secretofexodus.com Open in urlscan Pro
2606:4700:3035::6815:609a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secretofexodus.com/
Effective URL:
https://secretofexodus.com/
Submission: On July 02 via manual (July 2nd 2024, 3:53:22 pm UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 44 IPs in 9 countries across 36 domains to perform 91 HTTP transactions. The main IP is 2606:4700:3035::6815:609a, located in United States and belongs to CLOUDFLARENET, US. The main domain is secretofexodus.com.
TLS certificate: Issued by WE1 on June 22nd 2024. Valid for: 3 months.

This is the only time secretofexodus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3035::6815:609a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:237... 2600:9000:237d:de00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
7	95.217.122.4 95.217.122.4	24940 (HETZNER-AS) (HETZNER-AS)
1	54.230.228.90 54.230.228.90	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:310... 2606:4700:3108::ac42:2add	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.212.97.52 34.212.97.52	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b130:79e9:126b:57f7:7b4e	14618 (AMAZON-AES) (AMAZON-AES)
1	52.2.167.39 52.2.167.39	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.117.16 74.119.117.16	19750 (AS-CRITEO) (AS-CRITEO)
1	2a02:2638:3::19 2a02:2638:3::19	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	5.196.111.73 5.196.111.73	16276 (OVH) (OVH)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	63.32.81.13 63.32.81.13	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	34.249.144.138 34.249.144.138	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.192.166.234 18.192.166.234	16509 (AMAZON-02) (AMAZON-02)
1	35.86.11.69 35.86.11.69	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.77.84.105 3.77.84.105	16509 (AMAZON-02) (AMAZON-02)
1	23.52.181.90 23.52.181.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4216:62d6:8e85:a32:725d	14618 (AMAZON-AES) (AMAZON-AES)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.154.223.27 54.154.223.27	16509 (AMAZON-02) (AMAZON-02)
1	3.127.168.76 3.127.168.76	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
91	44

25 2606:4700:3035::6815:609a (United States)

ASN13335 (CLOUDFLARENET, US)

secretofexodus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:237d:de00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.217.122.4 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.4.122.217.95.clients.your-server.de

cdn.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cp.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-90.muc50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3108::ac42:2add (United States)

ASN13335 (CLOUDFLARENET, US)

file.redhotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.212.97.52 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-97-52.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:79e9:126b:57f7:7b4e (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.167.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-167-39.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::19 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

measurement-api.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.196.111.73 (France)

ASN16276 (OVH, FR)
PTR: ip73.ip-5-196-111.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.81.13 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-81-13.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.144.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-144-138.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.166.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-166-234.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.86.11.69 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-86-11-69.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.77.84.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-84-105.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.181.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-181-90.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:62d6:8e85:a32:725d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.223.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-223-27.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.168.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-168-76.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	secretofexodus.com secretofexodus.com	1 MB
7	pushwoosh.com cdn.pushwoosh.com — Cisco Umbrella Rank: 43043 cp.pushwoosh.com — Cisco Umbrella Rank: 50059	120 KB
7	criteo.com 2 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3735 gum.criteo.com — Cisco Umbrella Rank: 493 sslwidget.criteo.com — Cisco Umbrella Rank: 2141 widget.us.criteo.com — Cisco Umbrella Rank: 23254 measurement-api.criteo.com — Cisco Umbrella Rank: 1866 dis.criteo.com — Cisco Umbrella Rank: 728	28 KB
6	redhotcdn.com file.redhotcdn.com	2 MB
5	gstatic.com fonts.gstatic.com	118 KB
5	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4229 rp.liadm.com — Cisco Umbrella Rank: 1242 rp4.liadm.com — Cisco Umbrella Rank: 5750	110 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 469 fonts.googleapis.com — Cisco Umbrella Rank: 83	39 KB
3	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 650 cm.adform.net — Cisco Umbrella Rank: 1398	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 279	3 KB
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3971 api.amplitude.com — Cisco Umbrella Rank: 2330	20 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 2019	1 KB
2	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 7206	170 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2136	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3126	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 6314	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 46399	153 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 452	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2884	400 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3102	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 560	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 432	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 918	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 831	218 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1228	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1690	884 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 735	817 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 14084	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 772	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 570	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 812	342 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 523	99 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1768	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 729	163 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 394	235 B
1	doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 274	409 B
91	36

	Domain	Requested by
25	secretofexodus.com	secretofexodus.com ajax.googleapis.com cdn.pushwoosh.com
6	file.redhotcdn.com	secretofexodus.com vjs.zencdn.net
5	fonts.gstatic.com	fonts.googleapis.com
4	cp.pushwoosh.com	cdn.pushwoosh.com
3	ib.adnxs.com	2 redirects
3	cdn.pushwoosh.com	secretofexodus.com
3	ajax.googleapis.com	secretofexodus.com
3	b-code.liadm.com	secretofexodus.com
2	c1.adform.net	2 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	api.amplitude.com	cdn.amplitude.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	vjs.zencdn.net	secretofexodus.com
1	cm.adform.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	sync.1rx.io
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	dis.criteo.com
1	x.bidswitch.net
1	cm.g.doubleclick.net
1	measurement-api.criteo.com	sslwidget.criteo.com
1	widget.us.criteo.com	secretofexodus.com
1	sslwidget.criteo.com	1 redirects
1	rp4.liadm.com	secretofexodus.com
1	rp.liadm.com	1 redirects
1	fonts.googleapis.com	ajax.googleapis.com
1	cdn.amplitude.com	secretofexodus.com
1	dynamic.criteo.com	secretofexodus.com
91	47

This site contains links to these domains. Also see Links.

Domain
www.networkadvertising.org

Subject Issuer	Validity	Valid
secretofexodus.com WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.pushwoosh.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-06` - `2025-04-05`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
redhotcdn.com WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-15` - `2024-08-07`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2024-06-13` - `2025-07-14`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.id5-sync.com E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
itm.ivitrack.com R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://secretofexodus.com/
Frame ID: AAA891267BC9BEF998993339025E8F92
Requests: 67 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secretofexodus.com&origin=onetag
Frame ID: 5BA63603679E7C4B40026B4976A5E565
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Bry4PkBoHGR5DoEQukYBnUsXuGe-G90XxIvY1w&google_cm&google_hm=ay1Ccnk0UGtCb0hHUjVEb0VRdWtZQm5Vc1h1R2UtRzkwWHhJdlkxdw
Frame ID: CFDC14EE91761B7BE1BE4B082B7E7610
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Exodus Effect

Page URL History Show full URLs

http://secretofexodus.com/ HTTP 307
https://secretofexodus.com/ Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

91
Requests

90 %
HTTPS

27 %
IPv6

36
Domains

47
Subdomains

44
IPs

9
Countries

3639 kB
Transfer

4921 kB
Size

37
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.networkadvertising.org/managing/opt_out.asp
Title: Network Advertising Initiative opt-out page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secretofexodus.com/ HTTP 307
https://secretofexodus.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://rp.liadm.com/j?dtstmp=1719935597236&aid=b-00k0&se=e30&duid=c194d0be5864--01j1t2cyhn3qx7km5mtwc9dgq4&tv=v2.14.3&pu=https%3A%2F%2Fsecretofexodus.com%2F&wpn=lc-bundle&cd=.secretofexodus.com&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1719935597236&aid=b-00k0&se=e30&duid=c194d0be5864--01j1t2cyhn3qx7km5mtwc9dgq4&tv=v2.14.3&pu=https%3A%2F%2Fsecretofexodus.com%2F&wpn=lc-bundle&cd=.secretofexodus.com&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDExOjgwYzM6NTA2ZTpjMGRj&n3pc=true

Request Chain 52

https://sslwidget.criteo.com/event?a=95287&v=5.26.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=SeoyL195SG4lMkJxNzd5YWpnVThJWnkzS1BHelZZQU5UcnV0VWZQUkRrUjJvbSUyQnNZakZEWTM5Y3FKaDUxbTlscEhMYzhoc25ySDh0VG1IZElNa05UMXVJYUklMkYxOVpRQkJBbmlBVENrRUVJWURMRkVjOWExS2FMOHdnU0FhNjJYM3VpV0s2QWZzNnM0WkoyNXk3UGxLWDJENENucHFMNDdGeThXZmFtamdYdTVhU3R4QWMlM0Q&tld=secretofexodus.com&dy=1&fu=https%253A%252F%252Fsecretofexodus.com%252F&ceid=13ea630a-e012-4201-9e57-c6af506a342d HTTP 302
https://widget.us.criteo.com/event?a=95287&v=5.26.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=SeoyL195SG4lMkJxNzd5YWpnVThJWnkzS1BHelZZQU5UcnV0VWZQUkRrUjJvbSUyQnNZakZEWTM5Y3FKaDUxbTlscEhMYzhoc25ySDh0VG1IZElNa05UMXVJYUklMkYxOVpRQkJBbmlBVENrRUVJWURMRkVjOWExS2FMOHdnU0FhNjJYM3VpV0s2QWZzNnM0WkoyNXk3UGxLWDJENENucHFMNDdGeThXZmFtamdYdTVhU3R4QWMlM0Q&tld=secretofexodus.com&dy=1&fu=https%253A%252F%252Fsecretofexodus.com%252F&ceid=13ea630a-e012-4201-9e57-c6af506a342d

Request Chain 60

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5224361421986588339

Request Chain 65

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--nzJ3EBoHGR5DoEQukYBnUsXuGeL6mG4o2a70w HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--nzJ3EBoHGR5DoEQukYBnUsXuGeL6mG4o2a70w&C=1

Request Chain 66

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=pVQVpPp203bZpjJdWaSHjIjHp6GhI9Ez HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=pVQVpPp203bZpjJdWaSHjIjHp6GhI9Ez

Request Chain 84

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-O7uwr0BoHGR5DoEQukYBnUsXuGc82zF7w-ENAg HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-O7uwr0BoHGR5DoEQukYBnUsXuGc82zF7w-ENAg HTTP 302
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-O7uwr0BoHGR5DoEQukYBnUsXuGc82zF7w-ENAg&adform_v=1

91 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
secretofexodus.com/
Redirect Chain

http://secretofexodus.com/
https://secretofexodus.com/

141 KB
41 KB

237ms
191ms

Document
text/html

2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f429259e0fca92055bff84279d90c6471eec32f2444eca6598639eccdd301863

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89cfcec8296a6679-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 02 Jul 2024 15:53:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fudo82znroSPAWm%2BU6LjFf4IrWptJtmbsVu2r64y2JeFCzNoqQ%2FgE4nIcKKBfOkCdcdh8CdBsy1By45n%2FeV1VdsO9YYTki%2BgDNpomT%2Foul0ftLq0VGvOqiUFkBvvCFov0uJVBD6Q3lnpQU1Lc7eK9hg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nosnippet

Redirect headers

Location: https://secretofexodus.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 b-00k0.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 80ms
38ms Script
application/javascript 2600:9000:237d:de00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/b-00k0.min.js
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:de00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7e3d4522f741676fe84f83ce6c8a280d55b5979f1c342cabd08c410b5edd035b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:47:08 GMT
content-encoding: gzip
via: 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 83169
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: mJx7QfsZvj0S6b1Cw-TU-v0ZkoHtyhu_sDc9l3DbZb6A795XrIrZXA==

GET
H2 200 a-06ld.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 71ms
29ms Script
application/javascript 2600:9000:237d:de00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-06ld.min.js
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:de00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4cba61df8b4d8704f2951523dff696e4a5cb4ca3baa80d94e4682a22e5472936

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:47:08 GMT
content-encoding: gzip
via: 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 83169
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: lbxqA9efusobs1bSvO-clasPupGuawfQDvOZZkFo5qSy3K2qPw44eQ==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 49 KB
21 KB 44ms
12ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=95287

Requested by

Host: secretofexodus.com
URL: https://secretofexodus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

752c098d0a766e2193940025724e86f8d1226a6a6bb3ef7fb1db1e9f15e0397f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 a-09b7.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 15ms
12ms Script
application/javascript 2600:9000:237d:de00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-09b7.min.js
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:de00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8cbd4203d993f20cca27f4328f6792eae40f2655cbf67f52f969cba7d736ff89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 21:00:13 GMT
content-encoding: gzip
via: 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 67984
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: fEYUArFcufaOXzirXSLA9e6J0tRh-RukV9fZQR58iZYAZDamaBGTeg==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: secretofexodus.com
URL: https://secretofexodus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 09:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 09:54:20 GMT

GET
H3 200 global.css
secretofexodus.com/assets/style/ 15 KB
5 KB 35ms
34ms Stylesheet
text/css 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/assets/style/global.css?v=20002
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11304753a6e8a7ebf0895d573068099ea673f96f839519f184fc1e2a8f191039

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5892
cf-polished: origSize=19660
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 01 Aug 2023 17:16:35 GMT
server: cloudflare
etag: W/"4ccc-601dfb5927e38-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQhRYf24nKchDLQsf1KKVp%2Fr4OXRMUSEgGCch8T6NBaQ%2Bm5nAL7gQ3Z0anzcNf0zGvJsxLlXzHTf%2B%2BwH6klEXBFbGFXdr4VBXr8mjj6MliiDJEGvWVLvvtSvq11hVLcnc6mefYvq0ee2cMqz7cuF%2FWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfcec96a886679-AMS

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: secretofexodus.com
URL: https://secretofexodus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 20:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Jul 2025 20:16:14 GMT

GET
H3 200 global.js Show response
secretofexodus.com/assets/scripts/ 11 KB
5 KB 62ms
60ms Script
application/javascript 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/assets/scripts/global.js?v=10001
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 309dcd1052d723b91589e2cbdec7df195c9a42f0191851be6b248de6cd98afcc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5883
cf-polished: origSize=16281
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Dec 2023 23:09:06 GMT
server: cloudflare
etag: W/"3f99-60c07abcc75bf-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Y7bt3QccPdDTkFSsD1ZL9Yn8Uaf8FW139aG07dlvglZCu7QreF2QwF%2F09HtV1%2Fk1wzAOKMPSvEYV90%2B%2FOla5L2XJqOybX7hlFaiL89E6Z2Vf%2BTmUP7a6svuaDxDCA8XEawaIdzeOOCNMRYXH3SwLS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b3e6679-AMS

GET
H3 200 VSL.css
secretofexodus.com/assets/style/VSL/ 12 KB
3 KB 26ms
26ms Stylesheet
text/css 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/assets/style/VSL/VSL.css?v=10004
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7b2d563342014e2fdc7348cc4e00f1a543d37bbdbc1e5c46c7c5b6f1352a688

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5892
cf-polished: origSize=15446
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Dec 2023 23:09:06 GMT
server: cloudflare
etag: W/"3c56-60c07abcc94ff-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7TJSdVKbSShvjsoncyEtZwZfj8q1wijxTIPs8eoYEu%2BgcZgz5dNdQiCRx0R3aMDuvU3vuT%2F%2F782%2BzFM54rsD92hQLWnCMJLzfC1gWnOYsx5xCXgcYAWb%2BRUgIwymUKEvcRQ4N1vsLMeKNYWT00Br0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfcec96a8a6679-AMS

GET
H3 200 slideInOnScroll.css
secretofexodus.com/assets/style/ 2 KB
1 KB 25ms
24ms Stylesheet
text/css 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/assets/style/slideInOnScroll.css?v=10001
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d852a478da86a57ea6001d3c6189a400023c810dcb89fc57e64c8283dff7ee9f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5892
cf-polished: origSize=2925
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Jul 2023 20:45:17 GMT
server: cloudflare
etag: W/"b6d-60169ecdaa70b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2BA0g4YqDlxPMbU7nI2liUo0xQbrZOtKkvcxl95Uw5lfNuBhXoR2OhBWIeShSgLOF1fKsDHAw6%2Bar8B0bccB5prdJYsNb76o9lT2SZuCEsq60X3XvmGcS%2FqVNRLefc5BAumIkU56WsKroEJPeJVn7x0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfcec96a8b6679-AMS

GET
H2 200 video-js.css
vjs.zencdn.net/7.20.2/ 46 KB
11 KB 32ms
10ms Stylesheet
text/css 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.20.2/video-js.css
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220035-FRA
date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 18:58:38 GMT
etag: "92c4f5bba6e24134f07a508819300d2e"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10964
x-cache-hits: 8

GET
H2 200 video.min.js Show response
vjs.zencdn.net/7.20.2/ 569 KB
159 KB 33ms
11ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.20.2/video.min.js
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 55a979130309c3f0d4398298f648e90a8ded2df500fdf3c758e9051ecf6229cb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220035-FRA
date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 18:58:38 GMT
etag: "c038d4c38eb6160ddb328b8944a5422b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
timing-allow-origin: *
content-length: 162713
x-cache-hits: 1

GET
H2 200 pushwoosh-web-notifications.js Show response
cdn.pushwoosh.com/webpush/v3/ 179 KB
34 KB 94ms
26ms Script
text/javascript 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 0c18bcaa99b97a6850450f677b1606bbdcbcd04df34f5a64862f2fbfc35eebe0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: gzip
x-cache-status: HIT
x-amz-storage-class: STANDARD
last-modified: Mon, 24 Jun 2024 10:37:11 GMT
server: nginx
etag: W/"6e0b2f4d70a9802985f0b7d7ae9ee8bf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: text/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=86400, public
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
expires: Wed, 03 Jul 2024 15:53:17 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
0 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: secretofexodus.com
URL: https://secretofexodus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 09:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 09:54:20 GMT

GET
H3 200 heroDesktopA1t.png
secretofexodus.com/assets/images/hero/ 458 KB
459 KB 25ms
25ms Image
image/png 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/hero/heroDesktopA1t.png
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73035e8c2ba7bc19f518e6b1bc729d538a7a9b7ed2f8ca0b31eb21ef61911631

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5882
alt-svc: h3=":443"; ma=86400
content-length: 469463
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
server: cloudflare
etag: "729d7-60169ecd4daae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTJiJHt%2B1RJqP%2BuiM5%2Bp%2B88D8NIcaESg4UgwKlg3kba%2FhTvErAowPK7ahx%2FldDZbFps%2FVCsmZ%2BFmrUHN8Xql5Xv2fsRCFQ1753UVV2yfh2qY6YJ2u6k7EtkEyriSLb1H5zRcNA5LilOXabfpd8VlRSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfcec97a996679-AMS

GET
H3 200 ctaDesktop.jpg
secretofexodus.com/assets/images/lander/VSL/ 47 KB
47 KB 145ms
145ms Image
image/jpeg 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/lander/VSL/ctaDesktop.jpg?v=10002
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baac471c1c739eb5df38c043ab97d3ecf23aab472f70511af0d433da2253456b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5881
alt-svc: h3=":443"; ma=86400
content-length: 47819
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
server: cloudflare
etag: "bacb-60169ecd5098e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8tJVqhkHFDrf%2BtsNkpcgE2uGS85ozzfxdCxmjXaSe0diNZCcxd0nc6NmXs6mrMCwe0kYM%2Baz34tf6x%2Bz7FEOvw%2Fs6RcqT80qVZnuKuePPGJ3NqjeJDUcibnPIorJaD5MRK2e%2FMupaVgkOB282m35His%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfcec97a9a6679-AMS

GET
H3 200 ctaMobile.jpg
secretofexodus.com/assets/images/lander/VSL/ 27 KB
28 KB 49ms
49ms Image
image/jpeg 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/lander/VSL/ctaMobile.jpg?v=10002
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14ca7f5dab60d993d6e496de40a3584f23ffa09ae0f78dc75c7c1f233bd703dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5878
alt-svc: h3=":443"; ma=86400
content-length: 28021
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
server: cloudflare
etag: "6d75-60169ecd5098e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwOEMl26qvrVpZ0k9OXzIqEbY9jXCVYIT8GjpVu1%2FlZEUk0c%2F80gRJi0uPO9MQsLNc%2Bscmnr8bR8UK4xs%2B46nwmgICB9%2Ba5574SCppbb%2Fe4YgSX6nd5WOAXGLoZAmPalkaUYlBugzAlaJQ0kySlzUZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b366679-AMS

GET
H3 200 price67.jpg
secretofexodus.com/assets/images/lander/VSL/ 21 KB
21 KB 52ms
50ms Image
image/jpeg 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/lander/VSL/price67.jpg
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abd87251504843aba43e41c58605e54abc8489c79caad3c1e9eaa02d155cd90e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5878
alt-svc: h3=":443"; ma=86400
content-length: 21206
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
server: cloudflare
etag: "52d6-60169ecd5192e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=toi4Sz3x%2FpcgBqlK7W9vCnB0aSJ3ob1D69%2FBP5FtrhFFDcANnYESoQ4OO3Ug9uzu1%2BXMG9NgmfZVrJ84BRzG%2BBWktzZ9AqeZHSXniv9x3BLm80092KX%2FoSNXpe%2FmFNcIACzirlUposon9KKAZJFtnQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b386679-AMS

GET
H3 200 trustDesktop.jpg
secretofexodus.com/assets/images/lander/VSL/ 15 KB
16 KB 137ms
134ms Image
image/jpeg 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/lander/VSL/trustDesktop.jpg
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd1dfa6765654e85cec85dc6cdb53ad64cc3a3a64d0e010b35838f2c762a6f3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3d06-60169ecd5962d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FxD1CKGErebS5i5oPyXmzSaC5UQVCZ3%2Fz5MvQ4q4Hzp6kn8YowQ4vadVAM56ia7yZGE89DCcoCbFeJfkWlMR5bp%2BauRvjEBeZHpUSZehAXE1ERDFlK8MyFvTrezxC9WyoJbS3mUgIE5Uyf48ANKh0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b3a6679-AMS
content-length: 15622
alt-svc: h3=":443"; ma=86400

GET
H3 200 ajaxYellow.svg
secretofexodus.com/assets/images/ 3 KB
964 B 62ms
61ms Image
image/svg+xml 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/ajaxYellow.svg
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9898853d870512fc480af73452d00d17a5d0c62d3329560d80542f1397b82330

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5878
alt-svc: h3=":443"; ma=86400
content-length: 442
last-modified: Tue, 13 Jun 2023 17:17:19 GMT
server: cloudflare
etag: "d07-5fe0601eb7f3d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfNV4pfV9Vnu5a8Hd0BEfIqi%2FBd9zfFWH97g6Qm0lG4EigVR2KjzEoXQgX%2F1vhtnIQiDDYy3Lvp0S%2Ff7OGJw5PthCy0Pdw6b16755swIZ5F6LM0r2cgg1kb%2BxMZkWHqamOO22B3P0yFuDNOn1vwJJHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b406679-AMS

GET
H3 200 bulletBible.png
secretofexodus.com/assets/images/lander/ 62 KB
62 KB 63ms
62ms Image
image/png 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/lander/bulletBible.png
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e38372d8696f210809f6821f0b00c84e57beff6b12b40bdba9954c257bb3b0a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5878
alt-svc: h3=":443"; ma=86400
content-length: 63024
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
server: cloudflare
etag: "f630-60169ecd5962d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mNrfh8JnMS3toHEzsJ0Bf6stMFPnMu6cSf%2B5obPgUnksqIqXea5fyGJTEW5LcSjyj5l8pUP%2BkvUunSgAeLYKpsFAj4dL5A%2FeCbR7Jxoo%2FbJQ7ndQiLUNXcSKJLoWhf5FIWj18iaLgZHpkPODNaa8gzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b426679-AMS

GET
H3 200 bulletHealing.png
secretofexodus.com/assets/images/lander/ 50 KB
50 KB 73ms
72ms Image
image/png 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/lander/bulletHealing.png
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ab0932269d9897fd43c2bcda82dc75121d96bea933bd64726bc772e054ca7ab

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5878
alt-svc: h3=":443"; ma=86400
content-length: 50928
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
server: cloudflare
etag: "c6f0-60169ecd5962d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ECbkxmjN47EAw3VKfN9rd7Sd1go0MXu9kVF%2B8zL39fTfooqLA7aZavWygUv3EdFNvBtjgjFG5bn%2BIkbYSH8p0rwNJVTGntgvlutj6JsyFWu%2BMCh5Gq3QeOD2JyNUmFRSRIl1ikvCX87GkjfdkhBus7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b436679-AMS

GET
H3 200 bulletChristian.png
secretofexodus.com/assets/images/lander/ 55 KB
56 KB 85ms
84ms Image
image/png 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/lander/bulletChristian.png
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4534203d73df094bf991ad0f42631889f0a020e90a00b311e76406822f5512ff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2698
alt-svc: h3=":443"; ma=86400
content-length: 56600
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
server: cloudflare
etag: "dd18-60169ecd5962d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oxql3mv3cwVd6fgnUx74T5IzJJHnDXZumz6q7F%2FsXkEjwpY0WwfdiQDTF6oyhtFxgnHHGDyKOcWF%2FPYhDnNQXawzBPU2XDz7LsoYy335QRMn9BJuFLs7qo5wo03Vxq03olJfkbMa1FWl0tCv4HIN5sw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b466679-AMS

GET
H3 200 bulletWarning.png
secretofexodus.com/assets/images/lander/ 216 KB
217 KB 98ms
97ms Image
image/png 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/lander/bulletWarning.png
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef6593f5753f1cb95a8eb445cc05f5d22990a8ec4b5e6e28d47872a5755a1bf1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5878
alt-svc: h3=":443"; ma=86400
content-length: 221390
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
server: cloudflare
etag: "360ce-60169ecd5962d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8vBYDySItlWD%2BRkK2e2C%2BrWjdbkpDi%2Ba9x9G82oiTDCyCRVFN3Oeazx%2FLIY1YFwGegJcHxinYZXv8NFvzmXYEyePTkIhl7IwzwiPJdWnltDl9Np0Zxx8JtykYM5At3S6hLhfGi%2BMemE7f9g1g5IJBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b476679-AMS

GET
H3 200 email-decode.min.js Show response
secretofexodus.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 61ms
58ms Script
application/javascript 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secretofexodus.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: secretofexodus.com
URL: https://secretofexodus.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Jun 2024 11:26:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667e9dca-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiD2fVIJAHTX44Y%2BgKcKdUgvwCpI4ngzuKvCqHoNjNoFnu%2F3Bx0HaIF%2B23yJHLitmimmk1E9Y9WnQK9YaH3BSbAnUmJjZFXDe0VUOCpYb7yHTeIm2uKmV30Zod8K93AJ9gmbODiRZAGCnPxKe3linkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 89cfceca2b3b6679-AMS
expires: Thu, 04 Jul 2024 15:53:17 GMT

GET
H3 200 squeeze.css
secretofexodus.com/assets/style/ 4 KB
2 KB 62ms
59ms Stylesheet
text/css 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/assets/style/squeeze.css?v=10009
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 894414923299d190ceae912201e37304313c196d0609527ee1bbe71ac82a64f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5892
cf-polished: origSize=4745
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Jul 2023 20:45:17 GMT
server: cloudflare
etag: W/"1289-60169ecdaa70b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0LIvGInOlSabl2z2639qpJa6%2Bne0wSxzXu5JwZpNgxTEbGh8yHblyb2Wc9wSheWIbSRUbwQQAorHZw4SZQRIrEtPL%2F6ND8aJPxNzDYE6ufAlTVVORZ0m2iYXBepA5qAzfltxT8atij3OtBC8qNK3oA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b3c6679-AMS

GET
H3 200 slideInOnScroll.js Show response
secretofexodus.com/assets/scripts/ 729 B
819 B 147ms
146ms Script
application/javascript 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/assets/scripts/slideInOnScroll.js?v=10001
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c61058d7b2a016cd6de6887a2fd4c4baf43babd098120c573cf5f386b5d37a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5878
cf-polished: origSize=1480
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Jul 2023 20:45:17 GMT
server: cloudflare
etag: W/"5c8-60169ecda87cb-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BqUz72umSky9Xx1JW%2FDplj%2Fcr6B%2B6T2oZT0ZWBWHQsJUCP465J20CiV2MsU51rNBpUIH%2BuiC2HHncp%2FRIM8wu8zwGqe5QnntGcz%2F0dhtguCWCgAW9BHhoiM5H%2B2lwET0uSUh3p0QNQnq5%2FbL0Sw5c9w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b4a6679-AMS

GET
H3 200 squeeze.js Show response
secretofexodus.com/assets/scripts/ 2 KB
1 KB 150ms
149ms Script
application/javascript 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/assets/scripts/squeeze.js?v=10009
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc13493bc8bca6e3491b1186edf38f300ac54e774cde5ae947e43ea8246e9ad4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5877
cf-polished: origSize=3263
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Jul 2023 20:45:17 GMT
server: cloudflare
etag: W/"cbf-60169ecda87cb-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1xa8vsPeVJILu8%2FAMOQ37Vcx56plS06FdIRIhUbROSDGNG5kzVl%2F5CsP%2BQdwmaBG7iido0sBqXyWKKYaWPqXLd5KVVoFSHbK2h%2F4YGygJST5HImoWDYqEAiVpWlJPUdo%2BrdxtTSl4xP7Yu8w1atfwvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca2b4c6679-AMS

GET
H2 200 amplitude-7.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 59 KB
19 KB 56ms
14ms Script
application/javascript 54.230.228.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-90.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Origin: https://secretofexodus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 08:08:14 GMT
content-encoding: gzip
via: 1.1 39665d11bf385fb9aabc991f857b37dc.cloudfront.net (CloudFront)
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
x-amz-cf-pop: MUC50-P5
age: 632704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19222
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
server: AmazonS3
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: ponmQCqnr81WwUNJDCIvvFeiQwzrIy-qjiIEvqamMJe-M8lMAHdKcQ==

GET
H3 200 HiddenInTheBookOfExodus_16x9.jpg
file.redhotcdn.com/thumbnails/ 249 KB
250 KB 61ms
25ms Image
image/jpeg 2606:4700:3108::ac42:2add
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.redhotcdn.com/thumbnails/HiddenInTheBookOfExodus_16x9.jpg
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2add , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d7ee4671cdf97c16cbca573863435295a9e98047ca894ed26e6102bb595139

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
via: 1.1 f58eea4785e4dd62930ab32de2a40d48.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5775
x-amz-cf-pop: AMS58-P3
cf-polished: degrade=85, origSize=808941, status=vary_header_present
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 255331
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Nov 2023 03:18:43 GMT
server: cloudflare
etag: "7c5f84d029cdf4ac9a8a8401bf3278f4"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObhGdt59LoF455ASxzKB5dH0FslC54cgyCCti651p0gujUqdB9F%2BB7Kv1YaESjP8jrkFx9BTxbeAxUQ3shzWruRQgmLY7jQrfWcE3vgqDQv%2F%2BAWBxExZK4zngcEMWBTTzf%2FdRTdXX27xorcaOuiD4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 89cfceca7dd00b6e-AMS
x-amz-cf-id: VQJOdE9XzyXxAiDZBo5uM1-nNAI61V7M2ZF_vy9nNuNDWUYWtPpGag==

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9

Request headers

Referer
Origin: https://secretofexodus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 unmute.svg
secretofexodus.com/assets/images/ 2 KB
2 KB 129ms
129ms Image
image/svg+xml 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/unmute.svg
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 574be775e6c5a0ceee6f9a3b93c92fc987fb0f9bdb12f932fa2f25d05ee93c58

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5877
alt-svc: h3=":443"; ma=86400
content-length: 1039
last-modified: Tue, 13 Jun 2023 17:17:19 GMT
server: cloudflare
etag: "9a8-5fe0601eb8edd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zu1M7aW9swl2uYcP%2F2%2FvWB7kxFhOSRu1auGpgM0r%2BtXUgOjr7ZB1Sb1Bl1ooR3zRZ%2Fi2FkozNNUsumjRjCkC7e8Tn3Ofri7UmJju5Xdq%2Bk5NZ5COz%2Fnw2HiWE%2BW6arlcRDy20BcY2BhTdEWDI41QDkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca5b646679-AMS

GET
H3 200 EE_20211031_MethuselehSecret_16x9HLS.m3u8 Show response
file.redhotcdn.com/videos/EE_20211031_MethuselehsSecret_16x9/ 1 KB
1 KB 139ms
116ms XHR
application/x-mpegurl 2606:4700:3108::ac42:2add
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file.redhotcdn.com/videos/EE_20211031_MethuselehsSecret_16x9/EE_20211031_MethuselehSecret_16x9HLS.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.20.2/video.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2add , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa960e4ab54ad62b7a19b67a7ef0149c3cc6da957e048922702c64d10e271a16

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
via: 1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P3
age: 1191
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 16:39:15 GMT
server: cloudflare
etag: W/"a82f3b1ab424e02afa16dd1c6b21505e"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xYah1Rjqiz8nFK8YqXm5VS%2BfNN18V1uF8wW8KouV3%2F5UQV8A99zjvWdrtc6d28tUy2wUUl77bg6ij3VZJo4NqKGRorDqH%2FvzXCnD%2Ffk4tlxkUjyo4IbAMpq3quxo9d97AD97skymFr16mVkF3gHhJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89cfceca7f53656b-AMS
x-amz-cf-id: oJjGv1YBqzCkMDikOolukuIPjsCI5c7fJU_GdEFtYfInzQW7_mL_9Q==

GET
H3 200 timelineSegmentRight.png
secretofexodus.com/assets/images/lander/ 24 KB
24 KB 121ms
121ms Image
image/png 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/lander/timelineSegmentRight.png
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/assets/style/VSL/VSL.css?v=10004
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9cf00da3ed66835c3383eefe3ece96b304fe05d61d742104bbfafcde4ca282b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/assets/style/VSL/VSL.css?v=10004
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5877
alt-svc: h3=":443"; ma=86400
content-length: 24405
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
server: cloudflare
etag: "5f55-60169ecd5f3ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9z4V6D4ox1wFkUaapIh8f%2BEvutHrB2t90uQ8of2aO4lBipZe2iYZUaLpe9S7XRnRrm5EsgYF4%2B7EZ1c%2F%2FDhySBKfl%2FY1ua56hoNUYxKUUTR1Yrr8SuuttHwSwJP3XqJIUeBHxU67oGosKp%2FoiaQzJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca5b756679-AMS

GET
H3 200 timelineSegmentLeft.png
secretofexodus.com/assets/images/lander/ 24 KB
24 KB 122ms
121ms Image
image/png 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secretofexodus.com/assets/images/lander/timelineSegmentLeft.png
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/assets/style/VSL/VSL.css?v=10004
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7c2fbcdf7ea62bdeae2d3b3a1e7fe72278e4d3438ff9ec98713a08d6b0d4c5a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/assets/style/VSL/VSL.css?v=10004
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5877
alt-svc: h3=":443"; ma=86400
content-length: 24337
last-modified: Wed, 26 Jul 2023 20:45:16 GMT
server: cloudflare
etag: "5f11-60169ecd5f3ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtL4HIPoq7hc0HCc948HCsUNUMfYtlrMc8ZYRQ%2FGYfRg3ShohS%2BnjKSkVmjNbLJcu4bDNmv7XR%2BkcKBSyhmyrms6w7OQvraWTD5JQTzuHaNg1JPoJqH%2Bj8FUHxYRAdOPo9mveNvOgg3EDuc%2FEytR4yw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfceca5b776679-AMS

GET
BLOB 200
OK ea0d04fd-ec4a-4ff8-9b5e-885938c0ef7a
https://secretofexodus.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secretofexodus.com/ea0d04fd-ec4a-4ff8-9b5e-885938c0ef7a
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03ee34a40289cd59a27b110b7eecaf6af7dd295854dd3c9adbf0c087772dfbcc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6002
Content-Type: application/javascript

GET
BLOB 200
OK 0e0cffc1-6d82-4333-824d-c330d75f91ec
https://secretofexodus.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secretofexodus.com/0e0cffc1-6d82-4333-824d-c330d75f91ec
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e814fda4b3a0b92c9a44cbb8d9ce5f220aad949224f9eb4a7fc31c3d9d8e2c1d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK e7c9fad4-9239-40fb-b12f-9c9b812414a4
https://secretofexodus.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secretofexodus.com/e7c9fad4-9239-40fb-b12f-9c9b812414a4
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e814fda4b3a0b92c9a44cbb8d9ce5f220aad949224f9eb4a7fc31c3d9d8e2c1d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,600,900%7CMerriweather:400,600,900%7COpen+Sans:400,600,900

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ade3e68d56f2c05c912f94419a76de26b86828d400edb71189cc9bd39561d57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 Jul 2024 15:53:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jul 2024 15:53:17 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 5BA6 0
0 42ms
13ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secretofexodus.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=95287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secretofexodus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jul 2024 15:53:16 GMT
server: Kestrel
server-processing-duration-in-ticks: 405978
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 / Show response
api.amplitude.com/ 7 B
228 B 1089ms
759ms XHR
text/html 34.212.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.212.97.52 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-212-97-52.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 02 Jul 2024 15:53:18 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-6684226d-035837b721bc53df1fc76a7d
content-length: 7

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

POST
H3 200 import Show response
secretofexodus.com/ajax/click/ 77 B
777 B 554ms
554ms XHR
application/json 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/ajax/click/import
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2853d39cb8dd362c3339164ad85431c0f5fbd3f801a65b33776d960a521e3d84

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://secretofexodus.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 92
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bXApn8Rjf2Fsyw93Stl4ukNGpGwbCrxDA5d%2Btt0tOJI4F1ym0EiXM9icoW06tp3PCHfKMh%2B4AwMzRIlaHzBllLs0pQyccPACvE2zjUFomxcwZ%2B7I%2B%2FGp4Fz6zrAJW8CuVepCfzAvs%2FhGqhXhtsfd7pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: secretofexodus.com
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfcecacbcf6679-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1719935597236&aid=b-00k0&se=e30&duid=c194d0be5864--01j1t2cyhn3qx7km5mtwc9dgq4&tv=v2.14.3&pu=https%3A%2F%2Fsecretofexodus.com%2F&wpn=lc-bundle&cd=.secretofexodus.com&c=...
https://rp4.liadm.com/j?dtstmp=1719935597236&aid=b-00k0&se=e30&duid=c194d0be5864--01j1t2cyhn3qx7km5mtwc9dgq4&tv=v2.14.3&pu=https%3A%2F%2Fsecretofexodus.com%2F&wpn=lc-bundle&cd=.secretofexodus.com&c...

13 B
347 B

303ms
96ms

XHR
application/json

52.2.167.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1719935597236&aid=b-00k0&se=e30&duid=c194d0be5864--01j1t2cyhn3qx7km5mtwc9dgq4&tv=v2.14.3&pu=https%3A%2F%2Fsecretofexodus.com%2F&wpn=lc-bundle&cd=.secretofexodus.com&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDExOjgwYzM6NTA2ZTpjMGRj&n3pc=true
Requested by: Host: secretofexodus.com
URL: https://secretofexodus.com/
Protocol: H2
Server: 52.2.167.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-167-39.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secretofexodus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
x-pixel-event-id: 428482a4-3c34-4614-b803-f3e25241fe92
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?dtstmp=1719935597236&aid=b-00k0&se=e30&duid=c194d0be5864--01j1t2cyhn3qx7km5mtwc9dgq4&tv=v2.14.3&pu=https%3A%2F%2Fsecretofexodus.com%2F&wpn=lc-bundle&cd=.secretofexodus.com&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDExOjgwYzM6NTA2ZTpjMGRj&n3pc=true
access-control-allow-origin: https://secretofexodus.com
date: Tue, 02 Jul 2024 15:53:17 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,900%7CMerriweather:400,600,900%7COpen+Sans:400,600,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://secretofexodus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 17:31:01 GMT
x-content-type-options: nosniff
age: 426136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 17:31:01 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 43ms
22ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,900%7CMerriweather:400,600,900%7COpen+Sans:400,600,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://secretofexodus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:38:01 GMT
x-content-type-options: nosniff
age: 454516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19816
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 09:38:01 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 39ms
18ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,900%7CMerriweather:400,600,900%7COpen+Sans:400,600,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://secretofexodus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 03:04:18 GMT
x-content-type-options: nosniff
age: 478139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 03:04:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 42ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,900%7CMerriweather:400,600,900%7COpen+Sans:400,600,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://secretofexodus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:57:01 GMT
x-content-type-options: nosniff
age: 3376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 14:57:01 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 30ms
10ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,900%7CMerriweather:400,600,900%7COpen+Sans:400,600,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://secretofexodus.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:37:33 GMT
x-content-type-options: nosniff
age: 454544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 09:37:33 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=95287&v=5.26.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=SeoyL195SG4lMkJxNzd5YWpnVThJWnkzS1BHelZZQU5UcnV0...
https://widget.us.criteo.com/event?a=95287&v=5.26.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=SeoyL195SG4lMkJxNzd5YWpnVThJWnkzS1BHelZZQU5UcnV0...

10 KB
5 KB

313ms
114ms

Script
application/x-javascript

74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=95287&v=5.26.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=SeoyL195SG4lMkJxNzd5YWpnVThJWnkzS1BHelZZQU5UcnV0VWZQUkRrUjJvbSUyQnNZakZEWTM5Y3FKaDUxbTlscEhMYzhoc25ySDh0VG1IZElNa05UMXVJYUklMkYxOVpRQkJBbmlBVENrRUVJWURMRkVjOWExS2FMOHdnU0FhNjJYM3VpV0s2QWZzNnM0WkoyNXk3UGxLWDJENENucHFMNDdGeThXZmFtamdYdTVhU3R4QWMlM0Q&tld=secretofexodus.com&dy=1&fu=https%253A%252F%252Fsecretofexodus.com%252F&ceid=13ea630a-e012-4201-9e57-c6af506a342d

Requested by

Host: secretofexodus.com
URL: https://secretofexodus.com/

Protocol

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ac05adae3e039090e2b0fa509de900760d2f003c7e97f3c9ddc09fc4e7f53b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secretofexodus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 19276201
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=95287&v=5.26.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=SeoyL195SG4lMkJxNzd5YWpnVThJWnkzS1BHelZZQU5UcnV0VWZQUkRrUjJvbSUyQnNZakZEWTM5Y3FKaDUxbTlscEhMYzhoc25ySDh0VG1IZElNa05UMXVJYUklMkYxOVpRQkJBbmlBVENrRUVJWURMRkVjOWExS2FMOHdnU0FhNjJYM3VpV0s2QWZzNnM0WkoyNXk3UGxLWDJENENucHFMNDdGeThXZmFtamdYdTVhU3R4QWMlM0Q&tld=secretofexodus.com&dy=1&fu=https%253A%252F%252Fsecretofexodus.com%252F&ceid=13ea630a-e012-4201-9e57-c6af506a342d
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3372283
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 EE_20211031_MethuselehSecret_16x9hls10_v4.m3u8 Show response
file.redhotcdn.com/videos/EE_20211031_MethuselehsSecret_16x9/ 29 KB
4 KB 36ms
36ms XHR
application/x-mpegurl 2606:4700:3108::ac42:2add
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file.redhotcdn.com/videos/EE_20211031_MethuselehsSecret_16x9/EE_20211031_MethuselehSecret_16x9hls10_v4.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.20.2/video.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2add , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1944abadec8b8b118757b0c184282ba2b909aff9a3b5fdadb6f2bb7fdb234b55

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
via: 1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P3
age: 1190
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 16:38:46 GMT
server: cloudflare
etag: W/"f6768ed1c14fc2ed916411cbddbf4665"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HrB3ECsNyTq5uTwbw4QAcg70e50W5NwtOTu4GqefC77ffjjVH7RfrYiZomJsvW%2FbNs5Z0dxCG1EMGc8ZAchDb9GEEq45EDlK4CtTzLcqESXDU6V7FnnTA%2FsYRZJx%2FJ2HSloEJpwIpfFbVKw2hAESA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89cfcecb3812656b-AMS
x-amz-cf-id: NQDq6RhNv51AUqMh1Aswhw4ii1Lf_p-iTv41w7WavZkzQlIsn0bXeA==

GET
H3 200 EE_20211031_MethuselehSecret_16x9hls_audio_160k_v4.m3u8 Show response
file.redhotcdn.com/videos/EE_20211031_MethuselehsSecret_16x9/ 38 KB
4 KB 28ms
28ms XHR
application/x-mpegurl 2606:4700:3108::ac42:2add
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file.redhotcdn.com/videos/EE_20211031_MethuselehsSecret_16x9/EE_20211031_MethuselehSecret_16x9hls_audio_160k_v4.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.20.2/video.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2add , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad4eaecaf0f46fdb2f7992fa683f1e72016b0e4409ceca58b5c2943b47a838c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
via: 1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P3
age: 13250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 16:34:21 GMT
server: cloudflare
etag: W/"b8cf7ab422950f138f9230a3ce99aba9"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NqTP1lFWVQQTfQi%2FKB%2F3BsDzbYfDCWsrQkHd%2Fi8S24bgO9nVDZox%2FfrdDX%2Fzg8HMKjeOfPj2vnFlQ%2FOyCx4T380H53THFd5wNqdOdi1xcZkB09CtZDBTjvFGE6qCuBVYI58pyhPrF33YFNqJyj8d4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89cfcecb8853656b-AMS
x-amz-cf-id: 3p3FxMb14_Zb7UjNFyuNoCuZyNKBfRsMwdo5_A31oK_4LybSu7nPNg==

GET
H3 206 EE_20211031_MethuselehSecret_16x9hls10.ts Show response
file.redhotcdn.com/videos/EE_20211031_MethuselehsSecret_16x9/ 1 MB
1 MB 35ms
35ms XHR
video/mp2t 2606:4700:3108::ac42:2add
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file.redhotcdn.com/videos/EE_20211031_MethuselehsSecret_16x9/EE_20211031_MethuselehSecret_16x9hls10.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.20.2/video.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2add , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c374376be372304237ad2d85b079555ac8707a93480054167a407dc477a293

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-1501931
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
via: 1.1 a43889f6531338b6dd9d3a4339de949a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P3
age: 70540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-1501931/422127304
alt-svc: h3=":443"; ma=86400
Content-Length: 1501932
last-modified: Wed, 29 Nov 2023 16:38:46 GMT
server: cloudflare
etag: "473ed62476e3d0407aa54fc941dc4542-81"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: video/MP2T
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FFrSZekcvrsK3YUFO13TUe%2Brr4%2BmZrv%2By5fZCLFIb77u72%2FrDrozsehhqFfqOlmf9AFMVPnYfaVSXft%2Bm7BdKTg7hhNndg4ra%2BdzL4hIV4UxtcjGsdUHhl%2FxahfYPimifKS0kIeYDafacqW%2FZks2bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89cfcecb8857656b-AMS
x-amz-cf-id: 8ndsEI9hNBGqUWQvy63KCdP6nr-MUNBEWcgVrsrUxMF11qstI6fXxQ==

GET
H3 206 EE_20211031_MethuselehSecret_16x9hls_audio_160k.ts Show response
file.redhotcdn.com/videos/EE_20211031_MethuselehsSecret_16x9/ 224 KB
224 KB 102ms
102ms XHR
audio/mp2t 2606:4700:3108::ac42:2add
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file.redhotcdn.com/videos/EE_20211031_MethuselehsSecret_16x9/EE_20211031_MethuselehSecret_16x9hls_audio_160k.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.20.2/video.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2add , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b244a26859fdae402a347540217ac9b839528bfd823b8497f07e09f19f9fb714

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-228983
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
via: 1.1 ad02191892ceb388ca997ca92099a6f4.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P3
age: 75461
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-228983/77986536
alt-svc: h3=":443"; ma=86400
Content-Length: 228984
last-modified: Wed, 29 Nov 2023 16:34:21 GMT
server: cloudflare
etag: "d72046900a14f8058f1817e38d035dfc-15"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, HEAD
content-type: audio/MP2T
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFS4gQPsdZvtPGz8pk08%2FNgaYgGhIhL%2B07PefW514KZ4HjeVGEntj2fI%2Fj%2FiWYVGtUe6SUySr7KJlGgwh65JIwylP4mdQri3E6jyY5GjdTqmXICSaEc%2BOFejmP%2FogAyOEsfnsHePfWYQSAbi9Z1xQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89cfcecbb889656b-AMS
x-amz-cf-id: YgXn2K34MeeVOvyGYGohOZQOokBKXX7dSm3GlpAQJtfMeuGbbKznFw==

GET
H2 200 register-trigger
measurement-api.criteo.com/ 0
0 43ms
13ms Fetch 2a02:2638:3::19
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://measurement-api.criteo.com/register-trigger?partner_id=95287&uid=44f34a93-de20-4622-a1b7-c5b93f09d539&event_name=ItemPageView&islcc=0&amount_local=0&amount_euro=0&client_side_event_id=13ea630a-e012-4201-9e57-c6af506a342d

Requested by

Host: sslwidget.criteo.com
URL: https://sslwidget.criteo.com/event?a=95287&v=5.26.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=SeoyL195SG4lMkJxNzd5YWpnVThJWnkzS1BHelZZQU5UcnV0VWZQUkRrUjJvbSUyQnNZakZEWTM5Y3FKaDUxbTlscEhMYzhoc25ySDh0VG1IZElNa05UMXVJYUklMkYxOVpRQkJBbmlBVENrRUVJWURMRkVjOWExS2FMOHdnU0FhNjJYM3VpV0s2QWZzNnM0WkoyNXk3UGxLWDJENENucHFMNDdGeThXZmFtamdYdTVhU3R4QWMlM0Q&tld=secretofexodus.com&dy=1&fu=https%253A%252F%252Fsecretofexodus.com%252F&ceid=13ea630a-e012-4201-9e57-c6af506a342d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"10609453569049411990","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://secretofexodus.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CFDC 170 B
409 B 47ms
18ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Bry4PkBoHGR5DoEQukYBnUsXuGe-G90XxIvY1w&google_cm&google_hm=ay1Ccnk0UGtCb0hHUjVEb0VRdWtZQm5Vc1h1R2UtRzkwWHhJdlkxdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame CFDC 43 B
235 B 63ms
17ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-KXNp_UBoHGR5DoEQukYBnUsXuGdzJphUzNT1kA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 15:53:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame CFDC
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5224361421986588339

43 B
370 B

15ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5224361421986588339

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1439700
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
an-x-request-uuid: 88a79cf3-57cb-4869-b73d-141e17be567c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5224361421986588339
x-proxy-origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame CFDC 43 B
163 B 74ms
19ms Image
image/gif 5.196.111.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-lOBxXEBoHGR5DoEQukYBnUsXuGcipAVzbgUWoA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.73 , France, ASN16276 (OVH, FR),
Reverse DNS: ip73.ip-5-196-111.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame CFDC 0
99 B 54ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-dHl0dUBoHGR5DoEQukYBnUsXuGf5GE03zYN_NQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12145

GET
H2 204 k-FouR40BoHGR5DoEQukYBnUsXuGdzJq-KSX9vuA
sync.1rx.io/usersync/criteodsp/ Frame CFDC 0
99 B 50ms
14ms Image
text/plain 46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/criteodsp/k-FouR40BoHGR5DoEQukYBnUsXuGdzJq-KSX9vuA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame CFDC 49 B
342 B 63ms
18ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-LAnI6EBoHGR5DoEQukYBnUsXuGfTg3YAeRbsRg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame CFDC
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--nzJ3EBoHGR5DoEQukYBnUsXuGeL6mG4o2a70w
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--nzJ3EBoHGR5DoEQukYBnUsXuGeL6mG4o2a70w&C=1

43 B
330 B

28ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--nzJ3EBoHGR5DoEQukYBnUsXuGeL6mG4o2a70w&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjR0e%2FVZ8Y%2BUgOOTV1%2F1lWOaaDwY%2F%2F6WxkPWAJvf5SirninKO6%2FF%2Fp0p11NzUeBNbDjcOqiiK8z4vRaQdYZ7BI0sWkkdTZUToCEbkqmCjLuhrcsObeXKHv6E5SEt508y0ZpJ"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 89cfcecdec8e8ed5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B1ja8s7wEWeguUfjFFZJzEn6fvJ0YWKtvYq5jftrq4qZcV%2FX%2Bx%2Bu59Fby4gJJ%2FKXl3COJ5XgfhbIqyfsyjRfv7w5Zme%2B3lC75Kh02cgcDudO0z6y3lIE9wsoPv4J42iC7VnS"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k--nzJ3EBoHGR5DoEQukYBnUsXuGeL6mG4o2a70w&C=1
cache-control: no-cache
cf-ray: 89cfcecdbc4f8ed5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame CFDC
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=pVQVpPp203bZpjJdWaSHjIjHp6GhI9Ez
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=pVQVpPp203bZpjJdWaSHjIjHp6GhI9Ez

42 B
717 B

36ms
35ms

Image
image/gif

63.32.81.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=pVQVpPp203bZpjJdWaSHjIjHp6GhI9Ez

Protocol

Server

63.32.81.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-81-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v061-03a9ac117.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 6oylEFDVScA=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v061-0ab16dd2b.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: ZhP460pzQ4E=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=pVQVpPp203bZpjJdWaSHjIjHp6GhI9Ez
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame CFDC 43 B
1 KB 28ms
7ms Image
image/gif 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-4wYTcEBoHGR5DoEQukYBnUsXuGfzbm8jl9ChZQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 02 Jul 2024 15:53:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame CFDC 43 B
199 B 117ms
33ms Image
image/gif 34.249.144.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-D6Y3hkBoHGR5DoEQukYBnUsXuGcCGZ1Te08xyA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.144.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-144-138.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 02 Jul 2024 15:53:17 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame CFDC 42 B
265 B 37ms
15ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-wmnNOEBoHGR5DoEQukYBnUsXuGch68D6pdVSyw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 cksync.php
contextual.media.net/ Frame CFDC 60 B
817 B 117ms
70ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-RD6MHUBoHGR5DoEQukYBnUsXuGcq9yhKOJxWbg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 02 Jul 2024 15:53:17 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 60
x-mnet-hl2: E
expires: Tue, 02 Jul 2024 15:53:17 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame CFDC 0
884 B 33ms
10ms Image
text/html 18.192.166.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pVWfGEBoHGR5DoEQukYBnUsXuGdvBdzsi7h7eA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.166.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-166-234.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame CFDC 43 B
423 B 525ms
166ms Image
image/gif 35.86.11.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-j_BZz0BoHGR5DoEQukYBnUsXuGe_LvNIBI_ZrA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.86.11.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-86-11-69.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:18 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame CFDC 0
218 B 273ms
90ms Image
text/plain 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-V9kNNEBoHGR5DoEQukYBnUsXuGeO1tk4jDrThg&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 46040d763bdcef336963cd2dfc70afc8
content-length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame CFDC 0
225 B 81ms
17ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-macUqEBoHGR5DoEQukYBnUsXuGcAyXLTPUAMfw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=utf-8
date: Tue, 02 Jul 2024 15:53:17 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame CFDC 0
239 B 56ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-IUuhNkBoHGR5DoEQukYBnUsXuGdPaqpeTlN4Ag&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 579d6dd278f76ae39d067788043e4297
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame CFDC 0
35 B 39ms
8ms Image
text/plain 3.77.84.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-M_gyykBoHGR5DoEQukYBnUsXuGdcNO7m-baCgQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.77.84.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-77-84-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT

GET
H2 200 um
criteo-sync.teads.tv/ Frame CFDC 23 B
163 B 65ms
30ms Image
image/gif 23.52.181.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-KUSdUEBoHGR5DoEQukYBnUsXuGcpm4oeNgjOpA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.181.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-181-90.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 02 Jul 2024 15:53:17 GMT
pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.1
content-length: 23
content-type: image/gif

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame CFDC 43 B
400 B 436ms
229ms Image
image/gif 2600:1f18:612b:4216:62d6:8e85:a32:725d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-lK3aeUBoHGR5DoEQukYBnUsXuGfDaXFgE-RU8Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:62d6:8e85:a32:725d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 02 Jul 2024 15:53:18 GMT
server: nginx
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame CFDC 37 B
140 B 30ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-39iSvkBoHGR5DoEQukYBnUsXuGejbM0bwCBTSg&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame CFDC 43 B
153 B 64ms
23ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-4Kk34EBoHGR5DoEQukYBnUsXuGfVDtcrqAMIYw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 02 Jul 2024 15:53:17 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame CFDC 0
235 B 46ms
23ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-lowJl0BoHGR5DoEQukYBnUsXuGeQY1JemyBLgg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 02 Jul 2024 15:53:17 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 01 Jul 2024 15:53:17 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame CFDC 0
38 B 141ms
36ms Image
text/plain 54.154.223.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-JnlOKkBoHGR5DoEQukYBnUsXuGeqXcPY74gRMQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.223.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-223-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame CFDC 0
44 B 31ms
6ms Image
text/plain 3.127.168.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-E22RskBoHGR5DoEQukYBnUsXuGcP7sNjETPhxA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.168.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-168-76.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
server: awselb/2.0

GET
H2

200

pixel
cm.adform.net/ Frame CFDC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-O7uwr0BoHGR5DoEQukYBnUsXuGc82zF7w-ENAg
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-O7uwr0BoHGR5DoEQukYBnUsXuGc82zF7w-ENAg
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-O7uwr0BoHGR5DoEQukYBnUsXuGc82zF7w-ENAg&adform_v=1

43 B
162 B

78ms
20ms

Image
image/gif

37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-O7uwr0BoHGR5DoEQukYBnUsXuGc82zF7w-ENAg&adform_v=1
Protocol: H2
Server: 37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 15:53:18 GMT
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
server: nginx
accept-ranges: bytes
etag: "62e27c81-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-O7uwr0BoHGR5DoEQukYBnUsXuGc82zF7w-ENAg&adform_v=1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 200 favicon-32x32.png
secretofexodus.com/ 3 KB
3 KB 133ms
133ms Other
image/png 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f62851622a4c3e3a741578df63874c597104662bfb82702745666e2e308606

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:53:17 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 20:45:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a34-60169ecdaa70b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxZVqc0W0J%2F3WhPzalSZvTV7w2Ci326OxJ13hiKPStiu%2BHzrkFZJyuUbvzAFpHNhls0ptfbTDWrBncWFbYyrWL7CCFlbEZsDOL3FhhXsLnoN%2FvooUkXOyx9nq2xn738srBkcnwfWc7xGiWl6nw1MECM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfcecd9edd6679-AMS
content-length: 2612
alt-svc: h3=":443"; ma=86400

GET
H2 200 setuid
ib.adnxs.com/ Frame CFDC 43 B
1 KB 19ms
19ms Image
image/gif 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-MPHXP0BoHGR5DoEQukYBnUsXuGeKJkdn75B5rw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 15:53:17 GMT
an-x-request-uuid: 289629a5-fbd3-489b-8ec7-e6e166dea5f8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 getConfig Show response
cp.pushwoosh.com/json/1.3/ 945 B
1 KB 275ms
207ms Fetch
application/json 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/getConfig
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx / pushwoosh/device-api
Resource Hash: 11ad310ed17ce4feb3b1a121a2e3d4317dce57ca2875d2f12a8b865f8d57caac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 02 Jul 2024 15:53:18 GMT
x-pod-name: pushwoosh-device-api-68494964bb-64md7
content-encoding: gzip
x-pod-ip: 10.222.111.147
x-powered-by: pushwoosh/device-api
x-host-ip: 172.16.3.223
x-pod-namespace: pushwoosh
nginx-terminator-hash: a410335f60f8f772bb5422287feb83c5
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-host-name: r3-cl-33.r3h.nue
nginx-frontend-hash: 21ee150abf6617b726f10875d767617e
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

POST
H2 200 applicationOpen Show response
cp.pushwoosh.com/json/1.3/ 75 B
520 B 97ms
97ms Fetch
application/json 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/applicationOpen
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 4add3fe371639b40f8491b105b99a35050365ebbc41dac264d11c5ca29434b96

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 02 Jul 2024 15:53:18 GMT
content-encoding: gzip
nginx-terminator-hash: a410335f60f8f772bb5422287feb83c5
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
nginx-frontend-hash: f4e1047223a1c22e544e27c104d82c13
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

POST
H2 200 / Show response
api.amplitude.com/ 7 B
227 B 191ms
191ms XHR
text/html 34.212.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.212.97.52 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-212-97-52.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 02 Jul 2024 15:53:18 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-6684226e-4c9a15d32b4db51443116f61
content-length: 7

GET
H3 200 manifest.json Show response
secretofexodus.com/ 228 B
668 B 438ms
438ms Fetch
application/json 2606:4700:3035::6815:609a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secretofexodus.com/manifest.json
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:609a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5299bb2e133843c854d6a966630afb13c6edecf4d3738a6c4760cf6f9f1cf2f2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 02 Jul 2024 15:53:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 176
last-modified: Tue, 25 Jul 2023 16:51:23 GMT
server: cloudflare
etag: "e4-601528a8b24a9-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUhcIrpy7z27gwKVEKhtONbXC1K0YYhtRQ%2BcKIntwk3IDKrDfeJ07DaZr2EO08avrpwUsZ9FwegNmB2VlN9NfL%2BWRQtmLgDV8B41pcGYpza4njMKxsrAn6CiAfMxOEKTGl6VOZoXOaI83kvHvcoEJv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 89cfced1cab46679-AMS

POST
H2 200 checkDevice Show response
cp.pushwoosh.com/json/1.3/ 93 B
531 B 66ms
66ms Fetch
application/json 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/checkDevice
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 4727e7777c16c9c3bd95f651576f99ff34994ebc5e254ec25cb5923e6860dc24

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 02 Jul 2024 15:53:19 GMT
content-encoding: gzip
nginx-terminator-hash: a410335f60f8f772bb5422287feb83c5
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
nginx-frontend-hash: a0ed8d1c9f716e68b7cf91b4329d5c17
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

POST
H2 200 getInboxMessages Show response
cp.pushwoosh.com/json/1.3/ 92 B
628 B 59ms
59ms Fetch
application/json 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/getInboxMessages
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx / phpDaemon/1.0-beta3
Resource Hash: 66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 02 Jul 2024 15:53:19 GMT
x-pw-front-node: inbox-api-7f4749d7cb-gljv4
content-encoding: gzip
nginx-terminator-hash: a410335f60f8f772bb5422287feb83c5
server: nginx
x-powered-by: phpDaemon/1.0-beta3
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
x-pw-cluster-node: inbox-api-7f4749d7cb-gljv4
access-control-allow-credentials: true
nginx-frontend-hash: 93c3e451ac2c4f0079dda4bdc37f4fb3
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H2 200 chrome.jpg
cdn.pushwoosh.com/webpush/img/ 37 KB
38 KB 26ms
26ms Image
image/jpeg 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pushwoosh.com/webpush/img/chrome.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 1d9d7ae5da2739bb3c90c97c41799f0555a7711122deebad64ff48789b30671e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 15:53:19 GMT
x-cache-status: HIT
content-length: 38391
last-modified: Wed, 09 Jun 2021 13:23:33 GMT
server: nginx
etag: "a4a1bfc744068b330bbb9fd7ad8f4d6e"
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=3600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
expires: Tue, 02 Jul 2024 16:53:19 GMT

GET
H2 200 chrome_unlock.jpg
cdn.pushwoosh.com/webpush/img/ 45 KB
45 KB 52ms
51ms Image
image/jpeg 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pushwoosh.com/webpush/img/chrome_unlock.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx /
Resource Hash: c9c4b6ee5cd74a8dae3caa85f95678aa592c060d18c6f21e37c0d0e1446dc4af

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secretofexodus.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Tue, 02 Jul 2024 15:53:19 GMT
x-cache-status: HIT
content-length: 45797
last-modified: Wed, 09 Jun 2021 13:23:33 GMT
server: nginx
etag: "9c37d8ab595f88bac2d323e77ff5e5dc"
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=3600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
expires: Tue, 02 Jul 2024 16:53:19 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secretofexodus.com/ajax/click	1970-01-20 21:59:59	Name: Affiliate Value: %7B%22type%22%3A%22unknown%22%2C%22AFID%22%3A0%2C%22subIDs%22%3A%5B%5D%2C%22UTMs%22%3A%5B%5D%7D
.liadm.com/j	1970-01-21 07:21:35	Name: lidid Value: 8c733acc-7591-4994-ae9c-49c2ef4a01d8
.secretofexodus.com/	1970-01-20 21:59:59	Name: PHPSESSID Value: 9euub68jp4st732ink27q93vtb
secretofexodus.com/	1970-01-20 21:59:59	Name: Affiliate Value: %7B%22type%22%3A%22unknown%22%2C%22AFID%22%3A0%2C%22subIDs%22%3A%5B%5D%2C%22UTMs%22%3A%5B%5D%7D
.secretofexodus.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .secretofexodus.com
.secretofexodus.com/	1970-01-21 07:21:35	Name: _lc2_fpi Value: c194d0be5864--01j1t2cyhn3qx7km5mtwc9dgq4
.secretofexodus.com/	1970-01-21 07:21:35	Name: _lc2_fpi_meta Value: {%22w%22:1719935597109}
.secretofexodus.com/	1970-01-21 07:21:35	Name: amp_0a2f9a Value: w0OGkSkLWZcHsEP1cqe3Tj...1i1q2cul3.1i1q2cul7.1.1.2
.criteo.com/	1970-01-21 07:07:11	Name: uid Value: 44f34a93-de20-4622-a1b7-c5b93f09d539
.criteo.com/	1970-01-21 07:07:11	Name: receive-cookie-deprecation Value: 1
.secretofexodus.com/	1970-01-21 07:14:59	Name: cto_bundle Value: SeoyL195SG4lMkJxNzd5YWpnVThJWnkzS1BHelZZQU5UcnV0VWZQUkRrUjJvbSUyQnNZakZEWTM5Y3FKaDUxbTlscEhMYzhoc25ySDh0VG1IZElNa05UMXVJYUklMkYxOVpRQkJBbmlBVENrRUVJWURMRkVjOWExS2FMOHdnU0FhNjJYM3VpV0s2QWZzNnM0WkoyNXk3UGxLWDJENENucHFMNDdGeThXZmFtamdYdTVhU3R4QWMlM0Q
.liadm.com/	1970-01-21 07:21:35	Name: lidid Value: 8c733acc-7591-4994-ae9c-49c2ef4a01d8
.adnxs.com/	1970-01-20 23:55:11	Name: XANDR_PANID Value: ORAkDpgwuM4a0eGXB3mWB28yIHM7HCbuny8zyvDxvIRYmU3WficSE4353uoSdQu009Y82taKlpMFdPD3F5QP0mB0iZGZsGmpQwg8aVa6jDs.
.adnxs.com/	1970-01-21 07:21:35	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:55:11	Name: uuid2 Value: 5224361421986588339
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.criteo.com/	1970-01-21 07:07:11	Name: cto_bundle Value: fanPS19jNXF4dkt5NHJFJTJGN2dKJTJGSnN0cnlIdmdpcWxXQ000TWlad3cxRG9LSlFxZEsyTVozS2VpYmlpOXM1R2lwckFuaA
.casalemedia.com/	1970-01-21 06:31:11	Name: CMID Value: ZoQibbmqPdoAAATPA4KDtQAA
.casalemedia.com/	1970-01-20 23:55:11	Name: CMPS Value: 5277
.casalemedia.com/	1970-01-20 23:55:11	Name: CMPRO Value: 5277
.adnxs.com/	1970-01-20 23:55:11	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E?$J8`ON!@wnfH1YdP.dEXlSkiuln#9U2n3@bm-gAU!rn$?x-Y2j+AwcI+X)Kc1W[`[)qAA)y3*EWYOMv!U%nugO%v4VB%npEs+QW7q
.omnitagjs.com/	1970-01-20 22:28:47	Name: ayl_visitor Value: 072b0bef0d74af5110db2d0992068d47
exchange.mediavine.com/	1970-01-20 22:05:45	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2232eb0f50-388b-11ef-bce4-51cc70c7db29%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 22:05:45	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2232eb0f50-388b-11ef-bce4-51cc70c7db29%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 22:05:45	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2232eb0f50-388b-11ef-bce4-51cc70c7db29%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 22:05:45	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2232eb0f50-388b-11ef-bce4-51cc70c7db29%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 22:05:45	Name: criteo Value: %7B%22id%22%3A%22k-pVWfGEBoHGR5DoEQukYBnUsXuGdvBdzsi7h7eA%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/	1970-01-21 02:04:47	Name: demdex Value: 59417295238323420052835624546764338118
.media.net/	1970-01-21 06:31:11	Name: visitor-id Value: 3629371970733422000V10
.media.net/	1970-01-20 22:28:47	Name: data-c-ts Value: 1719935597
.media.net/	1970-01-20 22:28:47	Name: data-c Value: k-RD6MHUBoHGR5DoEQukYBnUsXuGcq9yhKOJxWbg~~3
.dpm.demdex.net/	1970-01-21 02:04:47	Name: dpm Value: 59417295238323420052835624546764338118
.adform.net/	1970-01-20 22:30:13	Name: C Value: 1
.adform.net/	1970-01-20 23:11:59	Name: uid Value: 1409260317188486333
.tremorhub.com/	1970-01-21 06:31:32	Name: tvid Value: a0cdf0df438344fca4449ecb01f880c0
.tremorhub.com/	1970-01-20 22:28:47	Name: tv_UICR Value: k-lK3aeUBoHGR5DoEQukYBnUsXuGfDaXFgE-RU8Q
.postrelease.com/	1970-01-21 06:31:11	Name: opt_out Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://sslwidget.criteo.com/event?a=95287&v=5.26.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=SeoyL195SG4lMkJxNzd5YWpnVThJWnkzS1BHelZZQU5UcnV0VWZQUkRrUjJvbSUyQnNZakZEWTM5Y3FKaDUxbTlscEhMYzhoc25ySDh0VG1IZElNa05UMXVJYUklMkYxOVpRQkJBbmlBVENrRUVJWURMRkVjOWExS2FMOHdnU0FhNjJYM3VpV0s2QWZzNnM0WkoyNXk3UGxLWDJENENucHFMNDdGeThXZmFtamdYdTVhU3R4QWMlM0Q&tld=secretofexodus.com&dy=1&fu=https%253A%252F%252Fsecretofexodus.com%252F&ceid=13ea630a-e012-4201-9e57-c6af506a342d Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
ajax.googleapis.com
api.amplitude.com
b-code.liadm.com
c1.adform.net
cdn.amplitude.com
cdn.pushwoosh.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
cp.pushwoosh.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
file.redhotcdn.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
measurement-api.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
secretofexodus.com
simage2.pubmatic.com
sslwidget.criteo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
visitor.omnitagjs.com
vjs.zencdn.net
widget.us.criteo.com
x.bidswitch.net
104.18.36.155
13.248.245.213
141.226.228.48
142.250.186.66
162.19.138.82
178.250.1.9
18.192.166.234
184.30.20.22
185.255.84.152
185.64.191.210
23.35.237.75
23.52.181.90
2600:1f18:612b:4216:62d6:8e85:a32:725d
2600:1f18:730:b130:79e9:126b:57f7:7b4e
2600:9000:237d:de00:8:8845:1500:93a1
2606:4700:3035::6815:609a
2606:4700:3108::ac42:2add
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200a
2a02:2638:3::19
2a02:2638:3::c
2a02:2638:3::e
2a04:4e42::729
3.127.168.76
3.77.84.105
34.117.157.22
34.212.97.52
34.249.144.138
35.214.149.91
35.86.11.69
37.157.2.228
37.157.6.243
37.252.173.215
46.228.174.117
5.196.111.73
52.2.167.39
54.154.223.27
54.230.228.90
63.32.81.13
69.173.144.138
70.42.32.31
74.119.117.16
85.215.5.31
95.217.122.4
03ee34a40289cd59a27b110b7eecaf6af7dd295854dd3c9adbf0c087772dfbcc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c18bcaa99b97a6850450f677b1606bbdcbcd04df34f5a64862f2fbfc35eebe0
10c61058d7b2a016cd6de6887a2fd4c4baf43babd098120c573cf5f386b5d37a
11304753a6e8a7ebf0895d573068099ea673f96f839519f184fc1e2a8f191039
11ad310ed17ce4feb3b1a121a2e3d4317dce57ca2875d2f12a8b865f8d57caac
14ca7f5dab60d993d6e496de40a3584f23ffa09ae0f78dc75c7c1f233bd703dd
1944abadec8b8b118757b0c184282ba2b909aff9a3b5fdadb6f2bb7fdb234b55
1d9d7ae5da2739bb3c90c97c41799f0555a7711122deebad64ff48789b30671e
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2853d39cb8dd362c3339164ad85431c0f5fbd3f801a65b33776d960a521e3d84
2ab0932269d9897fd43c2bcda82dc75121d96bea933bd64726bc772e054ca7ab
309dcd1052d723b91589e2cbdec7df195c9a42f0191851be6b248de6cd98afcc
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
43f62851622a4c3e3a741578df63874c597104662bfb82702745666e2e308606
4534203d73df094bf991ad0f42631889f0a020e90a00b311e76406822f5512ff
4727e7777c16c9c3bd95f651576f99ff34994ebc5e254ec25cb5923e6860dc24
4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9
4add3fe371639b40f8491b105b99a35050365ebbc41dac264d11c5ca29434b96
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cba61df8b4d8704f2951523dff696e4a5cb4ca3baa80d94e4682a22e5472936
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5299bb2e133843c854d6a966630afb13c6edecf4d3738a6c4760cf6f9f1cf2f2
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a979130309c3f0d4398298f648e90a8ded2df500fdf3c758e9051ecf6229cb
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
574be775e6c5a0ceee6f9a3b93c92fc987fb0f9bdb12f932fa2f25d05ee93c58
58c374376be372304237ad2d85b079555ac8707a93480054167a407dc477a293
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423
73035e8c2ba7bc19f518e6b1bc729d538a7a9b7ed2f8ca0b31eb21ef61911631
752c098d0a766e2193940025724e86f8d1226a6a6bb3ef7fb1db1e9f15e0397f
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e3d4522f741676fe84f83ce6c8a280d55b5979f1c342cabd08c410b5edd035b
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
894414923299d190ceae912201e37304313c196d0609527ee1bbe71ac82a64f5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cbd4203d993f20cca27f4328f6792eae40f2655cbf67f52f969cba7d736ff89
96d7ee4671cdf97c16cbca573863435295a9e98047ca894ed26e6102bb595139
9898853d870512fc480af73452d00d17a5d0c62d3329560d80542f1397b82330
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f
abd87251504843aba43e41c58605e54abc8489c79caad3c1e9eaa02d155cd90e
ac05adae3e039090e2b0fa509de900760d2f003c7e97f3c9ddc09fc4e7f53b68
ad4eaecaf0f46fdb2f7992fa683f1e72016b0e4409ceca58b5c2943b47a838c7
ade3e68d56f2c05c912f94419a76de26b86828d400edb71189cc9bd39561d57d
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b244a26859fdae402a347540217ac9b839528bfd823b8497f07e09f19f9fb714
baac471c1c739eb5df38c043ab97d3ecf23aab472f70511af0d433da2253456b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc13493bc8bca6e3491b1186edf38f300ac54e774cde5ae947e43ea8246e9ad4
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bfd1dfa6765654e85cec85dc6cdb53ad64cc3a3a64d0e010b35838f2c762a6f3
c7c2fbcdf7ea62bdeae2d3b3a1e7fe72278e4d3438ff9ec98713a08d6b0d4c5a
c9c4b6ee5cd74a8dae3caa85f95678aa592c060d18c6f21e37c0d0e1446dc4af
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d852a478da86a57ea6001d3c6189a400023c810dcb89fc57e64c8283dff7ee9f
e38372d8696f210809f6821f0b00c84e57beff6b12b40bdba9954c257bb3b0a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e814fda4b3a0b92c9a44cbb8d9ce5f220aad949224f9eb4a7fc31c3d9d8e2c1d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6593f5753f1cb95a8eb445cc05f5d22990a8ec4b5e6e28d47872a5755a1bf1
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f429259e0fca92055bff84279d90c6471eec32f2444eca6598639eccdd301863
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f7b2d563342014e2fdc7348cc4e00f1a543d37bbdbc1e5c46c7c5b6f1352a688
f9cf00da3ed66835c3383eefe3ece96b304fe05d61d742104bbfafcde4ca282b
fa960e4ab54ad62b7a19b67a7ef0149c3cc6da957e048922702c64d10e271a16

secretofexodus.com Open in urlscan Pro 2606:4700:3035::6815:609a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

90 %HTTPS

27 %IPv6

36 Domains

47 Subdomains

44 IPs

9 Countries

3639 kBTransfer

4921 kBSize

37 Cookies

1 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secretofexodus.com Open in urlscan Pro
2606:4700:3035::6815:609a Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

90 %
HTTPS

27 %
IPv6

36
Domains

47
Subdomains

44
IPs

9
Countries

3639 kB
Transfer

4921 kB
Size

37
Cookies

91 HTTP transactions
5 data transactions