d3a3b520dbf66407b23b2a0bf6e975b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 739
etag: "3414c-593f4978b1171"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1c88d2dfa9-FRA
content-length: 213324

GET
H2 200 cc.png
theexoduseffect.com/assets/images/ 9 KB
9 KB 11ms
10ms Image
image/png 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/cc.png

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0efc4ba5749dcb7fc2145c5fc64625ee173c8583b09d973728081cac491ba4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 739
etag: "2536-593f4978a6590"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1cb948dfa9-FRA
content-length: 9526

GET
H2 200 bulletBible.png
theexoduseffect.com/assets/images/lander/ 62 KB
62 KB 87ms
78ms Image
image/png 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/lander/bulletBible.png

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e38372d8696f210809f6821f0b00c84e57beff6b12b40bdba9954c257bb3b0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 739
etag: "f630-593f4978ab3b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1ce9e6dfa9-FRA
content-length: 63024

GET
H2 200 bulletHealing.png
theexoduseffect.com/assets/images/lander/ 50 KB
50 KB 19ms
14ms Image
image/png 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/lander/bulletHealing.png

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ab0932269d9897fd43c2bcda82dc75121d96bea933bd64726bc772e054ca7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 739
etag: "c6f0-593f4978ab3b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1d5b16dfa9-FRA
content-length: 50928

GET
H2 200 bulletChristian.png
theexoduseffect.com/assets/images/lander/ 55 KB
55 KB 18ms
13ms Image
image/png 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/lander/bulletChristian.png

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4534203d73df094bf991ad0f42631889f0a020e90a00b311e76406822f5512ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 739
etag: "dd18-593f4978ab3b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1d5b18dfa9-FRA
content-length: 56600

GET
H2 200 bulletGovernment.png
theexoduseffect.com/assets/images/lander/ 44 KB
44 KB 19ms
14ms Image
image/png 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/lander/bulletGovernment.png

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89023b58f2a45258a944bc9f9cd9ffcbb5baa350203010d6c2056c2530958e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 739
etag: "ae59-593f4978ab3b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1d5b19dfa9-FRA
content-length: 44633

GET
H2 200 footerLogos.png
theexoduseffect.com/assets/images/ 37 KB
37 KB 17ms
12ms Image
image/png 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/footerLogos.png

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cef09f5e98efbeb5659fb34004c5aeca4567510851c513af1643f68d15b9bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 739
etag: "9261-593f4978a7530"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1d5b1adfa9-FRA
content-length: 37473

GET
H2 200 footerLogosMobile.png
theexoduseffect.com/assets/images/ 50 KB
50 KB 17ms
13ms Image
image/png 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/footerLogosMobile.png

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a6ee5804cc1e4646865c6b9cda468e10d41601124895fe802fccf7731dec51

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 739
etag: "c70b-593f4978a7530"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1d5b1bdfa9-FRA
content-length: 50955

GET
H2 200 slideInOnScroll.js Show response
theexoduseffect.com/assets/scripts/ 729 B
425 B 29ms
25ms Script
application/javascript 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theexoduseffect.com/assets/scripts/slideInOnScroll.js?v=10001

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c61058d7b2a016cd6de6887a2fd4c4baf43babd098120c573cf5f386b5d37a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 52108
cf-polished: origSize=1480
status: 200
last-modified: Wed, 31 Jul 2019 17:58:39 GMT
server: cloudflare
etag: W/"5e0c32-5c8-58efddff811c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
expires: Tue, 15 Sep 2020 10:45:07 GMT
cache-control: max-age=31536000
cf-ray: 563e8c1d5b1cdfa9-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b07149244167b3cccb036401d1f11fe7fc983daae07a50951708b039da5e2b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 12:25:48 GMT
server: ESF
date: Wed, 12 Feb 2020 12:25:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Feb 2020 12:25:48 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v21/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1866533cfaaab8f46695c9eb600c6cefe4079badc7f14de3ca1be142fc39b718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 13:00:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:32 GMT
server: sffe
age: 689117
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12000
x-xss-protection: 0
expires: Wed, 03 Feb 2021 13:00:31 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v21/ 12 KB
12 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 22:10:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:46 GMT
server: sffe
age: 1001715
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12256
x-xss-protection: 0
expires: Sat, 30 Jan 2021 22:10:33 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v21/ 12 KB
12 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 21:51:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:58 GMT
server: sffe
age: 1002882
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12192
x-xss-protection: 0
expires: Sat, 30 Jan 2021 21:51:06 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v21/ 12 KB
12 KB 12ms
8ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6hPvhPQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a669ca5c6a5fa198da92d2d9578fc18e9f9983bda9b531aae0a64123583a988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 10:11:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:52 GMT
server: sffe
age: 958485
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12268
x-xss-protection: 0
expires: Sun, 31 Jan 2021 10:11:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 02:00:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 728695
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Wed, 03 Feb 2021 02:00:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 11ms
8ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 11:35:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 953416
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Sun, 31 Jan 2021 11:35:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 03:48:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 722253
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Wed, 03 Feb 2021 03:48:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 1078529
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700,800,900%7CRoboto:300,400,500,600,700,800,900
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 16:28:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:08 GMT
server: sffe
age: 676667
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11012
x-xss-protection: 0
expires: Wed, 03 Feb 2021 16:28:01 GMT

GET
BLOB 200
OK 6ce351ec-0997-4a4c-8e9e-7a51bdcbf74d
https://theexoduseffect.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://theexoduseffect.com/6ce351ec-0997-4a4c-8e9e-7a51bdcbf74d
Requested by: Host: fastcdnhost.com
URL: https://fastcdnhost.com/shared/videojs20180711/videojs.min.js?v=10002
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 72 KB
24 KB 24ms
6ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1901:0:498c:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 51b93d3a0f08a7a996cd669bae8b086be6a590d49f18406716c495f8f339a5aa

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 10:15:40 GMT
content-encoding: gzip
age: 7808
status: 200
x-guploader-uploadid: AEnB2UoOoFk2iLQLxumT7ziXRarKchlOVDWAchEay-6N0YQS6tvP09lQYBoHRRWDQD6WNQ8ji4L4vCx-srPHDWis8i8sgyNQaMv0aYcP_5X9JkVv_QkHgVU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 24310
last-modified: Wed, 05 Feb 2020 00:17:19 GMT
server: UploadServer
etag: "77f71aec224927ea65e55fb94c97632f"
vary: Accept-Encoding
x-goog-hash: crc32c=d/v9hw==, md5=d/ca7CJJJ+pl5V+5TJdjLw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1580861839915277
cache-control: public,max-age=86400
x-goog-stored-content-length: 24310
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 13 Feb 2020 10:15:40 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 startThumbA4.jpg
theexoduseffect.com/assets/images/lander/VSL/ 61 KB
61 KB 10ms
10ms Image
image/jpeg 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/lander/VSL/startThumbA4.jpg

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29675b6015906345d9d557c767360530cbe848c571f847c7bb7f1b9e69e7e745

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 734
etag: "f294-593f4978a84d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1d8ba9dfa9-FRA
content-length: 62100

GET
H2 200 timelineSegmentRight.png
theexoduseffect.com/assets/images/lander/ 24 KB
24 KB 13ms
13ms Image
image/png 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/lander/timelineSegmentRight.png

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9cf00da3ed66835c3383eefe3ece96b304fe05d61d742104bbfafcde4ca282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/assets/style/VSL.css?v=10016
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 734
etag: "5f55-593f4978b1171"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1d8bafdfa9-FRA
content-length: 24405

GET
H2 200 timelineSegmentLeft.png
theexoduseffect.com/assets/images/lander/ 24 KB
24 KB 12ms
12ms Image
image/png 2606:4700:3036::681b:a3f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theexoduseffect.com/assets/images/lander/timelineSegmentLeft.png

Requested by

Host: theexoduseffect.com
URL: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:a3f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7c2fbcdf7ea62bdeae2d3b3a1e7fe72278e4d3438ff9ec98713a08d6b0d4c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://theexoduseffect.com/assets/style/VSL.css?v=10016
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
server: cloudflare
age: 733
etag: "5f11-593f4978b1171"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=0
accept-ranges: bytes
cf-ray: 563e8c1d8bb1dfa9-FRA
content-length: 24337

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 160b7aa56dbf29ae9d6fda2ddadd4d48f1894b8bb2d7c1b733bce0f40d059ee0

Request headers

Origin: https://theexoduseffect.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
BLOB 200
OK 16a62c14-4cfc-4f00-93fe-605d6c3d15be
https://theexoduseffect.com/ 227 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://theexoduseffect.com/16a62c14-4cfc-4f00-93fe-605d6c3d15be
Requested by: Host: fastcdnhost.com
URL: https://fastcdnhost.com/shared/videojs20180711/videojs-contrib-hls.min.js?v=10002
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 325e69cb1fa7db3e79fd043dbb10cba81005b8c2d7d69804a68363bd875a24ad

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 232484
Content-Type: text/javascript

GET
H2 200 VSL_20200124_A4.11.m3u8 Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/ 1 KB
738 B 440ms
396ms XHR
application/x-mpegurl 2600:9000:20eb:c200:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/VSL_20200124_A4.11.m3u8
Requested by: Host: fastcdnhost.com
URL: https://fastcdnhost.com/shared/videojs20180711/videojs.min.js?v=10002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:c200:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e586c4f68e15ff7d0e57ccf2b23c00d1495e2ea0a794b468e2c168fccf529a92

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 12:25:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 21:02:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
status: 200
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: yWcOQtcNLXr1ieELpRDfZ9aNaREKROavIYaQM16dZQeatyYjvcEkeA==
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)

GET
H2 200 / Show response
api-js.mixpanel.com/decide/ 65 B
143 B 93ms
31ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=7e39486288b2ddbda61d846737af38ff&ip=1&_=1581510348491
Requested by: Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.25.25 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.25.190.35.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://theexoduseffect.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
74 B 100ms
43ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/track/?ip=1&_=1581510348496
Requested by: Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.25.25 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.25.190.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://theexoduseffect.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
alt-svc: clear
content-length: 1

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
324 B 85ms
30ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/track/?ip=1&_=1581510348498
Requested by: Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.25.25 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.25.190.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Feb 2020 12:25:48 GMT
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://theexoduseffect.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: clear
content-length: 1

GET
H2 200 VSL_20200124_A4.11hls10_v4.m3u8 Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/ 45 KB
6 KB 424ms
423ms XHR
application/x-mpegurl 2600:9000:20eb:c200:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/VSL_20200124_A4.11hls10_v4.m3u8
Requested by: Host: fastcdnhost.com
URL: https://fastcdnhost.com/shared/videojs20180711/videojs.min.js?v=10002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:c200:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4a59b2b64ec11415f4000fe13406df57bfb8be0ec5dbed8324981e8b910182a

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 12:25:50 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 21:01:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
status: 200
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: O4pqSeGhF4rMkru6-YGTd0eNgpEGflZ5-Qv7kZLxsw0mul5AqwJCyg==
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)

GET
H2 200 VSL_20200124_A4.11hls_audio_160k_v4.m3u8 Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/ 70 KB
7 KB 397ms
396ms XHR
application/x-mpegurl 2600:9000:20eb:c200:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/VSL_20200124_A4.11hls_audio_160k_v4.m3u8
Requested by: Host: fastcdnhost.com
URL: https://fastcdnhost.com/shared/videojs20180711/videojs.min.js?v=10002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:c200:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3512ceef81590f8f5e3635e12912aaffee8e30ef4701be7cac818bb29e42f3f4

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 12:25:50 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 20:56:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
status: 200
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: wrkIf8H-APXJbNjvrPxnl97ucEVH0DbqSgIEqlWWrKoQhs6RnROlgw==
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)

GET
BLOB 200
OK cedf7067-838b-4f2d-91f2-856f2f2ead76
https://theexoduseffect.com/ 227 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://theexoduseffect.com/cedf7067-838b-4f2d-91f2-856f2f2ead76
Requested by: Host: fastcdnhost.com
URL: https://fastcdnhost.com/shared/videojs20180711/videojs-contrib-hls.min.js?v=10002
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53052e0d95a599e5b4a75fbd5b929fb1b122d5431d8fca28c02bc23b02a85279

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 232601
Content-Type: text/javascript

OPTIONS
H2 200 VSL_20200124_A4.11hls10.ts Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/ 0
313 B 495ms
495ms XHR
text/plain 2600:9000:20eb:c200:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/VSL_20200124_A4.11hls10.ts
Requested by: Host: fastcdnhost.com
URL: https://fastcdnhost.com/shared/videojs20180711/videojs.min.js?v=10002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:c200:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://theexoduseffect.com
Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: range

Response headers

date: Wed, 12 Feb 2020 12:25:50 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA2-C1
vary: Origin
access-control-allow-methods: GET, POST, HEAD
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
content-length: 0
x-amz-cf-id: mb90T1GhOC94j3-OjHhmgfsyy9EigwZwp4hY9fGxaqB1pTQ6RMi1rQ==
access-control-allow-headers: range

GET
H2 206 VSL_20200124_A4.11hls10.ts Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/ 131 KB
132 KB 375ms
375ms XHR
video/mp2t 2600:9000:20eb:c200:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/VSL_20200124_A4.11hls10.ts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:c200:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b09d12a153935ff92879c68f3e38f5718aa3b8009017cbb0f0bbc3cef9aea3d

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-134419

Response headers

date: Wed, 12 Feb 2020 12:25:51 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
status: 206
Content-Length: 134420
Content-Range: bytes 0-134419/118681956
last-modified: Fri, 24 Jan 2020 21:01:19 GMT
server: AmazonS3
etag: "ed21a80388522225a7eb0fa2ce7af76f-23"
vary: Origin
access-control-allow-methods: GET, POST, HEAD
content-type: video/MP2T
access-control-allow-origin: *
accept-ranges: bytes
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: BUuL9eH1HwG2B-o_nHwV5hZgaoaPrptVDQ7m1lU2xDDVbs70uh5g-w==

GET
BLOB 200
OK 3bc09a1f-4e21-402f-b813-ba7b05c88927
https://theexoduseffect.com/ 227 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://theexoduseffect.com/3bc09a1f-4e21-402f-b813-ba7b05c88927
Requested by: Host: fastcdnhost.com
URL: https://fastcdnhost.com/shared/videojs20180711/videojs-contrib-hls.min.js?v=10002
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f0e6a492e34b373b6e0e8d862da2514ca13201c2625e7422fb2dbad91e7c21

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 232717
Content-Type: text/javascript

OPTIONS
H2 200 VSL_20200124_A4.11hls_audio_160k.ts Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/ 0
313 B 363ms
363ms XHR
text/plain 2600:9000:20eb:c200:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/VSL_20200124_A4.11hls_audio_160k.ts
Requested by: Host: fastcdnhost.com
URL: https://fastcdnhost.com/shared/videojs20180711/videojs.min.js?v=10002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:c200:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://theexoduseffect.com
Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: range

Response headers

date: Wed, 12 Feb 2020 12:25:51 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA2-C1
vary: Origin
access-control-allow-methods: GET, POST, HEAD
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
content-length: 0
x-amz-cf-id: U3oJOnrVjW0pSeRPHeuy9zPjNovEKsP--L8y4kuSTKDVu-UXQetc0A==
access-control-allow-headers: range

GET
H2 206 VSL_20200124_A4.11hls_audio_160k.ts Show response
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/ 112 KB
112 KB 577ms
577ms XHR
audio/mp2t 2600:9000:20eb:c200:9:8536:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tjsej3ucxx0n.cloudfront.net/video/VSL_20200124_A4.11/VSL_20200124_A4.11hls_audio_160k.ts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:c200:9:8536:59c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02fbc8c8109abd7267789e1f21f175c81179c7f9c8cd686bce6f4eb32309cab5

Request headers

Referer: https://theexoduseffect.com/?id=4686623&affid=5&cid=83&s1=331564&s2=657857407&s3=&s4=&s5=
Origin: https://theexoduseffect.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-114303

Response headers

date: Wed, 12 Feb 2020 12:25:51 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
status: 206
Content-Length: 114304
Content-Range: bytes 0-114303/85544512
last-modified: Fri, 24 Jan 2020 20:56:44 GMT
server: AmazonS3
etag: "343f9fa52f9bb83b9c8a5236c122cd01-17"
vary: Origin
access-control-allow-methods: GET, POST, HEAD
content-type: audio/MP2T
access-control-allow-origin: *
accept-ranges: bytes
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: Y2eHf7UViQtCfzQQm1GbfqCZpNoSUcN2nfqNMX9KAi3rhrpWWdyksA==

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theexoduseffect.com/	1970-01-19 16:04:06	Name: mp_7e39486288b2ddbda61d846737af38ff_mixpanel Value: %7B%22distinct_id%22%3A%20%22170395ccec8561-0071d3c7dbb953-37647e03-1d4c00-170395ccec9867%22%2C%22%24device_id%22%3A%20%22170395ccec8561-0071d3c7dbb953-37647e03-1d4c00-170395ccec9867%22%2C%22rrsVersion%22%3A%20%223.5%22%2C%22deviceType%22%3A%20%22desktop%22%2C%22afid%22%3A%20%225%22%2C%22ipaddr%22%3A%20%222a01%3A4f8%3A192%3A5414%3A%3A2%22%2C%22useragent%22%3A%20%22mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36%22%2C%22domain%22%3A%20%22theexoduseffect.com%22%2C%22hostingProvider%22%3A%20%22DigitalOcean%22%2C%22subid1%22%3A%20%22331564%22%2C%22subid2%22%3A%20%22657857407%22%2C%22autoplay%22%3A%20true%2C%22playbackRate%22%3A%201.1%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.riffwork.com%2Fcabdf1acbbe78f35e907a830e399d9fadd1cf87c-0-0-0%2F31447%22%2C%22%24initial_referring_domain%22%3A%20%22www.riffwork.com%22%7D
theexoduseffect.com/	1970-01-19 09:28:06	Name: 100001_Affiliate Value: a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A7%3A%224686623%22%3Bs%3A4%3A%22afid%22%3Bs%3A1%3A%225%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2283%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A6%3A%22331564%22%3Bs%3A2%3A%22s2%22%3Bs%3A9%3A%22657857407%22%3Bs%3A2%3A%22s3%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A0%3A%22%22%3B%7D%7D
.theexoduseffect.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ecmd3spm5vd7tnm2623k3to7vr
.theexoduseffect.com/	1970-01-19 08:01:42	Name: __cfduid Value: d8c339611450d59ae244f9e533b5ad0e51581510347

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://fastcdnhost.com/shared/videojs20180711/videojs.min.js?v=10002(Line 12) Message: VIDEOJS: WARN: A plugin named "reloadSourceOnError" already exists. You may want to avoid re-registering plugins!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-js.mixpanel.com
cdn.mxpnl.com
cdn.pushwoosh.com
d2tjsej3ucxx0n.cloudfront.net
dbhtrkg.com
fastcdnhost.com
fonts.googleapis.com
fonts.gstatic.com
theexoduseffect.com
www.presideit.info
www.riffwork.com
172.98.199.131
174.128.224.73
195.201.240.51
2600:1901:0:498c::
2600:9000:20eb:c200:9:8536:59c0:21
2606:4700:3035::681f:5531
2606:4700:3036::681b:a3f8
2a00:1450:4001:815::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::200a
3.217.49.197
35.190.25.25
02fbc8c8109abd7267789e1f21f175c81179c7f9c8cd686bce6f4eb32309cab5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0efc4ba5749dcb7fc2145c5fc64625ee173c8583b09d973728081cac491ba4fc
10c61058d7b2a016cd6de6887a2fd4c4baf43babd098120c573cf5f386b5d37a
160b7aa56dbf29ae9d6fda2ddadd4d48f1894b8bb2d7c1b733bce0f40d059ee0
1866533cfaaab8f46695c9eb600c6cefe4079badc7f14de3ca1be142fc39b718
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
29675b6015906345d9d557c767360530cbe848c571f847c7bb7f1b9e69e7e745
2ab0932269d9897fd43c2bcda82dc75121d96bea933bd64726bc772e054ca7ab
2fe67ae34afa6879faa5959ebac06a72e0543a64f40061879d3d22a39760e77e
325e69cb1fa7db3e79fd043dbb10cba81005b8c2d7d69804a68363bd875a24ad
3512ceef81590f8f5e3635e12912aaffee8e30ef4701be7cac818bb29e42f3f4
3db0e52f266c0f7905e647dba377cb25f8aca8a152c50cebfdbb2c59e08e4245
4534203d73df094bf991ad0f42631889f0a020e90a00b311e76406822f5512ff
4bc9ea9bb3aaefd8bccd497b30bed1f6af86a3af6c3d379f5055bd52461bdeb8
51b93d3a0f08a7a996cd669bae8b086be6a590d49f18406716c495f8f339a5aa
53052e0d95a599e5b4a75fbd5b929fb1b122d5431d8fca28c02bc23b02a85279
554a3244d91fe720a095e0b1529f5bfe329aee036fefed91586b86bc1a595c8d
574be775e6c5a0ceee6f9a3b93c92fc987fb0f9bdb12f932fa2f25d05ee93c58
58c66125e56c6f77e4ae6e45ce3b9d29d46efbdb8919aa59d7261ecae9ff8675
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
6070a1ba3dd9e8294bbae218e4e0ff79563cb8d3259f5577cbf8f278f961c391
63a6ee5804cc1e4646865c6b9cda468e10d41601124895fe802fccf7731dec51
65f0e6a492e34b373b6e0e8d862da2514ca13201c2625e7422fb2dbad91e7c21
678189993223e1d8eb855e4b37b78036d9891092da17cc74b4452728c0cdd4a5
67e091580581d1fbf936acd639957769269dea281ab0b41e904b16ed31599b30
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e2e1aaf4c4f2100a397cf272da178c54d3a3b520dbf66407b23b2a0bf6e975b
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7a61cd30dc3a8a2363c1dd41aaa25cfe66b8780d8f1d652bc74e3d2d66fad91d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
89023b58f2a45258a944bc9f9cd9ffcbb5baa350203010d6c2056c2530958e9c
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a669ca5c6a5fa198da92d2d9578fc18e9f9983bda9b531aae0a64123583a988
8cef09f5e98efbeb5659fb34004c5aeca4567510851c513af1643f68d15b9bd3
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9b09d12a153935ff92879c68f3e38f5718aa3b8009017cbb0f0bbc3cef9aea3d
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9e01d2473096e9ebafb493d80dce879d677d52f4bb5715df39c46de4ab7466b0
a57c67d03a5e0f843d45d214fb2e0c60ff5987d2d7eed409d1683e06b819748b
ac3413e159dc43ed92cc5180595cc75bae4e95e722a021100c0898d9922f8b96
b07149244167b3cccb036401d1f11fe7fc983daae07a50951708b039da5e2b1f
b4a59b2b64ec11415f4000fe13406df57bfb8be0ec5dbed8324981e8b910182a
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
c7c2fbcdf7ea62bdeae2d3b3a1e7fe72278e4d3438ff9ec98713a08d6b0d4c5a
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d0499437281d608cc610b05cf9eca02568e5bd5be10074afa2008be18ff9e97f
d3c5f834243e251c68143b161e8a857829031c826c84a5323e73178172d7e802
d852a478da86a57ea6001d3c6189a400023c810dcb89fc57e64c8283dff7ee9f
da72d9aa3422e0794715e9ae41458d1236b8e23a310388f533cfe6380b6dca64
e38372d8696f210809f6821f0b00c84e57beff6b12b40bdba9954c257bb3b0a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
e586c4f68e15ff7d0e57ccf2b23c00d1495e2ea0a794b468e2c168fccf529a92
ef6e13231ec40eac8229a1af785e63b6e9b501d10e2b99fa6c301ddebd983692
f9cf00da3ed66835c3383eefe3ece96b304fe05d61d742104bbfafcde4ca282b

theexoduseffect.com Open in urlscan Pro 2606:4700:3036::681b:a3f8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

89 %HTTPS

58 %IPv6

11 Domains

12 Subdomains

12 IPs

2 Countries

1481 kBTransfer

3648 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

theexoduseffect.com Open in urlscan Pro
2606:4700:3036::681b:a3f8 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

89 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

12
IPs

2
Countries

1481 kB
Transfer

3648 kB
Size

4
Cookies

57 HTTP transactions
3 data transactions