links.waketheforkup.com/a/2118/click/6888/257007/78856efcad60b52b1d889720c57104f3822153d3/a23fafc082de60cf8a0d37f5ee2a2ca3f1060364
35.238.129.105308 Permanent Redirect 0 B URL HTTP/1.1 links.waketheforkup.com/a/2118/click/6888/257007/78856efcad60b52b1d889720c57104f3822153d3/a23fafc082de60cf8a0d37f5ee2a2ca3f1060364
IP 35.238.129.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /a/2118/click/6888/257007/78856efcad60b52b1d889720c57104f3822153d3/a23fafc082de60cf8a0d37f5ee2a2ca3f1060364 HTTP/1.1
Host: links.waketheforkup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
content-length: 0
location: https://links.waketheforkup.com/a/2118/click/6888/257007/78856efcad60b52b1d889720c57104f3822153d3/a23fafc082de60cf8a0d37f5ee2a2ca3f1060364
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11374
Expires: Thu, 09 Feb 2023 01:40:44 GMT
Date: Wed, 08 Feb 2023 22:31:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10269
Expires: Thu, 09 Feb 2023 01:22:19 GMT
Date: Wed, 08 Feb 2023 22:31:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 21:34:13 GMT
content-type: application/json
age: 3417
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5189
Expires: Wed, 08 Feb 2023 23:57:39 GMT
Date: Wed, 08 Feb 2023 22:31:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yHirCzDNevTsxCw9MuBSCqG0p9uqtF0TwywwakYqsOpkpXgTZqa8ktmkmgDFuEq4mNLfXZBV5rY=
x-amz-request-id: 2KDPBNEGR57EJ1TJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 21:46:07 GMT
age: 2703
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:31:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6241ee9e8455333576d750e2df0ff79b
a7517b9bc3d8945c1c785b1489cd4b3580b31487
6a6af9ca2c1b61a3104d92b997251c2fc8d88f46127f9041dc430263b741bfd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A6AF9CA2C1B61A3104D92B997251C2FC8D88F46127F9041DC430263B741BFD8"
Last-Modified: Tue, 07 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Thu, 09 Feb 2023 04:30:11 GMT
Date: Wed, 08 Feb 2023 22:31:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 21:51:20 GMT
age: 2390
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
links.waketheforkup.com/a/2118/click/6888/257007/78856efcad60b52b1d889720c57104f3822153d3/a23fafc082de60cf8a0d37f5ee2a2ca3f1060364
35.238.129.105302 Found 332 B URL HTTP/1.1 links.waketheforkup.com/a/2118/click/6888/257007/78856efcad60b52b1d889720c57104f3822153d3/a23fafc082de60cf8a0d37f5ee2a2ca3f1060364
IP 35.238.129.105:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (332), with no line terminators
Hash 522692a0609a84dda990c9d6c64cfcb0
019654e8024e5d58249fe4244bb2dd8472f35170
7e12b9821b551448e3cb5c7d7e73d77b74c9bf1c51c7e9e62627bbf86661b707
Analyzer Verdict Alert fortinet Phishing
GET /a/2118/click/6888/257007/78856efcad60b52b1d889720c57104f3822153d3/a23fafc082de60cf8a0d37f5ee2a2ca3f1060364 HTTP/1.1
Host: links.waketheforkup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
transfer-encoding: chunked
status: 302 Found
cache-control: no-cache
vary: Origin
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2265cb64-1f33-437a-b691-22e45805123f
location: https://trk.anarchywarrior.com/d461d618-bcdd-4ee2-9920-2ae26f49f7ea?offer=MW15 02-08-23PM1 Exodus Effect - stiff knees&sub2=romelle@windermere.com&from=Garret-support@waketheforkup.com&subject=1-2 drops soothe stiff knees&sub1=mw15cust020823clickers
x-download-options: noopen
x-runtime: 0.033221
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 22:31:11 GMT
set-cookie: _session_id=7a7bc8dc51201b1fb8c3f63be57d864e; path=/; expires=Thu, 09 Feb 2023 10:31:11 GMT; HttpOnly
x-powered-by: Phusion Passenger 5.3.7
server: nginx/1.14.0 + Phusion Passenger 5.3.5
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4f6002d37d3b1be3d33004b04d5d9d26
e3c2487a581ff31bada4fab697e48b15e910ac41
75a7afe5f140eea998a805aa7871d825fa0951c970f4e6230b238264d421c29e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "75A7AFE5F140EEA998A805AA7871D825FA0951C970F4E6230B238264D421C29E"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18768
Expires: Thu, 09 Feb 2023 03:43:59 GMT
Date: Wed, 08 Feb 2023 22:31:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10672
Expires: Thu, 09 Feb 2023 01:29:03 GMT
Date: Wed, 08 Feb 2023 22:31:11 GMT
Connection: keep-alive
trk.anarchywarrior.com/d461d618-bcdd-4ee2-9920-2ae26f49f7ea?offer=MW15%2002-08-23PM1%20%20Exodus%20Effect%20-%20stiff%20knees&sub2=romelle@windermere.com&from=Garret-support@waketheforkup.com&subject=1-2%20drops%20soothe%20stiff%20knees&sub1=mw15cust020823clickers
104.21.43.3302 Found 0 B URL HTTP/2 trk.anarchywarrior.com/d461d618-bcdd-4ee2-9920-2ae26f49f7ea?offer=MW15%2002-08-23PM1%20%20Exodus%20Effect%20-%20stiff%20knees&sub2=romelle@windermere.com&from=Garret-support@waketheforkup.com&subject=1-2%20drops%20soothe%20stiff%20knees&sub1=mw15cust020823clickers
IP 104.21.43.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d461d618-bcdd-4ee2-9920-2ae26f49f7ea?offer=MW15%2002-08-23PM1%20%20Exodus%20Effect%20-%20stiff%20knees&sub2=romelle@windermere.com&from=Garret-support@waketheforkup.com&subject=1-2%20drops%20soothe%20stiff%20knees&sub1=mw15cust020823clickers HTTP/1.1
Host: trk.anarchywarrior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 08 Feb 2023 22:31:11 GMT
content-length: 0
location: https://www.wm74trk.com/28KL6/DNPGN9/?sub1=mw15cust020823clickers&sub5=wuqmr9dgq34d26gm2nhfup0o&sub3=91.90.42.154
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: d461d618-bcdd-4ee2-9920-2ae26f49f7ea-v4=TadH-4rFfFhGxziJ6Nm39BvamuhCVy4dnEQVpjSLyfY; Max-Age=86400; Expires=Thu, 09-Feb-2023 22:31:11 GMT; Domain=trk.anarchywarrior.com; Path=/; HttpOnly
cc-v4=aP7p%2B%2FmveLm34EXXaHxxfXcS8kTypg5TX7MvUmZ0bGLzuAyzlcaKmEgoQsj6Teo5QXLn%2BsBhP5kBiw9YMw49QLiL0%2BGKGlL75AA2fX6D1lPVtZDohCr2tQH1NvM9TiSwgvGGgey0D%2BSHh%2FbIFFiIww%3D%3D; Max-Age=31536000; Expires=Thu, 08-Feb-2024 22:31:11 GMT; Domain=trk.anarchywarrior.com; Path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbUNMv4tLwixs6tTPoh%2BoviIcWMxb5iA6FT8fSLsEawjVJsEN3YG0IaqGfMtWMMyLyFmsnI48CewdznWGv1zNC8YonP7xc9cbs05Kt3tssWJpZ%2BTQPxC2gsnvSr9kyPUHSoVStt4xL8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967d066cb200b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4f6002d37d3b1be3d33004b04d5d9d26
e3c2487a581ff31bada4fab697e48b15e910ac41
75a7afe5f140eea998a805aa7871d825fa0951c970f4e6230b238264d421c29e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "75A7AFE5F140EEA998A805AA7871D825FA0951C970F4E6230B238264D421C29E"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18768
Expires: Thu, 09 Feb 2023 03:43:59 GMT
Date: Wed, 08 Feb 2023 22:31:11 GMT
Connection: keep-alive
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 3ced5e15fed7607b06eae4fcd4998015
69a73c9dc4052d690843d780740996988b5af807
7300173b1514594b05552896c735ed1902ca09a4bb0eb365d298f64d156f1ae6
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 Feb 2023 22:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 08 Feb 2023 20:55:18 GMT
Expires: Thu, 09 Feb 2023 20:55:18 GMT
ETag: "69a73c9dc4052d690843d780740996988b5af807"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
push.services.mozilla.com/
34.214.112.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.112.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V+ufgMGcxhbyRR7jvnmGmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TYCuzzCyRZzCnD8Ppfx9ogpDZz4=
www.wm74trk.com/28KL6/DNPGN9/?sub1=mw15cust020823clickers&sub5=wuqmr9dgq34d26gm2nhfup0o&sub3=91.90.42.154
34.107.190.195302 Found 168 B URL HTTP/2 www.wm74trk.com/28KL6/DNPGN9/?sub1=mw15cust020823clickers&sub5=wuqmr9dgq34d26gm2nhfup0o&sub3=91.90.42.154
IP 34.107.190.195:0
File type HTML document, ASCII text
Hash fc1d2002a4328da29394fd347cc91d3e
f4186a33137390a76f565e2a8d3a46cdab36a255
600444e02497f90dca0293a815545dd24c64d3109c258c977be4689e2665a42f
GET /28KL6/DNPGN9/?sub1=mw15cust020823clickers&sub5=wuqmr9dgq34d26gm2nhfup0o&sub3=91.90.42.154 HTTP/1.1
Host: www.wm74trk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 22:31:11 GMT
content-type: text/html; charset=utf-8
content-length: 168
location: https://hillybillyrus.co/?a=22&c=14&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
set-cookie: uniqueClick_DNPGN9=2517d3f6-0e6f-4cf0-8f47-7082d8e75b9c:1675895471; Path=/; Expires=Sat, 11 Feb 2023 22:31:11 GMT; Secure; SameSite=None
transaction_id=8b55156fdf09466d97eb03fff0c6bc66; Path=/; Expires=Tue, 09 May 2023 22:31:11 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 11f0f691-e069-46c3-9c90-3b8f0d346df2
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7dedca806f42de159cb90b815840b7cc
ec2438142de3580281ddb550f9da07edcdda086f
c51278cb4e07701de2612436d7f7df8e70408acc0a52693900bdbcbb15af6e65
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=149023
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:11 GMT
Etag: "63e3c5ce-117"
Expires: Fri, 10 Feb 2023 15:54:54 GMT
Last-Modified: Wed, 08 Feb 2023 15:54:54 GMT
Server: nginx
Content-Length: 279
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 3ced5e15fed7607b06eae4fcd4998015
69a73c9dc4052d690843d780740996988b5af807
7300173b1514594b05552896c735ed1902ca09a4bb0eb365d298f64d156f1ae6
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 Feb 2023 22:31:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 08 Feb 2023 20:55:18 GMT
Expires: Thu, 09 Feb 2023 20:55:18 GMT
ETag: "69a73c9dc4052d690843d780740996988b5af807"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
hillybillyrus.co/?a=22&c=14&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
104.21.95.26302 Found 585 B URL HTTP/2 hillybillyrus.co/?a=22&c=14&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
IP 104.21.95.26:0
Hash dea427de465bd0f331f8d6862517ba37
dbb6551b364e1c8567ddd9e05bdbf79e55374e3c
b55e4a48195087775b0018a6436b751e7ad041f370fa99c7021e089ba97f24d7
GET /?a=22&c=14&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66 HTTP/1.1
Host: hillybillyrus.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 08 Feb 2023 22:31:12 GMT
content-type: text/html; charset=utf-8
location: https://dbhtrkg.com/?a=22&c=14&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66&ckmguid=dab9af81-c856-45dc-a84a-654181d723b9
cache-control: private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWy3gVyGWmyOyNJUwew1gVqHLoviA0NYMwZtvhN0rUekzt1%2BAblFTe13bSVnqw5jywt8fbgenRS5tBQ7J6G24JOTV1v5jzikvlyv8F3g7rd63gNDe9FXpu0XcXvgH2EvJOmT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967d06a1b39b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5387
Expires: Thu, 09 Feb 2023 00:00:59 GMT
Date: Wed, 08 Feb 2023 22:31:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5387
Expires: Thu, 09 Feb 2023 00:00:59 GMT
Date: Wed, 08 Feb 2023 22:31:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5387
Expires: Thu, 09 Feb 2023 00:00:59 GMT
Date: Wed, 08 Feb 2023 22:31:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5387
Expires: Thu, 09 Feb 2023 00:00:59 GMT
Date: Wed, 08 Feb 2023 22:31:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HKB4N2wyEkDOCHrcPmb2SW-T48udtqtgj-SITdLi1HxcsmUFDxERfA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:52:43 GMT
age: 2309
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ladt7WYN7SIJ42nshsT0ewNBre8_C8DHi_-JbR37KM57MA9lkq5Anw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:52:28 GMT
age: 2324
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NsPkfWcoYkZE6ynP9nfRlkB-ZVNL2M5QLsL5nng7mUooHvoAUeMYKg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:06:51 GMT
age: 1461
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb0e725719ac378134b01b6473a6581
a8a1780c88e8ae219048bed28ecfbd8019d9af35
187d4e83edc0af857334f84bd6853234193d4654d06c43367f39b4e125defe08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6679
x-amzn-requestid: 97c19ad5-c127-4dc1-b529-1eca84645316
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f59MzHgloAMFwow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a8b8-79d6b8d31b69153d4929b7b7;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x_tr-xummuF51PvAM4y3DgvLWuJOwxgquKO8baQfcoN6ta5M3ll7ug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 06:24:59 GMT
age: 57973
etag: "a8a1780c88e8ae219048bed28ecfbd8019d9af35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c7epaBUnG5cmbx_dT8BnEXw8JEOHyEnVEavRV6dSAExVbmdYLRMUzA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:56:04 GMT
age: 2108
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed10868ea9554510e43f77dfb8c43877
df0d86c2c53bdec7b8935912e42dc7f82f87aa61
751e95e7dd20802cc4e0b6f208bf5559b0b73efd3ca22a9abafd86cf83ab6420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12401
x-amzn-requestid: 7bfa8a84-c348-4f55-8e8e-befcdd24f026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjPG-eIAMFccA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47a-06eedb3c7396825f77360755;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZHGp073QTcSjtcva36Y9sBKwRU6R8MdAxdTf8DQ_ugzAkDgWingxXg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:50:14 GMT
age: 2458
etag: "df0d86c2c53bdec7b8935912e42dc7f82f87aa61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash a1ca22e9e4ae8335dabb9ce58415e571
0f0b4f8ea1a562b8db2d708bdf52471e272670a9
c7b1b194677e9b545c2b2dd4787695a81e3fd64d0d1629950a619a353dc31b10
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:31:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 12 Feb 2023 21:08:42 GMT
ETag: "0f0b4f8ea1a562b8db2d708bdf52471e272670a9"
Last-Modified: Wed, 08 Feb 2023 21:08:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7967d0711fb6b527-OSL
dbhtrkg.com/?a=22&c=14&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66&ckmguid=dab9af81-c856-45dc-a84a-654181d723b9
52.202.125.204302 Found 356 B URL HTTP/1.1 dbhtrkg.com/?a=22&c=14&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66&ckmguid=dab9af81-c856-45dc-a84a-654181d723b9
IP 52.202.125.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e985341ad00e229009718e02e2823f8f
a690cc18eabc18e6108b39c08e607fa8a37fc922
2ff42005123648a9236e6a3555843d76c4b0be9901c0d4cfbff3768ad1fa7f4d
GET /?a=22&c=14&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66&ckmguid=dab9af81-c856-45dc-a84a-654181d723b9 HTTP/1.1
Host: dbhtrkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 356
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Feb 2023 22:31:13 GMT
Location: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=EqCbFyAD8deknEhbHJrw3V6ToTYSy9arLIrpSdSEOsJ42bExV2T4Pw==; domain=.dbhtrkg.com; path=/; HttpOnly
trk=EPqIl/DVDYgycMUsH52L/3R6wC2kTQPe1r5u/3kzLQVnLG6Jc8L3lA==; domain=.dbhtrkg.com; expires=Sat, 08-Feb-2025 22:31:10 GMT; path=/; HttpOnly
c11=EqCbFyAD8ddXnOL8Y297OEP0+FCSubHmG2RKU7v3+SCaBTi2irFWZw==; domain=.dbhtrkg.com; expires=Fri, 10-Mar-2023 22:31:10 GMT; path=/; HttpOnly
Connection: close
ocsp.pki.goog/s/gts1p5/Wh4sbHDY6P4
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Wh4sbHDY6P4
IP 142.250.74.163:0
Hash 0803990b9cc9df5abc17f07567037b22
116b42caa472675e8b04e2f10e5dc6fb9fcd19e4
b94811e7d7916f976c97cf2efbeb05fa820d75c3a4118035c62a62e7defae7ec
POST /s/gts1p5/Wh4sbHDY6P4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
exoduseffect.com/assets/images/lander/VSL/price67.jpg
188.114.96.1200 OK 5.6 kB URL HTTP/2 exoduseffect.com/assets/images/lander/VSL/price67.jpg
IP 188.114.96.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 213x103, components 3\012- data
Hash eaafdd798054a73a863f3793505271fc
50b32e2bf737e89ebb4a9d52f589667f3dbe1b14
e43c50c7eea2e122f79d1bb50ac966a18847bbdd7c980497034721d15eab5c22
GET /assets/images/lander/VSL/price67.jpg HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: image/jpeg
content-length: 5556
cf-bgj: imgq:100,h2pri
cf-polished: origSize=21206, status=webp_bigger
etag: "52d6-5cd18228c28d2"
last-modified: Wed, 29 Sep 2021 01:20:26 GMT
strict-transport-security: max-age=0
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IS5Cwi%2B8Yd3oRPLkIK58HfR85t5QDXfvemT8jiTCWHuz9quECvjn3QXXzQ%2FntVOs2P8ewEeR%2BaBEw9UvqLYeX8CF0cwhXeXi3uYoYYYOtgOTRIg62jtMmlvhwhrYYLB4BpuA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967d076f947b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exoduseffect.com/assets/images/lander/VSL/ctaMobile.jpg?v=10002
188.114.96.1200 OK 12 kB URL HTTP/2 exoduseffect.com/assets/images/lander/VSL/ctaMobile.jpg?v=10002
IP 188.114.96.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 295x138, components 3\012- data
Hash ff04d1a186d51310cf98d1ccc70c5958
4aad914400a6022321cc4d1ed002e514b5363c99
0ca896a5dcd80fd17e17650e84cc4362b5490879c86abc818beb473c236f09a3
GET /assets/images/lander/VSL/ctaMobile.jpg?v=10002 HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: image/jpeg
content-length: 11620
cf-bgj: imgq:100,h2pri
cf-polished: origSize=28021, status=webp_bigger
etag: "6d75-5b3509a1153e7"
last-modified: Wed, 04 Nov 2020 23:47:27 GMT
strict-transport-security: max-age=0
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJvhCxZlkhwEobGid257dMzhj58Mv7Cn0aVxcdc0Th5ZBkX98Q0ykVY%2BMrN4g5Tpb2e6AZJacy38kh6AH17mxvekiLl7%2B2q0oPCyo2t2Hs3qbI%2BhVgi11wvRWBuPvLjvC2L%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967d076f946b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exoduseffect.com/assets/images/hero/heroDesktopA1t.png
188.114.96.1200 OK 470 kB URL HTTP/2 exoduseffect.com/assets/images/hero/heroDesktopA1t.png
IP 188.114.96.1:0
File type PNG image data, 800 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 470 kB (469463 bytes)
Hash 83c3a444cf82d5b7271f5d8d2c77aaad
732f2ec7255ef38ce8c23e4737de815d2f153aee
73035e8c2ba7bc19f518e6b1bc729d538a7a9b7ed2f8ca0b31eb21ef61911631
GET /assets/images/hero/heroDesktopA1t.png HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: image/png
content-length: 469463
strict-transport-security: max-age=0
last-modified: Tue, 12 Oct 2021 20:26:14 GMT
etag: "729d7-5ce2da83c68e7"
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3eTt4PVflYxXd4xXvlfFX51LWQlLU41AYFel%2FXaF2xR6cURJ1NKo4fOzOWCWfO%2F0x50OAwaJ%2BkIviy3bIXN%2BhEwbZm2xMC1lAR3r00MjsYSaIFjx4NmJ2IGCyo%2BeMlIC5WI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967d076f941b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exoduseffect.com/assets/images/lander/VSL/ctaDesktop.jpg?v=10002
188.114.96.1200 OK 33 kB URL HTTP/2 exoduseffect.com/assets/images/lander/VSL/ctaDesktop.jpg?v=10002
IP 188.114.96.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 687x258, components 3\012- data
Hash 045a274c0f94598046c7b8908d732fd8
6f959a8c96950ed95db159bcb83c02cf66d27264
3aaae3958ce4707ace52c19688998924db1179a7b0e257c16407cd3b30096afe
GET /assets/images/lander/VSL/ctaDesktop.jpg?v=10002 HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: image/jpeg
content-length: 32851
cf-bgj: imgq:100,h2pri
cf-polished: origSize=47819, status=webp_bigger
etag: "bacb-5b3509a1153e7"
last-modified: Wed, 04 Nov 2020 23:47:27 GMT
strict-transport-security: max-age=0
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYIllon0oa6XQgns5yklH5B9wi%2FtLoJrwlbhBJTMwM5Sm5XHb9%2Bo1aFBC5bsOphSo67kixE4qSIJNR5zV%2Fkz5cGyyXxkEAC9yR68wAP6RnchTZ5TecC7K4%2FKQmtkPyk4Vk8v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967d076f945b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exoduseffect.com/assets/images/lander/VSL/trustDesktop.jpg
188.114.96.1200 OK 4.5 kB URL HTTP/2 exoduseffect.com/assets/images/lander/VSL/trustDesktop.jpg
IP 188.114.96.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 340x36, components 3\012- data
Hash e456df452b782f3f587f4ac446d6a3ad
2ea0f852a60e27190f2af3ca248b20f816967485
6ec4d690911089737b31dfc29d599a865ba2f645d230d5877d4896b506608e0b
GET /assets/images/lander/VSL/trustDesktop.jpg HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: image/jpeg
content-length: 4478
cf-bgj: imgq:100,h2pri
cf-polished: origSize=15622, status=webp_bigger
etag: "3d06-5b3509a117327"
last-modified: Wed, 04 Nov 2020 23:47:27 GMT
strict-transport-security: max-age=0
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqvSpe7obzEj0EW1naiUTOetT%2B%2FFl%2BFNmAFOArzuqwuIyEdkDagtq5jkR6HXN5hRapdV2AK4AAGqYj%2FW%2FZm7G%2FNbNj%2Fzg%2F41IF6UYxwcD%2BvJ7t5mBILhZ0GR3HBHhmAoZF4q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967d076f94bb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exoduseffect.com/assets/images/lander/bulletBible.png
188.114.96.1200 OK 63 kB URL HTTP/2 exoduseffect.com/assets/images/lander/bulletBible.png
IP 188.114.96.1:0
File type PNG image data, 133 x 133, 8-bit/color RGBA, non-interlaced\012- data
Hash 61e772a7126e02e61ea9a08a78a0211c
d54ded7528635ce1a1be5cfcbfe3a8ea4072de6d
e38372d8696f210809f6821f0b00c84e57beff6b12b40bdba9954c257bb3b0a9
GET /assets/images/lander/bulletBible.png HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: image/png
content-length: 63024
strict-transport-security: max-age=0
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
etag: "f630-593f4978ab3b1"
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laVmrWlRYdsh4wsT9Hs7wpbwoITIllQ6kiEdBgBlpB2yb09kEbVsqZ9gVFnrIt8oVcalusjfvfxDBigZePzCphMM9jby4jPswbjj1XWSIRzVdg4HQz6kBBhOq1Hd%2BMKNEss4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967d0770950b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exoduseffect.com/assets/images/lander/bulletGovernment.png
188.114.96.1200 OK 45 kB URL HTTP/2 exoduseffect.com/assets/images/lander/bulletGovernment.png
IP 188.114.96.1:0
File type PNG image data, 133 x 133, 8-bit/color RGBA, non-interlaced\012- data
Hash 751ec84ad86deff72450cd98d38d5c58
da57f4bcbd042717fc1ba915478bf29b2e6cd117
89023b58f2a45258a944bc9f9cd9ffcbb5baa350203010d6c2056c2530958e9c
GET /assets/images/lander/bulletGovernment.png HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: image/png
content-length: 44633
strict-transport-security: max-age=0
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
etag: "ae59-593f4978ab3b1"
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kH%2BjS%2BqBpPCVzqD4W%2FerdPpKk2HRq5CLhvHviUyvX1VR2X8XJ8mCO%2BspxWriycRBOKrjebGDxcFzB1gLbRq97HRykxY8svTFbu8%2BC2tVy5bD2Oxj7UzeVp%2BNrPKQcs8zJCMU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967d0772978b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exoduseffect.com/assets/images/lander/bulletChristian.png
188.114.96.1200 OK 57 kB URL HTTP/2 exoduseffect.com/assets/images/lander/bulletChristian.png
IP 188.114.96.1:0
File type PNG image data, 133 x 133, 8-bit/color RGBA, non-interlaced\012- data
Hash 56c1ffc1faed7c177c0dfbc7c5ffec1f
6f1e41c8dc562f1d7a37d9147595b410ddd2eacd
4534203d73df094bf991ad0f42631889f0a020e90a00b311e76406822f5512ff
GET /assets/images/lander/bulletChristian.png HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: image/png
content-length: 56600
strict-transport-security: max-age=0
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
etag: "dd18-593f4978ab3b1"
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyvrUY%2B4xi3iGmxw2QPQwa%2BpFAgb8coITxqny3zKe7Z6iGt7QIp6O%2BPpGH0dd5YbA6gaw4SXJqQ7FnbpNIEnRTLsxIhMhE0VeTR%2F5KfhlzCkqTCy%2FLRIEmiUULjZfJ7vU%2BWB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967d0772977b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exoduseffect.com/assets/images/lander/bulletHealing.png
188.114.96.1200 OK 51 kB URL HTTP/2 exoduseffect.com/assets/images/lander/bulletHealing.png
IP 188.114.96.1:0
File type PNG image data, 133 x 133, 8-bit/color RGBA, non-interlaced\012- data
Hash 951016bc87aa1e5b830565dc7352b91c
6f7b2378b7c12b42a7a6220ce05c8926598c827a
2ab0932269d9897fd43c2bcda82dc75121d96bea933bd64726bc772e054ca7ab
GET /assets/images/lander/bulletHealing.png HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: image/png
content-length: 50928
strict-transport-security: max-age=0
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
etag: "c6f0-593f4978ab3b1"
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJoeX586XQPN6xkSiJFBccjejr84BzAG8f%2BuIuLL9XxMPwsGMhg3V6%2Fibh%2Bt%2BglTg4PL8SeyUR6be5V25H7LemVLTDh1W3L4px8l7FXyGOkFGkEhKTDMBzhvt2jpfXVIWO6K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967d0772976b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Wh4sbHDY6P4
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Wh4sbHDY6P4
IP 142.250.74.163:0
Hash 0803990b9cc9df5abc17f07567037b22
116b42caa472675e8b04e2f10e5dc6fb9fcd19e4
b94811e7d7916f976c97cf2efbeb05fa820d75c3a4118035c62a62e7defae7ec
POST /s/gts1p5/Wh4sbHDY6P4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vjs.zencdn.net/7.20.2/video-js.css
151.101.194.217200 OK 11 kB URL HTTP/2 vjs.zencdn.net/7.20.2/video-js.css
IP 151.101.194.217:0
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash fe56250286f5ded89eae50b54b7d1100
fa5e7d94f4604ab819f42f8b08257a70c86a6b54
76423f3d7320b1178fce25d069e2ff6c6cdc68f1ff8feb2181ea89bb348a80c4
GET /7.20.2/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 28 Jul 2022 18:58:38 GMT
etag: "92c4f5bba6e24134f07a508819300d2e"
content-type: text/css
content-encoding: gzip
date: Wed, 08 Feb 2023 22:31:13 GMT
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 9
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10964
X-Firefox-Spdy: h2
exoduseffect.com/assets/scripts/squeeze.js?v=10009
188.114.96.1200 OK 1.2 kB URL HTTP/2 exoduseffect.com/assets/scripts/squeeze.js?v=10009
IP 188.114.96.1:0
File type ASCII text, with very long lines (517)
Hash bfe56f91ce0bb301f09b96041885ed50
f5c94ad1ac64a6373a06d465bd0d7fca7cdd6989
f596c0d0192e40399208b82f159b9b2a74ee6da889a29df00a5d68f116cb222d
GET /assets/scripts/squeeze.js?v=10009 HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3423
etag: W/"d5f-5ed3423b214da-gzip"
last-modified: Fri, 11 Nov 2022 16:11:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wly9WNAe6IN4pqUGrrHYVNsbn%2BNEol%2FtLLMhAzNqO2ckgENE3B2pbUxU7nLHehN1a8T1gQOL3OeBOehJBp0ZAiS9BTIZcM7T%2FClI1EdRUgn8YXWW5rl6QjgKtaW27ahRPwDp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967d0772985b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ab88b8165d39c17802adcfb408ea10fa
fc931d76c575e6d449a0ee0fc3f149436fab526a
c82028ee7859d2c74998ab9385a8146f61e51918687edee3e6feb0f25bed294c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1081
Cache-Control: max-age=97575
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:13 GMT
Etag: "63e2f89f-1d7"
Expires: Fri, 10 Feb 2023 01:37:28 GMT
Last-Modified: Wed, 08 Feb 2023 01:19:27 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
vjs.zencdn.net/7.20.2/video.min.js
151.101.194.217200 OK 163 kB URL HTTP/2 vjs.zencdn.net/7.20.2/video.min.js
IP 151.101.194.217:0
File type Unicode text, UTF-8 text, with very long lines (48447)
Size 163 kB (162713 bytes)
Hash 430ea567cd84f443a9549455bb2336d3
525d4782b0b7be4dd32ec2d3a62f2a48945fd390
98310323304c63336f96dd80c6d620f1decb3798453b98dd6f023360b190f9c0
GET /7.20.2/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 28 Jul 2022 18:58:38 GMT
etag: "c038d4c38eb6160ddb328b8944a5422b"
content-type: application/javascript
content-encoding: gzip
date: Wed, 08 Feb 2023 22:31:13 GMT
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 162713
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PP5N9TT
142.250.74.168200 OK 66 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PP5N9TT
IP 142.250.74.168:0
File type ASCII text, with very long lines (16809)
Hash 0e9a3ddbf2e274fbb60355164fc5162b
b31fc1ada183855f1ff7e123d422499af9787507
2f0e1e7862a10c9b5006b5bed6e76ddafc8b537abd5fd47cb212d6b82571d4ed
GET /gtm.js?id=GTM-PP5N9TT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 22:31:13 GMT
expires: Wed, 08 Feb 2023 22:31:13 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 22:05:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a13bf36fca36cf584ff14835a411326a
3e8333971f482ab4fd30928436ff408b2cb1f861
7d06db2760aed14c803adac68a4995c355722ad4efbd66da1e309adb73926c86
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:31:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 10:06:47 GMT
Expires: Tue, 14 Feb 2023 10:06:46 GMT
Etag: "3e8333971f482ab4fd30928436ff408b2cb1f861"
Cache-Control: max-age=473132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7967d0780f16b4fa-OSL
cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
195.201.193.122200 OK 45 kB URL HTTP/1.1 cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
IP 195.201.193.122:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash f092e06ff1e7e957d028ea9811b1f11b
689b795e3b8bad42a78e7e6c2e6a2d68653c9491
4c69e9317b545d023ea95040208d583463d1499099bb23ed10e828341e5e6816
GET /webpush/v3/pushwoosh-web-notifications.js HTTP/1.1
Host: cdn.pushwoosh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 22:31:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 13 Sep 2022 08:45:52 GMT
x-rgw-object-type: Normal
ETag: W/"d50a1b2bd010ebf2eca5a3e1f9c1df25"
X-Amz-Storage-Class: STANDARD
Expires: Thu, 09 Feb 2023 22:31:13 GMT
Cache-Control: max-age=86400, public
X-Cache-Status: HIT
X-Proxy-Cache: HIT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
exoduseffect.com/assets/scripts/slideInOnScroll.js?v=10001
188.114.96.1200 OK 25 kB URL HTTP/2 exoduseffect.com/assets/scripts/slideInOnScroll.js?v=10001
IP 188.114.96.1:0
File type ASCII text, with very long lines (636)
Hash f9d577f07a9dc357730827d7dbdb2ca8
dcafddce6bde7c8b401b559529933516618c1243
0169069e2fc33d30f5f4cd3ba264426322fc1b6e54648d10251cee8254b486c0
GET /assets/scripts/slideInOnScroll.js?v=10001 HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1480
etag: W/"5c8-593f4978bfbd3-gzip"
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLUbTWYdeUbiB1qPeUFsFVNIMsss54tK8bkS8N0PhtrcFB%2BnKaTI1sjafosYEa2XfFjtzHQOs5zW%2FxjQ78zyrruytMJfy38x9oKFrLO80ZuFnsV8hiH4nRaijyZLIwjz6VXa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967d0772984b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exoduseffect.com/assets/style/squeeze.css?v=10009
188.114.96.1200 OK 20 kB URL HTTP/2 exoduseffect.com/assets/style/squeeze.css?v=10009
IP 188.114.96.1:0
File type ASCII text, with very long lines (3865), with no line terminators
Hash e1950b7bb00bf79f22acd9ba2030962b
95329d73bbfc1136974d8106d47b4060f9ea50ac
47adfd977d62547e902de65e839fe808c5aa49caa15d3274f445c467fd49e575
GET /assets/style/squeeze.css?v=10009 HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=5240
access-control-allow-origin: *
etag: W/"1478-5b9328c21975b-gzip"
last-modified: Mon, 18 Jan 2021 20:27:14 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIqAKXj2BSEMCIhQRIXT2eF8L2A%2BDAPwqhLnoScb2WQTrSZZ0%2BT0wVHVlpLSnmUchDH2Z4qIJ%2B9XwSEzn%2F3IxAHS6mAZahH0YVepLE8MfXi%2F3cNaPKNjS1zEonpAlgg2ejai"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967d0772979b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 21:45:20 GMT
expires: Wed, 08 Feb 2023 23:45:20 GMT
cache-control: public, max-age=7200
age: 2754
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
216.58.211.10200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 17:09:35 GMT
expires: Wed, 07 Feb 2024 17:09:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 105699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-172780246-2
142.250.74.168200 OK 314 B URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-172780246-2
IP 142.250.74.168:0
Hash 8e109baddb22b573a373457259aac9ac
f5f95ff6171d3cb8b274fa8c1eb361a98faaf423
f6d6b1beb6eb4837871a5b74c2f74ef9d1fc27b9f86b4eeba62c43cebf8914a3
GET /gtag/js?id=UA-172780246-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 22:31:13 GMT
expires: Wed, 08 Feb 2023 22:31:13 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 21:37:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6TP3JRSVD35Q9TRPAO0&lib=ttq
95.101.10.203200 OK 1.5 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6TP3JRSVD35Q9TRPAO0&lib=ttq
IP 95.101.10.203:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4075)
Hash 9a885be4bf696b757a5bc803f11cc323
7d7ac34b8016bcf5416148bb095f9a05355b9525
98651a46086a9ba637211b8125a2eadbbe67e296d37b4489ff28e313b21cb00a
GET /i18n/pixel/events.js?sdkid=C6TP3JRSVD35Q9TRPAO0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230208223114BA79FC0E391C03B8967E
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb68e42f4f400627b987f8072cc1e36db27b5cf127e15d1a0bf706a4a006d39603cb67fcfa3e22705fe24e1087d6c56b70bfdd3f0d0a2a5971c66254c23483a2ff113936fd99bc0dc9d7d312e6e006bcf085bb156abab1f6fc89804b2c116f3f04e
content-encoding: gzip
content-length: 1487
x-origin-response-time: 11,23.48.249.160
x-akamai-request-id: 9773673.10a7a2b
expires: Wed, 08 Feb 2023 22:31:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 08 Feb 2023 22:31:14 GMT
x-cache: TCP_MISS from a95-101-10-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: _ttp=2LTWIll8H7fietggd7w81oIcHzZ; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-48-249-160.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=11, inner; dur=5
x-parent-response-time: 102,95.101.10.199
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
exoduseffect.com/assets/style/slideInOnScroll.css?v=10001
188.114.96.1200 OK 20 kB URL HTTP/2 exoduseffect.com/assets/style/slideInOnScroll.css?v=10001
IP 188.114.96.1:0
File type ASCII text, with very long lines (2369), with no line terminators
Hash 7acaf0f45488a1d4822ce706750a8297
1fbc5de1cd415c5ce97f0986c8a5b117dc108c97
23587e36700e9b5cbfcc710154268b5209d3b65199ac482eaac306828cb8becc
GET /assets/style/slideInOnScroll.css?v=10001 HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2925
access-control-allow-origin: *
etag: W/"b6d-593f4978bfbd3-gzip"
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PkyAlj6kwA1rhRBTnzH7unIizaG8OqfHP6cqO%2FYu7%2FfsOl%2FbuapCvUhoWmB7oNH5%2FssHQ7Q25dJCX%2BJpMbURMEiL8jezAhLGmHzUeNt7CYPAW3gGBdwJCz3%2FcBCsYdrHzxD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967d076e93fb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 07:51:59 GMT
expires: Thu, 08 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 52755
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 13:09:06 GMT
expires: Wed, 07 Feb 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 120128
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 01:50:00 GMT
expires: Sat, 03 Feb 2024 01:50:00 GMT
cache-control: public, max-age=31536000
age: 506474
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
exoduseffect.com/assets/style/buttons.css?v=10003
188.114.96.1200 OK 21 kB URL HTTP/2 exoduseffect.com/assets/style/buttons.css?v=10003
IP 188.114.96.1:0
File type ASCII text, with very long lines (3834), with no line terminators
Hash 797241b78adc8075ebee01a8f368839e
434565df5ea96fc605b88a3665a2f8dfe68f797c
58d14a516ee1bb9e0381814d302e5606c9a929c5ef0085b3a06fd333c0873243
GET /assets/style/buttons.css?v=10003 HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=5452
access-control-allow-origin: *
etag: W/"154c-593f4978bfbd3-gzip"
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRmyiwPMDYZyk45BMA8Ejp%2Bonz1K9XSffJf%2FeUg6ArHqLs7bAIepkfpxJM8WrNqGkVOJbhUrdjnUhkDO5LSJeHzx7Ro%2B9XGdxYaWqTptlajsfVm5O5fIYF3nFJ%2Bsd5hP1PPI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967d076e92eb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyMA.js
95.101.10.203200 OK 66 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyMA.js
IP 95.101.10.203:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 6d7a969e359cdd64d60cd7203cd52920
0b21ff1eb4ba1b0d5224f965d37fab7befd4d9ec
d9877c03a25f2f85f577c12d2da58033295dd9c80964a15ab9e692dbb62d1167
GET /i18n/pixel/static/main.MWNiNWY1N2YyMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Cookie: _ttp=2LTWIll8H7fietggd7w81oIcHzZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023020721083048E1C9F8EEF0C7CE1FD0
x-tt-trace-host: 01e2cb5113e80710ff8e1892ebd7a2d475967fc99842c105e3cbc3203a00a402d7431f5e223140367c83accbaadb833f5afcf3f5023d698127621999a993156e2f8560abb5f1644c2bee954e42f435ee2fa35b0f1e415a1afc7887ae5b06d6c4e1
content-encoding: gzip
content-length: 65980
date: Wed, 08 Feb 2023 22:31:14 GMT
x-cache: TCP_HIT from a95-101-10-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=156
x-akamai-request-id: 10a7a63
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 260954
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
142.250.74.35200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 19816, version 1.0\012- data
Hash 290160ea1f23d0178902ab8a62635b0a
5614266d1f6bf5f0d7601fff4a2bc0924830d983
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:48:58 GMT
expires: Wed, 07 Feb 2024 08:48:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
content-type: font/woff2
age: 135736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
142.250.74.35200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Hash 101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 16:03:02 GMT
expires: Mon, 05 Feb 2024 16:03:02 GMT
cache-control: public, max-age=31536000
age: 282492
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 10:26:49 GMT
expires: Sun, 04 Feb 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 389065
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/static/identify_5f1fb.js
95.101.10.203200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_5f1fb.js
IP 95.101.10.203:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6c0c7514093e7b1dddb57107c47ead16
c167c044befc49e42d83c01940635aff4a7d78d4
15aaec1913aa1ce973d363428180001a96e2b2946044d6cdd868ccf3dffa7ac3
GET /i18n/pixel/static/identify_5f1fb.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Cookie: _ttp=2LTWIll8H7fietggd7w81oIcHzZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023020721083148E1C9F8EEF0C7CE2033
x-tt-trace-host: 01e2cb5113e80710ff8e1892ebd7a2d475967fc99842c105e3cbc3203a00a402d7431f5e223140367c83accbaadb833f5a0d207b3e8d025f4e3dd28297e4174826a8101724b261f2fc32b2ddb21563a7fb80c1d893b6fef16c63e64e063b97a44f
content-encoding: gzip
content-length: 30893
date: Wed, 08 Feb 2023 22:31:14 GMT
x-cache: TCP_MEM_HIT from a95-101-10-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 10a7a97
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 4ccd4a5d4ae2d373665abeea29c8210b
02f71202a0bbaa541a37d705d82cedf39805d990
6d1a81ed7c9ea83bb0e49434885c608df9d9977121cbed5aaa84cb2d91cfc49e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 22:31:14 GMT
Last-Modified: Wed, 08 Feb 2023 22:29:41 GMT
Server: ECS (dcb/7F13)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XHw_5N0HDc90d7cdABAggrH8cRBDzbROxD71xq_CE6MDGnALm8gdoA==
Age: 93
gum.criteo.com/syncframe?topUrl=exoduseffect.com&origin=onetag
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=exoduseffect.com&origin=onetag
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2cf12a61c5f3f23abe6f26d2181f908c
7cc44e27a14d87f3a8180a7b3a99f6fbc52f99c8
f0b7a85374c53a3a5e3dc9074aa1587df2e43cbd4835cb777f23ae7492cf2041
GET /syncframe?topUrl=exoduseffect.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:14 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=851bdd44-df34-48a0-bbc0-6314a956554e; expires=Mon, 04 Mar 2024 22:31:14 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 744542
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls_audio_160k.ts
54.230.245.108200 OK 0 B URL HTTP/2 d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls_audio_160k.ts
IP 54.230.245.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls_audio_160k.ts HTTP/1.1
Host: d2tjsej3ucxx0n.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Referer: https://exoduseffect.com/
Origin: https://exoduseffect.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Wed, 08 Feb 2023 15:58:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: range
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bdkf9edXTSC5NjNLO91-btIiuWC-5DyvHcti6ejhXFoWQHSMS-H8ww==
age: 23583
X-Firefox-Spdy: h2
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls10.ts
54.230.245.108206 Partial Content 788 kB URL HTTP/2 d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls10.ts
IP 54.230.245.108:0
Size 788 kB (788284 bytes)
Hash a12de398096d790786b670d57fb82298
a76842610b14533e573163d3a65b5cda2082d54e
ba175b13f78ed0fe1ed6f0ab3b4162223e3bd6701679687b680e2e16c9c81517
GET /video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls10.ts HTTP/1.1
Host: d2tjsej3ucxx0n.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-788283
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/MP2T
content-length: 788284
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
last-modified: Tue, 30 Mar 2021 23:06:13 GMT
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 Feb 2023 14:52:51 GMT
etag: "13f5d7056906dfd7e5192676330e2164-81"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zOXtF3Nm_69vqYAGefujW41EaniyBLl0CnenEp-zrpUBBqyKZhJWuQ==
age: 27504
content-range: bytes 0-788283/422169228
X-Firefox-Spdy: h2
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls_audio_160k.ts
54.230.245.108206 Partial Content 117 kB URL HTTP/2 d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls_audio_160k.ts
IP 54.230.245.108:0
Size 117 kB (117312 bytes)
Hash c82fd7bf3ef5de8d2d743d01de985e72
51c4afd6bf3c0178224ffe363346c1a9f6b0440e
27f012f2a0481070fc7dcb1b0896a47b35ceb4ef339a0062e652278ae079eaad
GET /video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls_audio_160k.ts HTTP/1.1
Host: d2tjsej3ucxx0n.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-117311
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/MP2T
content-length: 117312
date: Wed, 08 Feb 2023 05:37:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
last-modified: Tue, 30 Mar 2021 22:58:39 GMT
etag: "8d2841b96dfeae7b9ba66ec8ffb03a41-15"
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eifBzFLnFQ72sd5FhjcD0JE6A8hGtGkw-RqVBOYhrkRkoPG9W16Wxg==
age: 60819
content-range: bytes 0-117311/77989920
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
95.101.10.203200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.203:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 936
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://exoduseffect.com/
Cookie: _ttp=2LTWIll8H7fietggd7w81oIcHzZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202302082231145D9AE2072A9ACBF4A4F1
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb68e42f4f400627b987f8072cc1e36db27bbfcf514b3a99b9f1b5a677d215e00d9fc111eed128d467f131701f1e414a136d3ecda4e3579c829d138c05d1d7d11ce2cd27d87f712160d8d8d946075cd15f5af392c28ff0ed4f83f51b1c4097c1c25
x-origin-response-time: 22,23.48.249.163
x-akamai-request-id: 338c4e29.10a7aa0
expires: Wed, 08 Feb 2023 22:31:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 08 Feb 2023 22:31:14 GMT
x-cache: TCP_MISS from a95-101-10-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-cache-remote: TCP_MISS from a23-48-249-163.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=22, inner; dur=19
x-parent-response-time: 115,95.101.10.199
X-Firefox-Spdy: h2
175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!exoduseffect
52.4.228.223200 OK 36 kB URL HTTP/2 175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!exoduseffect
IP 52.4.228.223:0
File type ASCII text, with very long lines (35503), with no line terminators
Hash f6d487bf9c04f903ac9b4980e0c0e7ef
12ddea908af2184cfef4356ae5141120b385f21e
c30172352e542f9b914bfc56de12fa0b917a707ad3a38485e761c02fda960907
GET /v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!exoduseffect HTTP/1.1
Host: 175132.tracking.hyros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:14 GMT
content-type: text/javascript;charset=ISO-8859-1
content-length: 35503
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-max-age: 86400
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9c0e95ec1969d04cbbe1a963f9556eac
6d9f7db5133272b8f78348469f8a007a74c64933
8eaba7c4d361e9320711b8d55b568074f3246cea376dd382c4ff8940ed57c438
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4895
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Last-Modified: Wed, 08 Feb 2023 21:09:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9c0e95ec1969d04cbbe1a963f9556eac
6d9f7db5133272b8f78348469f8a007a74c64933
8eaba7c4d361e9320711b8d55b568074f3246cea376dd382c4ff8940ed57c438
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4895
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Last-Modified: Wed, 08 Feb 2023 21:09:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0fc3e2be9a02b14fdb24e92d26da8838
d55b2ea7ea9d97de65bd0833926173f205591b6e
55958bd04c967f293dd41c5f4cd5fc52eaaad9738af71c0910fad08b11996c24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4808
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:14 GMT
Last-Modified: Wed, 08 Feb 2023 21:11:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls10_v4.m3u8
54.230.245.108200 OK 6.6 kB URL HTTP/2 d2tjsej3ucxx0n.cloudfront.net/video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls10_v4.m3u8
IP 54.230.245.108:0
Hash 99ad4d92e80d976111fd6f785d825ab3
1ffc2b85bd1122d1bf5f727078b13b71a7b8e1a1
ee94701d954f2b4c83dceb266894fa2c15c089291516de426d5e626e55273cea
GET /video/VSL_20210331_A2.6_HighProd/VSL_20210331_A2.6_HighProdhls10_v4.m3u8 HTTP/1.1
Host: d2tjsej3ucxx0n.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoduseffect.com
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
last-modified: Tue, 30 Mar 2021 23:06:13 GMT
x-amz-storage-class: REDUCED_REDUNDANCY
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 07:11:17 GMT
etag: W/"93a0c433c0197adaf641d2830bc21ebe"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h1wpw6yuckCtZk7pK-S8AVBn0gyA6cHgFv2WZBCAXaWOs1XnTdAdqw==
age: 55198
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2736
Cache-Control: max-age=127986
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:15 GMT
Etag: "63e368f5-1d7"
Expires: Fri, 10 Feb 2023 10:04:21 GMT
Last-Modified: Wed, 08 Feb 2023 09:18:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash f31a18edbf87f9266a78b72da87228ed
5c5b30f1d22a19815a43108225e5a48c4fad11a7
d54391aa165ad6e54aeb6d6d0fc39f4bdefc1f792588f471bc15078f5ab16dff
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 22:31:15 GMT
Last-Modified: Wed, 08 Feb 2023 21:18:18 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cWT_5fM81uvAYEUhd234dHxh--afpFwnlL1auMFBEeM6HbxVMZYWAg==
Age: 4377
exoduseffect.com/assets/images/ajaxYellow.svg
188.114.96.1200 OK 885 B URL HTTP/2 exoduseffect.com/assets/images/ajaxYellow.svg
IP 188.114.96.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 126809a8cfec1bd3b0fe0ba8b7e5d742
95363fc5bcf437211978d54bfcd0aca4b47d75f2
dbf7082b8a1f1482ddc5700512df43cb4b84fce1e2cb1fa405ec7454d8fe331f
GET /assets/images/ajaxYellow.svg HTTP/1.1
Host: exoduseffect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/?affId=22&c1=mw15cust020823clickers&c2=&c3=91.90.42.154&id=100576504&affid=22&cid=53&s1=mw15cust020823clickers&s2=&s3=91.90.42.154&s4=&s5=8b55156fdf09466d97eb03fff0c6bc66
Cookie: PHPSESSID=dsc4vgnddbgegi8e7c0uijpc2b; 100001_Affiliate=a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A9%3A%22100576504%22%3Bs%3A4%3A%22afid%22%3Bs%3A2%3A%2222%22%3Bs%3A6%3A%22campid%22%3Bs%3A2%3A%2253%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A22%3A%22mw15cust020823clickers%22%3Bs%3A2%3A%22s2%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s3%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A2%3A%22s4%22%3Bs%3A0%3A%22%22%3Bs%3A2%3A%22s5%22%3Bs%3A32%3A%228b55156fdf09466d97eb03fff0c6bc66%22%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:31:13 GMT
content-type: image/svg+xml
strict-transport-security: max-age=0
last-modified: Wed, 02 Oct 2019 22:00:07 GMT
etag: W/"d07-593f497893cae-gzip"
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=14400
cf-cache-status: HIT
age: 3652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Wa%2BftH0MPUVJQonx95KY8Dl0G5ONuv8NwhB%2F%2B0ldoPVKLbSK1krrRN%2FIHaV%2Fn9EhbWXI3iZrn2%2BqvfPIc5N6QGKso3TzZcUPrghmWMIyKk1akG0BavvsC2Us%2B8kh%2FI4LVnM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7967d076f94cb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: OnNTbaWZfyig9NLPim6Sd+XoPPUeDi6X/jIKRFrr+pDHEP2/xyZgFVp6AHjL4nrc2cuIwZDT109hrjEDFphThA==
content-length: 27843
x-fb-trip-id: 1904183273
date: Wed, 08 Feb 2023 22:31:15 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2736
Cache-Control: max-age=127986
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:31:15 GMT
Etag: "63e368f5-1d7"
Expires: Fri, 10 Feb 2023 10:04:21 GMT
Last-Modified: Wed, 08 Feb 2023 09:18:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/628433881/?random=1675895530601&cv=11&fst=1675895530601&bg=ffffff&guid=ON&async=1>m=45He3260&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fexoduseffect.com%2F%3FaffId%3D22%26c1%3Dmw15cust020823clickers%26c2%3D%26c3%3D91.90.42.154%26id%3D100576504%26affid%3D22%26cid%3D53%26s1%3Dmw15cust020823clickers%26s2%3D%26s3%3D91.90.42.154%26s4%3D%26s5%3D8b55156fdf09466d97eb03fff0c6bc66&tiba=The%20Exodus%20Effect&auid=1173316180.1675895531&rfmt=3&fmt=4
216.58.207.194200 OK 961 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/628433881/?random=1675895530601&cv=11&fst=1675895530601&bg=ffffff&guid=ON&async=1>m=45He3260&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fexoduseffect.com%2F%3FaffId%3D22%26c1%3Dmw15cust020823clickers%26c2%3D%26c3%3D91.90.42.154%26id%3D100576504%26affid%3D22%26cid%3D53%26s1%3Dmw15cust020823clickers%26s2%3D%26s3%3D91.90.42.154%26s4%3D%26s5%3D8b55156fdf09466d97eb03fff0c6bc66&tiba=The%20Exodus%20Effect&auid=1173316180.1675895531&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (2221), with no line terminators
Hash 947444fb3a33517783816289519f6a13
0ea1fec1ac3fa9c24436f62f7d363e51cad99880
98759b1632bf69e96faf9e7784be41fa687094f71d1706d671af242172748100
GET /pagead/viewthroughconversion/628433881/?random=1675895530601&cv=11&fst=1675895530601&bg=ffffff&guid=ON&async=1>m=45He3260&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fexoduseffect.com%2F%3FaffId%3D22%26c1%3Dmw15cust020823clickers%26c2%3D%26c3%3D91.90.42.154%26id%3D100576504%26affid%3D22%26cid%3D53%26s1%3Dmw15cust020823clickers%26s2%3D%26s3%3D91.90.42.154%26s4%3D%26s5%3D8b55156fdf09466d97eb03fff0c6bc66&tiba=The%20Exodus%20Effect&auid=1173316180.1675895531&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoduseffect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 22:31:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 961
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 22:46:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0