Report - go.goodlifestylenews.com/mwldark1123/0edf09ebcd410828c106ce09750b4d7a/55/leadsource/2412/1610/445c805f45ca4564b57a14bf72f5d8a1/mpmta

Report Overview

Visited public
2023-12-09 12:50:32
Tags
URL
go.goodlifestylenews.com/mwldark1123/0edf09ebcd410828c106ce09750b4d7a/55/leadsource/2412/1610/445c805f45ca4564b57a14bf72f5d8a1/mpmta
Finishing URL
pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
IP / ASN
104.21.30.61
#13335 CLOUDFLARENET
Title
Manward Press

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
embed-cloudfront.wistia.com	unknown	2007-03-18	2022-11-08 05:17:21	2023-12-09 08:21:53	1.6 kB	1.9 MB	143.204.55.103
ocsp.starfieldtech.com	6616	2003-03-06	2012-06-22 20:08:50	2023-12-09 05:12:42	346 B	2.7 kB	192.124.249.36
c.lytics.io	5538	2012-02-18	2015-10-07 14:26:51	2023-12-08 14:23:17	6.1 kB	288 kB	172.67.73.236
distillery.wistia.com	6708	2007-03-18	2012-09-30 04:46:15	2023-12-09 08:21:53	511 B	410 B	54.230.111.55
bat.bing.com	387	1996-01-29	2014-04-08 11:23:16	2023-12-08 05:23:49	1.7 kB	15 kB	204.79.197.200
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-09 08:21:37	461 B	31 kB	151.101.66.137
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-09 08:02:34	506 B	161 kB	104.18.11.207
s3.amazonaws.com	unknown	2005-08-18	2020-05-13 22:53:44	2023-11-20 03:46:36	2.4 kB	710 kB	54.231.168.176
cdn.getblueshift.com	12716	2014-03-09	2016-09-19 05:21:38	2023-12-08 13:18:21	424 B	3.4 kB	54.230.111.60
verifiedwebpage.com	unknown	2022-03-23	2022-03-23 19:03:14	2023-12-08 05:51:23	627 B	3.3 kB	188.114.96.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-09 06:06:20	1.6 kB	76 kB	216.58.207.227
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-09 07:44:59	1.8 kB	591 kB	142.250.74.168
www.redditstatic.com	1440	2011-11-09	2012-06-30 14:33:28	2023-12-08 18:13:38	424 B	8.4 kB	151.101.193.140
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-09 08:02:02	2.6 kB	882 B	216.239.34.36
c.pmsrv.co	45333	2017-06-20	2017-11-13 19:10:50	2023-12-08 09:57:44	1.2 kB	12 kB	143.204.55.94
www.p3lstrk.com	unknown	2020-08-06	2020-08-10 15:07:26	2023-12-02 10:55:42	522 B	802 B	35.241.49.11
analytics.pmsrv.co	unknown	2017-06-20	2022-09-13 11:30:23	2023-12-08 09:57:44	1.2 kB	4.0 kB	54.230.111.89
embed-ssl.wistia.com	22795	2007-03-18	2017-01-29 18:01:09	2023-12-09 05:21:52	509 B	38 kB	143.204.55.103
dnzkifeab6.execute-api.us-east-1.amazonaws.com	307755	2005-08-18	2021-04-27 13:06:09	2023-12-08 07:40:15	1.1 kB	1.4 kB	143.204.55.112
pipedream.wistia.com	6958	2007-03-18	2017-01-30 05:30:40	2023-12-08 17:50:40	1.1 kB	914 B	143.204.55.103
p.typekit.net	620	2010-08-02	2012-05-23 16:28:57	2023-12-08 05:19:07	2.0 kB	1.4 kB	23.33.119.26
protect-us.mimecast.com	9817	2003-02-20	2017-01-30 07:30:30	2023-12-09 06:22:42	2.9 kB	2.6 kB	205.139.111.12
portrait-tracker.s3.amazonaws.com	281321	2005-08-18	2019-11-18 11:43:38	2023-12-08 07:33:24	1.4 kB	67 kB	52.217.168.145
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-09 08:02:00	469 B	5.2 kB	104.17.24.14
fast.wistia.com	5153	2007-03-18	2012-07-04 02:34:57	2023-12-08 19:31:27	3.3 kB	283 kB	151.101.2.132
ciscobinary.openh264.org	40822	2013-10-19	2014-10-07 07:43:56	2023-12-09 05:09:36	305 B	512 kB	62.115.252.115
pro.manwardpress.com	824535	2016-07-21	2017-07-13 16:13:11	2023-12-06 08:36:01	3.3 kB	39 kB	192.135.136.168
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-09 06:34:48	598 B	578 B	142.250.74.163
api.getblueshift.com	9346	2014-03-09	2014-05-10 00:20:22	2023-12-08 19:24:24	695 B	332 B	52.40.78.89
s.yimg.com	375	1997-05-14	2012-05-21 00:45:00	2023-12-08 18:36:52	868 B	8.0 kB	87.248.119.251
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-09 07:42:19	2.0 kB	57 kB	142.250.74.106
go.goodlifestylenews.com	unknown	2020-07-10	2022-06-02 23:11:17	2023-12-08 12:31:39	600 B	78 kB	172.67.172.49
storage.googleapis.com	420	2005-01-25	2012-08-06 08:33:30	2023-12-08 13:55:02	481 B	1.4 kB	142.250.74.123
use.typekit.net	494	2010-08-02	2012-07-05 03:42:39	2023-12-09 05:09:32	1.7 kB	4.7 kB	23.33.119.67

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-09	medium	goodlifestylenews.com	Sinkholed

ThreatFox

No alerts detected

Files detected

URL
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
62.115.252.115
ASN
#1299 Telia Company AB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
512 kB (511815 bytes)
Hash
152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

Archive (2)

Modified	Filename	Size	Md5	File type
2019-03-02 16:47	gmpopenh264.info	116 B	3d33cdc0b3d281e67dd52e14435dd04f	ASCII text
2019-03-02 16:47	libgmpopenh264.so	1.4 MB	b2c1253e8a09cfe03b3d7f37de12dff7	ELF 64-bit LSB shared object, x86-64, version 1 (SYSV)

JavaScript (53)

	URL	From	Size	First Seen	Last Seen
	portrait-tracker.s3.amazonaws.com/all.js	ScriptElement	38 kB	2023-09-05	2024-08-21
Pretty URL portrait-tracker.s3.amazonaws.com/all.js IP 52.217.168.145 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-05 10:36 Last Seen2024-08-21 07:28 Times Seen133 Hash 1460caa541e7ae81380de414c9d2a67c 7da00cef9b3bf78a75e19c455c247ace72cb9ce8 8e3eae4b3bdc6b8060cfee108e4a703344cdec648e7fb8ac3182e7b3515323a7 Loading...

	unknown	ScriptElement	558 B	2023-06-29	2025-01-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-29 00:01 Last Seen2025-01-12 09:34 Times Seen139 Hash 35b7504e8ea864cf776a9f2a09f6af48 036191a991cc50ba6e26151f5d1052710e5c5afa 82e178bf447a3b4278146398e90d96de8fb3f10b5a749d2181beb036663b1b8f Loading...

	cdn.getblueshift.com/blueshift.js	ScriptElement	6.6 kB	2023-11-22	2024-08-20
Pretty URL cdn.getblueshift.com/blueshift.js IP 54.230.111.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 06:19 Last Seen2024-08-20 18:22 Times Seen312 Hash 859d16b4786a243736a9b219445eae43 e6dd4c8dcac4df40615338f1e7ecfe50c54aa0d5 393483170bc4a2319e51ea073f4e13b85185948301acce471b482094d11af7c7 Loading...

	unknown	ScriptElement	424 B	2023-03-07	2025-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:40 Last Seen2025-04-17 16:57 Times Seen794 Hash 7bec0f36f729827c720a727018a81fe2 670b8295e6f09157d59d2446d550c8d4dee88178 c2a5942d8b537d0ad1483733eb9cad4719d9132c092e9488141fdc84819e5453 Loading...

	unknown	ScriptElement	422 B	2023-03-09	2025-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-14 18:45 Times Seen50 Hash 033c5a0961f6c6a06907d24ee141d616 f691cf4a4b65ffd91e02ff2fc556389eabe20ec8 b9e9711821aeefc2f4f0dd67401449b2bdabee55ace5b1aa2d7eb78e1268e112 Loading...

	pro.manwardpress.com/p/Scripts/HideContent.js	ScriptElement	721 B	2023-03-09	2025-04-26
Pretty URL pro.manwardpress.com/p/Scripts/HideContent.js IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-26 09:06 Times Seen3875 Hash 624fa8179cc49ca9e80737453a6b3367 226693fb4119bc204e4dd3b8d36da8587fd00bb0 809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac Loading...

	portrait-tracker.s3.amazonaws.com/promo.js	ScriptElement	25 kB	2023-12-05	2024-08-20
Pretty URL portrait-tracker.s3.amazonaws.com/promo.js IP 52.217.168.145 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 00:55 Last Seen2024-08-20 16:45 Times Seen80 Hash ade4b9bddef78cf33d60018590245ff8 56fb418a4a3ca2f1510309eda02ca4f75cc6e17d a095f39e85e1eda398ad708a5d835db2972ff7bd06d305519ceb59539d5aa8f7 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 23:37 Times Seen341219 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C	ScriptElement	211 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 13:50 Last Seen2023-12-09 13:50 Times Seen3 Hash 3093f004366f1fd5334fdfedaf98848d dc55051be4d7d83929e5691de0429ac5f2957795 e163ec2c1ea3d5892709239c3c383a86234e25b9dfec7bfaca32c9efcb64d3a1 Loading...

	bat.bing.com/p/action/15322609.js	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL bat.bing.com/p/action/15322609.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 23:44 Times Seen4658372 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true	ScriptElement	107 B	2023-03-09	2025-04-17
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 14:56 Last Seen2025-04-17 16:57 Times Seen772 Hash b58dfce79698a4dfa6e4420f7b827fed 5791bc0dcd249392a3fc3d3fb0c2df7e87f2cc63 9dd6293a1360dd5964260b738759aac6909fc781bbd51245924a5849f20f5f94 Loading...

	unknown	ScriptElement	265 B	2023-03-09	2025-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-17 16:57 Times Seen769 Hash 3204dc8c9407b7683e5587680fdec6e8 d4d51d38513ef6eb078f0c009508d019ed3c8842 6895b5e759cdbe4dbfa804dfdfdaab627939bbf1a6de9b3f4257884a8abffb92 Loading...

	unknown	ScriptElement	464 B	2023-11-29	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen20 Hash 3ae0d1d642022a0e7ce49cdeea0b5b36 b86067dd6feaf7df8b94e0c145912ba19a374eb7 8fa46adc928c90f78086afe7a8812a978b43387d262d30264ad20e40cd15b9cc Loading...

	unknown	ScriptElement	467 B	2023-03-07	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:40 Last Seen2024-12-11 03:52 Times Seen110 Hash 5205451dbd38fec37040c9f79350e310 b8bdb17a6e5aa92e8f62cae03fb00f5dd4f7f66f c19eac7e9c404a2453ddfbb066d11181c952a47491714626d61c1a0dc62c6186 Loading...

	bat.bing.com/bat.js	ScriptElement	46 kB	2023-11-10	2024-09-19
Pretty URL bat.bing.com/bat.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 23:20 Last Seen2024-09-19 20:57 Times Seen11863 Hash 7f75f159026f3a2c8cccda487b43157b 021cf5c854db063cd79bf0394c24eb994e095640 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Loading...

	pro.manwardpress.com/p/Scripts/Common.js	ScriptElement	2.4 kB	2023-03-09	2025-04-26
Pretty URL pro.manwardpress.com/p/Scripts/Common.js IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-26 09:06 Times Seen3875 Hash ef9b6f612e89926fa10830ad89a7f3b6 faa8fbf56e4834534455c46ba2753118eb554c2e 86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C	ScriptElement	335 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 13:50 Last Seen2023-12-09 13:50 Times Seen3 Hash fd36081c0d91fa6b6cf9c9dba8d89421 713d099585f87e95b93c0aeb6ff5b399da22e3a5 b486d4bd061d5fe92fee872b2f58aabfd7342a1c21e720b5cf628b671406707d Loading...

	unknown	ScriptElement	269 B	2023-05-03	2025-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 21:53 Last Seen2025-04-17 16:57 Times Seen768 Hash c6a502d6dd91b1ce3b9695996109a487 c537b552faa5bd94e521bb2bc3c7218734160a8b a9b05f01d29af004401ecf51ccceec9591d37d8e404cceee4d82083460009711 Loading...

	fast.wistia.com/assets/external/engines/hls_video.js	ScriptElement	484 kB	2023-12-04	2023-12-12
Pretty URL fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.2.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 21:23 Last Seen2023-12-12 14:56 Times Seen117 Hash 6e1e307293f078c95c07db8660ce607a 2a08bcf1166c9707485e568102f7c96e1f933b36 f0150171f993137d09210b10e0629ea4d57a465046ba791adb4bf4a2da978357 Loading...

	portrait-tracker.s3.amazonaws.com/index.html	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL portrait-tracker.s3.amazonaws.com/index.html IP 52.217.168.145 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 23:44 Times Seen4658372 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	c.lytics.io/static/pathfora.min.js	ScriptElement	105 kB	2023-11-08	2024-08-20
Pretty URL c.lytics.io/static/pathfora.min.js IP 172.67.73.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 00:41 Last Seen2024-08-20 20:29 Times Seen429 Hash 1dda5c62f6d686fe449a9d217388da4b a2cfd95511bd1a0f8ae3275e44d309c7279c4a69 1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b Loading...

	fast.wistia.com/assets/external/allIntegrations.js	ScriptElement	23 kB	2023-11-29	2023-12-12
Pretty URL fast.wistia.com/assets/external/allIntegrations.js IP 151.101.2.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2023-12-12 14:56 Times Seen129 Hash 9a9248fb8178a9640de37511b065850f 086459b7f718251f753b82cee05f51c6ca2d3a84 fb7f597f64e9b0c17f7f99fb577f164c36f93f13ffda2ccb736b786e4e705d12 Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true	ScriptElement	42 B	2023-11-29	2024-08-20
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen35 Hash 997cf0ad0c2f7d884f66c64ed9451196 3dadaa3e816c53ac8ee976c2b715a0b85fe56cbf f738e52d0ee578320282656547668eeedaa94182e1a512a9132fbc0533ecd307 Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true	ScriptElement	41 B	2023-03-07	2025-05-11
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:37 Times Seen5297 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/8f96a13b-24e7-424e-a59a-d8684639fab9?segments=true&mergestate=true&state=%7B%22_uid%22%3A%228f96a13b-24e7-424e-a59a-d8684639fab9%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1702126219918&callback=u_425907214853790460	ScriptElement	218 kB	2024-08-20	2024-08-20
Pretty URL c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/8f96a13b-24e7-424e-a59a-d8684639fab9?segments=true&mergestate=true&state=%7B%22_uid%22%3A%228f96a13b-24e7-424e-a59a-d8684639fab9%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1702126219918&callback=u_425907214853790460 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:17 Last Seen2024-08-20 16:17 Times Seen1 Hash a1dc3b9c6c2ae542b1980144e8cd54b6 64bdd880c6cf75297688aad83027ae5d15c1d7f1 903a7ec7e2d560dadc3e39d94c0548b3999a3bb17a9101ba3e60ca484cd47f20 Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 23:41 Times Seen342022 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG	ScriptElement	282 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 13:50 Last Seen2023-12-09 13:51 Times Seen3 Hash d5fc856292e509592dec0ea5042490ff 7e4bbc6d275ff10ad8319db3f41d35c2cfd8ff5a 53bc8c4e3d6353ee09d90ad478181f1e5b8a3ff390dafe1675f1ce019f4f5839 Loading...

	unknown	ScriptElement	396 B	2023-03-07	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:40 Last Seen2024-08-21 09:39 Times Seen405 Hash fcde8b9997bd67cf11862a1149b3ad86 553ea95faef57f8d68dccc1246b7991be64fd70e 112f9d119a1d906f05c1cc18502fb162a1e1096ffc9dec82533825909e8c2787 Loading...

	unknown	ScriptElement	463 B	2023-03-09	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2024-08-21 08:03 Times Seen21 Hash 2ec208a2bb000141c33c2cac96535c7e 7fea8dc585a11decf26de4570987dd188a33193b 9635bc1130fbbb7ee76548b029b7b0df504ca9798dc007ba68db50e06b6e23af Loading...

	www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c	ScriptElement	291 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 13:50 Last Seen2023-12-09 13:50 Times Seen2 Hash 3950c3fa883ae61fb7412f0b95b49cb8 755277ef39b251333edeb3699acb8b3d5c15b62e c0d41fd9ad902c2e8918f4d69fe738a155a32241bf1b71fcd80c52ed97e6bc9f Loading...

	fast.wistia.com/assets/external/E-v1.js	ScriptElement	761 kB	2023-12-07	2023-12-11
Pretty URL fast.wistia.com/assets/external/E-v1.js IP 151.101.2.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 20:39 Last Seen2023-12-11 15:44 Times Seen73 Hash 126858c9f3376ca1bc419aa2a2d0af28 51e06cde2e8cc415d06c63e144e6c36d2c95270d 78cf6679aa583fd97b9700d6dafa7e791d7861b72d173df807b5f8f27d246877 Loading...

	unknown	ScriptElement	403 B	2023-03-09	2025-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-14 18:45 Times Seen612 Hash 10dd026711893edaa2579012fee51f5e 7aeddcd0b6e595db1ab583d46b7fb04040401877 0e7b422070756f8bfb260d1a67201289ecf50e883079989e274aea15ffbc4879 Loading...

	analytics.pmsrv.co/v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86	ScriptElement	3.0 kB	2023-03-14	2025-04-14
Pretty URL analytics.pmsrv.co/v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86 IP 54.230.111.89 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:40 Last Seen2025-04-14 18:45 Times Seen616 Hash fad20eb8e941eab88130a37297e48327 0b08e513264c7894f64f881dcf2b37f43f5f826b 31969a9254d2e57b3a58d33f19c2247cc20e4cd982e79eb8d2eb05f5f94682a3 Loading...

	code.jquery.com/jquery-3.3.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 22:51 Times Seen57577 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	unknown	ScriptElement	423 B	2023-03-09	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2024-12-11 03:52 Times Seen109 Hash d2d50aff3f89008fd20f6ff0cd5daa11 c213c1c162bfba8f8dab0e8a4147fed5034bd366 5fe617faf52fd56ad709726edc4fc38d8db33db22d2451605b2a4e22af5db4a9 Loading...

	c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js	ScriptElement	565 kB	2023-12-08	2023-12-09
Pretty URL c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js IP 172.67.73.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 20:00 Last Seen2023-12-09 13:51 Times Seen9 Hash 9540b49971afefdcc3a5f8b148faeab1 b21d31696987a3f01dec22c572164a451078dc18 7fe93561c3918c2afeb2bf9d43c7d9f8a43e4132a54579a3f765cfe26dff0a68 Loading...

	s.yimg.com/wi/ytc.js	ScriptElement	18 kB	2023-06-26	2024-08-29
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.251 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 11:33 Last Seen2024-08-29 17:29 Times Seen6264 Hash 5c6ed25dce803fd84288922b8928409e 3ccc10546ae12f160bacac1e9e422af091ea4a41 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true	ScriptElement	1.7 kB	2023-11-29	2024-08-20
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen35 Hash e146364da8f694ea88ed3fc6d5b1c68a b54c057a1ab5441c6f6c01d8812bc4331c1c3fa0 9c65c53079ec0a63c9fb5dd9f4eb3a1a7e86f8607383fe1856db777a9f87425e Loading...

	c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js	ScriptElement	69 kB	2023-11-08	2024-08-20
Pretty URL c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js IP 172.67.73.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 03:50 Last Seen2024-08-20 20:28 Times Seen116 Hash e62854326dd7bd0cfb2dbd34156ef1b8 1cf7afd34c3fcc830250528db1a268844da45926 37d5713b91ab76efc80f0ae4857adddc1c4f6e5709f3b6112efcb5bd931f7fca Loading...

	unknown	ScriptElement	326 B	2023-05-03	2025-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 21:53 Last Seen2025-04-17 16:57 Times Seen771 Hash 2f39af3bffe6c3d706848e72017ab091 0ace9067f14c6539a3c711084b74752d1c0d6312 cdcc3d173b0f46a400c30d70f03a6792f5312390be92006152db451f67476b47 Loading...

	unknown	ScriptElement	429 B	2023-11-29	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen35 Hash f3afb7052064e9d9e4c4d680c78d8f6a 3856cf030a60d4e29265269db2cc186aabddb49f 9f1b283bb63ec64b0228b98eed613ef81dbd59280e879523b2815d5b7e464afe Loading...

	fast.wistia.com/assets/external/playPauseLoadingControl.js	ScriptElement	81 kB	2023-11-29	2023-12-12
Pretty URL fast.wistia.com/assets/external/playPauseLoadingControl.js IP 151.101.2.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2023-12-12 14:56 Times Seen192 Hash 31f0b908fbd5fc16bf6737c637b83178 26f5effe6525ca16ceb9815cb26776a8ac36f81c 863614886d87b0fbc5b99b2c002a8e382ab9161cacc1290006ea02e428e09747 Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true	ScriptElement	2.3 kB	2023-11-29	2024-12-11
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-29 23:01 Last Seen2024-12-11 03:52 Times Seen108 Hash 87a931c82d501b724673a1902eed5aca 0d2e066c172a2aae222412d161508e6e0948876d 4b12029c24064ea48d5710fc61f45817958747627e3208f88bbc648d51804183 Loading...

	unknown	ScriptElement	3.9 kB	2023-08-11	2025-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-11 02:46 Last Seen2025-04-17 16:57 Times Seen770 Hash c73e3d0fea587af6606eb4d912567436 7bbc086d9a6ed3e8c1620ab8cc4e2050dbc548f8 054b3f9520a3bdd1c232e16f3ebbf935f54f9bd93eb0d6192cc3d657f616bed9 Loading...

	unknown	ScriptElement	326 B	2023-03-09	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2024-12-11 03:52 Times Seen109 Hash 6ed5c46c230df9cc47bb336ad5245443 94f51ab34b2d67e4ac060cf9fa7b4783cd142a77 c20138034173e82be31de2ecb9a7a716bcb28c16ed5f0a0bf25fe264a711f87a Loading...

	c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com	ScriptElement	9.7 kB	2023-11-29	2024-12-11
Pretty URL c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com IP 143.204.55.94 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2024-12-11 03:52 Times Seen110 Hash 7a5bdfac6f7e6d06281a5d72f283fcf5 d2d8b52ca70e1408ca17e692f6051487042a1051 4f2d67f554fdc058d41f8b62af5f31f2794c4253647b3e327c8dfc7cc7ed436b Loading...

	unknown	ScriptElement	240 B	2023-11-29	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen12 Hash 15a478a38c82134f2d4dedfc235117c5 728de935d36382b1cdd3a4e40d10c514c3eedcab db926948d241a661821b9456cbc5475fc276b5f344d05907e6a65bdcec550f9c Loading...

	unknown	ScriptElement	463 B	2023-03-09	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2024-08-21 08:03 Times Seen21 Hash de2d375d0347f124fe53c890db87ce0f 69862e92df7b92a621783a08d05b8719120b03e1 fa6053826a32d9c6376e07c7659868d4103962a6d06b5718f8aeee91894ebbed Loading...

	www.redditstatic.com/ads/pixel.js	ScriptElement	24 kB	2023-06-15	2024-08-29
Pretty URL www.redditstatic.com/ads/pixel.js IP 151.101.193.140 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-15 23:22 Last Seen2024-08-29 17:49 Times Seen4079 Hash 78b6c68984a6ce5b3fcac1c6a9cad00c 02e1d366a17506cea8adfe5a15949aca89719a02 e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f Loading...

		Size	First Seen	Last Seen
	#1 Eval - c1b6d812d9d6859ed607be7cc412b11d	21 kB	2023-11-29 23:01	2024-08-20 17:25
Pretty Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen22 Hash c1b6d812d9d6859ed607be7cc412b11d 85d9f1d6f5ab94e9d2f7b79460eb8222afd7bfb1 e1309c30f66ff386fa546dabeeb013f49718ddd5587197272e242f6f0fb0df10 Loading...

	#2 Eval - e88b3d6ad7057fa4a04f8b8648253af6	21 kB	2023-11-29 23:01	2024-08-20 17:25
Pretty Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen22 Hash e88b3d6ad7057fa4a04f8b8648253af6 bc43c330c44cb0a7c136e2af87d72af7abe2c9f1 c1798c766de81dc19c9b3e14aa52c9d53a53c9cd4cc6c18b2e26841c18a2b960 Loading...

	#3 Eval - 85ee10f7637e8faa856a011acbb6176d	143 B	2023-06-29 00:01	2025-01-12 09:34
Pretty Observations First Seen2023-06-29 00:01 Last Seen2025-01-12 09:34 Times Seen139 Hash 85ee10f7637e8faa856a011acbb6176d b206fe9eb1eb4c82d316921b21f29bbc0e973972 c390908cdc1dd92ffcbadc80608fd508b7cae84fc39bd57cc37f4ba0f6687ba5 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12 12:17	2024-08-29 17:45
Pretty Observations First Seen2023-03-12 12:17 Last Seen2024-08-29 17:45 Times Seen7112 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (81)

URL IP Response Size

ocsp.starfieldtech.com/

192.124.249.36

2.1 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
2.1 kB (2149 bytes)
Hash
35096d26b87744f0f199d222cc099f34
6558aa86b9e5aca62e8c012b4374d91f47d366e2
3055a2319dea80ccf6dfdbe30632866b6290b20c5e7bc8b5ff49a1c8d061ae28

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 09 Dec 2023 12:50:10 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 09 Dec 2023 02:05:27 GMT
Expires: Sun, 10 Dec 2023 02:05:27 GMT
ETag: "6558aa86b9e5aca62e8c012b4374d91f47d366e2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.p3lstrk.com/2MGNK7T/FNH5DF/?sub1=3415259331988301171

35.241.49.11

302 Found

97 B

URL User Request GET HTTP/2
www.p3lstrk.com/2MGNK7T/FNH5DF/?sub1=3415259331988301171
IP
35.241.49.11:443
ASN
#15169 GOOGLE

Certificate
IssuerStarfield Technologies, Inc.
Subjectof59trk.com
Fingerprint36:4C:C5:0D:80:E5:8B:10:E5:4F:B3:55:F3:FD:5C:E8:EA:BA:69:0F
ValiditySun, 01 Jan 2023 15:34:26 GMT - Fri, 02 Feb 2024 15:34:26 GMT

File type
HTML document, ASCII text
Size
97 B (97 bytes)
Hash
1048b50d8ecf02195dea2f00285b83a9
065bc2b913cd5817ee616437c0caeb6fdb9f8c1d
093497d97a39f1b5945c8cdfdc1a92e3db07f0bd4182f92df7172574df3b3e21

HTTP Headers

GET /2MGNK7T/FNH5DF/?sub1=3415259331988301171 HTTP/1.1
Host: www.p3lstrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sat, 09 Dec 2023 12:50:10 GMT
content-type: text/html; charset=utf-8
content-length: 97
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://pro.manwardpress.com/m/2261672?s1=48eef4264b4b479e843b139e822e4331
set-cookie: uniqueClick_FNH5DF=88ca9f14-8065-4185-ad66-15c513bae645:1702126210; Path=/; Expires=Sat, 06 Jan 2024 12:50:10 GMT; Secure; SameSite=None
transaction_id=48eef4264b4b479e843b139e822e4331; Path=/; Expires=Fri, 08 Mar 2024 12:50:10 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: aa743be5-fc95-465b-b63c-b1a616f0f788
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pro.manwardpress.com/m/2261672?s1=48eef4264b4b479e843b139e822e4331

192.135.136.168

301 Moved Permanently

226 B

URL User Request GET HTTP/1.1
pro.manwardpress.com/m/2261672?s1=48eef4264b4b479e843b139e822e4331
IP
192.135.136.168:443
ASN
#11372 14WEST-AS

Certificate
IssuerLet's Encrypt
Subjectordertracking2.pubsvs.com
Fingerprint21:30:C0:C7:EE:E3:FC:D2:C5:C5:89:D3:CD:75:43:C9:99:B2:A0:76
ValidityMon, 25 Sep 2023 13:28:41 GMT - Sun, 24 Dec 2023 13:28:40 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
226 B (226 bytes)
Hash
6267c97cf08cfcee86b2680894d5aed0
581e488dfd1fc02abc1671b8bc403f5b5914722b
b3dd1b12bcecd937757624175be6a43cabc6616ef2ad9b397e83bd4fa0653c8b

HTTP Headers

GET /m/2261672?s1=48eef4264b4b479e843b139e822e4331 HTTP/1.1
Host: pro.manwardpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Date: Sat, 09 Dec 2023 12:50:10 GMT
Content-Length: 226
Set-Cookie: 2261672=2677139; expires=Fri, 29-Dec-2023 12:50:10 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!lBSTccRYsq56/aU0QCUGrw3uOK3bWZdOUhJTq7qRes+wWcjjxHrQCqiLuyIpgMdX/9mFjzrFNi5gTy4=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true

192.135.136.168

200 OK

35 kB

URL User Request GET HTTP/1.1
pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
IP
192.135.136.168:443
ASN
#11372 14WEST-AS

Certificate
IssuerLet's Encrypt
Subjectordertracking2.pubsvs.com
Fingerprint21:30:C0:C7:EE:E3:FC:D2:C5:C5:89:D3:CD:75:43:C9:99:B2:A0:76
ValidityMon, 25 Sep 2023 13:28:41 GMT - Sun, 24 Dec 2023 13:28:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (505), with CRLF, LF line terminators
Size
35 kB (34913 bytes)
Hash
8c210a28fac69b2deec4da92428e4c17
16afe40fa4597cdbe9b5b289b97364c4e1ae452f
887ccc7ca7fa9b5aaa865bfd62ff60cc18f7c524cf37f0391f063462ec0cab8d

HTTP Headers

GET /p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true HTTP/1.1
Host: pro.manwardpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: 2261672=2677139; BIGipServerIRIS_PROD_HTTPS_POOL=!lBSTccRYsq56/aU0QCUGrw3uOK3bWZdOUhJTq7qRes+wWcjjxHrQCqiLuyIpgMdX/9mFjzrFNi5gTy4=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: NMWLZB11=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 12:50:10 GMT
Content-Length: 34913
Strict-Transport-Security: max-age=63072000; includeSubDomains

cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/animate.min.css

104.17.24.14

200 OK

4.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/animate.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65346)
Size
4.2 kB (4216 bytes)
Hash
39aca93cfd689b19cc6241e859642a92
5022a36b3d077c80b0b4a550ddfb280aae28dafe
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4

HTTP Headers

GET /ajax/libs/animate.css/4.0.0/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:11 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb436a8-11848"
last-modified: Thu, 07 May 2020 16:26:16 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 811769
expires: Thu, 28 Nov 2024 12:50:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbGp3XrvT9XyFEn6KTvH4jH98Rz%2BJcGybjVQwP5qMDi7l608UcSfo0RQA%2Btm4hXpQldf5p6JUwU5pEc1JzpJLDOeNGSCPUXIOvNzxV0AoA1VdFN4hkwqXQ0FELY0waOh1oVS7hwp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 832d5f577f5056af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.3.1.min.js

151.101.66.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.3.1.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30288 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1538f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:11 GMT
age: 7324011
x-served-by: cache-lga13622-LGA, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 24, 46781
x-timer: S1702126212.792995,VS0,VE0
vary: Accept-Encoding
content-length: 30288
X-Firefox-Spdy: h2

pro.manwardpress.com/p/Scripts/Common.js

192.135.136.168

200 OK

1.1 kB

URL GET HTTP/1.1
pro.manwardpress.com/p/Scripts/Common.js
IP
192.135.136.168:443
ASN
#11372 14WEST-AS

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking2.pubsvs.com
Fingerprint21:30:C0:C7:EE:E3:FC:D2:C5:C5:89:D3:CD:75:43:C9:99:B2:A0:76
ValidityMon, 25 Sep 2023 13:28:41 GMT - Sun, 24 Dec 2023 13:28:40 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.1 kB (1140 bytes)
Hash
2fa1e7a35bfa376eff7f1426fc4a8afa
008b48dbd95a158542969743c18d0bc33e0a9384
857d94bd23b6437baa66255e1d507ad4a23d75ef9a271fb3e1303dc7dd0aced9

HTTP Headers

GET /p/Scripts/Common.js HTTP/1.1
Host: pro.manwardpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
DNT: 1
Connection: keep-alive
Cookie: 2261672=2677139; BIGipServerIRIS_PROD_HTTPS_POOL=!lBSTccRYsq56/aU0QCUGrw3uOK3bWZdOUhJTq7qRes+wWcjjxHrQCqiLuyIpgMdX/9mFjzrFNi5gTy4=; NMWLZB11=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "a37f814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 12:50:11 GMT
Content-Length: 1140
Strict-Transport-Security: max-age=63072000; includeSubDomains

fast.wistia.com/assets/external/E-v1.js

151.101.2.132

200 OK

129 kB

URL GET HTTP/2
fast.wistia.com/assets/external/E-v1.js
IP
151.101.2.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65474)
Size
129 kB (129063 bytes)
Hash
126858c9f3376ca1bc419aa2a2d0af28
51e06cde2e8cc415d06c63e144e6c36d2c95270d
78cf6679aa583fd97b9700d6dafa7e791d7861b72d173df807b5f8f27d246877

HTTP Headers

GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "2dfa35fa3c2d63da5bfe8edd5f3cb8df"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:11 GMT
age: 3205
x-served-by: cache-iad-kiad7000039-IAD, cache-bma1673-BMA
x-cache: HIT, HIT
x-cache-hits: 75, 114
x-timer: S1702126212.797490,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 129063
X-Firefox-Spdy: h2

pro.manwardpress.com/p/Scripts/HideContent.js

192.135.136.168

200 OK

466 B

URL GET HTTP/1.1
pro.manwardpress.com/p/Scripts/HideContent.js
IP
192.135.136.168:443
ASN
#11372 14WEST-AS

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking2.pubsvs.com
Fingerprint21:30:C0:C7:EE:E3:FC:D2:C5:C5:89:D3:CD:75:43:C9:99:B2:A0:76
ValidityMon, 25 Sep 2023 13:28:41 GMT - Sun, 24 Dec 2023 13:28:40 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
466 B (466 bytes)
Hash
cc54a637e514fddfe0be2e7c2d062e5b
a0f97813508d22d71f015b93cc8dfdcee65acdfd
580942b09dd77a53c0501f35a1d6c61cbcff1d504a6efb0dfa5d77cbdb1af741

HTTP Headers

GET /p/Scripts/HideContent.js HTTP/1.1
Host: pro.manwardpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
DNT: 1
Connection: keep-alive
Cookie: 2261672=2677139; BIGipServerIRIS_PROD_HTTPS_POOL=!lBSTccRYsq56/aU0QCUGrw3uOK3bWZdOUhJTq7qRes+wWcjjxHrQCqiLuyIpgMdX/9mFjzrFNi5gTy4=; NMWLZB11=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "bbcd814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 12:50:11 GMT
Content-Length: 466
Strict-Transport-Security: max-age=63072000; includeSubDomains

portrait-tracker.s3.amazonaws.com/all.js

52.217.168.145

200 OK

38 kB

URL GET HTTP/1.1
portrait-tracker.s3.amazonaws.com/all.js
IP
52.217.168.145:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (38500), with no line terminators
Size
38 kB (38500 bytes)
Hash
1460caa541e7ae81380de414c9d2a67c
7da00cef9b3bf78a75e19c455c247ace72cb9ce8
8e3eae4b3bdc6b8060cfee108e4a703344cdec648e7fb8ac3182e7b3515323a7

HTTP Headers

GET /all.js HTTP/1.1
Host: portrait-tracker.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 35y0q8qgXXT1EVraji+FQHvH+HS97faSig6+gD6oj9tAZQMJCQahFhxMixQvD7LD33+9ZgxuIYA=
x-amz-request-id: WCG0M1CDG3DKFDNS
Date: Sat, 09 Dec 2023 12:50:13 GMT
Last-Modified: Wed, 30 Aug 2023 15:02:46 GMT
ETag: "1460caa541e7ae81380de414c9d2a67c"
x-amz-server-side-encryption: AES256
x-amz-version-id: 7g4s3_ZTCbOwPNu0yskg5_y26GtP5xQS
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 38500

portrait-tracker.s3.amazonaws.com/promo.js

52.217.168.145

200 OK

25 kB

URL GET HTTP/1.1
portrait-tracker.s3.amazonaws.com/promo.js
IP
52.217.168.145:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
25 kB (25222 bytes)
Hash
ade4b9bddef78cf33d60018590245ff8
56fb418a4a3ca2f1510309eda02ca4f75cc6e17d
a095f39e85e1eda398ad708a5d835db2972ff7bd06d305519ceb59539d5aa8f7

HTTP Headers

GET /promo.js HTTP/1.1
Host: portrait-tracker.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: upsgw6HWUIPSzTKqfzcu3N3EZu+NvyGlUTFQCbxGnJxSnju91FdOVWR9JtCz5e7g+74WtpVIk6M=
x-amz-request-id: WCG426QDPDNQKYEY
Date: Sat, 09 Dec 2023 12:50:13 GMT
Last-Modified: Mon, 04 Dec 2023 18:30:38 GMT
ETag: "ade4b9bddef78cf33d60018590245ff8"
x-amz-server-side-encryption: AES256
x-amz-version-id: cXC3qWJAccekxs7Ey.uMIQ5gFtuOBV.4
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 25222

s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles.css

54.231.168.176

200 OK

27 kB

URL GET HTTP/1.1
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles.css
IP
54.231.168.176:443
ASN
#0

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
27 kB (27215 bytes)
Hash
a77364a3685f408e9802843ec2099f5f
7ae957ac205073e4f1430edf476431c4bef10d5c
f94f1ee66752e3577dbf42e5b264db35f3a83a71b95c1ed433701a458960fb59

HTTP Headers

GET /assets.manwardpress.com/promo/MWL/dark/styles.css HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: iLzx4I/nCLCiRlxWrnrA8QhqJhwusV7Yz3nAFZMppFZ4CXC0LGOfRbU9VBS1wd6+DLkgrn9CWRo=
x-amz-request-id: WCG2BHCB2FX5440Q
Date: Sat, 09 Dec 2023 12:50:13 GMT
Last-Modified: Fri, 03 Nov 2023 15:37:48 GMT
ETag: "a77364a3685f408e9802843ec2099f5f"
x-amz-server-side-encryption: AES256
x-amz-version-id: 8MfX2jDe5m7dvAdrTvDDoryIZhDJ3wxY
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 27215

cdn.getblueshift.com/blueshift.js

54.230.111.60

200 OK

2.8 kB

URL GET HTTP/1.1
cdn.getblueshift.com/blueshift.js
IP
54.230.111.60:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
Fingerprint29:49:01:4C:AB:3A:C5:E4:F6:F2:67:75:BE:5B:FF:4B:F3:5C:EC:47
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6564), with no line terminators
Size
2.8 kB (2805 bytes)
Hash
859d16b4786a243736a9b219445eae43
e6dd4c8dcac4df40615338f1e7ecfe50c54aa0d5
393483170bc4a2319e51ea073f4e13b85185948301acce471b482094d11af7c7

HTTP Headers

GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2805
Connection: keep-alive
Last-Modified: Tue, 21 Nov 2023 12:16:06 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 09 Dec 2023 12:33:30 GMT
Cache-Control: max-age=3600
ETag: "e7a548f293fa4dad39c906cae250b1ed"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wb0rv5UzyANk5nOPXOO8Qdqjm9SFMdaUvMG2xJkNw7jUcLTSk-cq8Q==
Age: 1003

verifiedwebpage.com/go?ehash=0edf09ebcd410828c106ce09750b4d7a&product=34730&ar=55&cid=2412&lid=1610&slhash=445c805f45ca4564b57a14bf72f5d8a1&mtaid=mpmta&cid2=[s8]

188.114.96.1

302 Found

2.1 kB

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=0edf09ebcd410828c106ce09750b4d7a&product=34730&ar=55&cid=2412&lid=1610&slhash=445c805f45ca4564b57a14bf72f5d8a1&mtaid=mpmta&cid2=[s8]
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
Fingerprint0D:F8:EF:F4:23:CD:FB:7E:DE:C7:29:3C:B4:F7:A4:CE:6A:FB:89:AB
ValiditySat, 14 Oct 2023 13:52:56 GMT - Fri, 12 Jan 2024 13:52:55 GMT

File type
data
Size
2.1 kB (2149 bytes)
Hash
35096d26b87744f0f199d222cc099f34
6558aa86b9e5aca62e8c012b4374d91f47d366e2
3055a2319dea80ccf6dfdbe30632866b6290b20c5e7bc8b5ff49a1c8d061ae28

HTTP Headers

GET /go?ehash=0edf09ebcd410828c106ce09750b4d7a&product=34730&ar=55&cid=2412&lid=1610&slhash=445c805f45ca4564b57a14bf72f5d8a1&mtaid=mpmta&cid2=[s8] HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 09 Dec 2023 12:50:10 GMT
content-type: text/html; charset=UTF-8
location: https://www.p3lstrk.com/2MGNK7T/FNH5DF/?sub1=3415259331988301171
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=8d9e20b1ea6e8a8a1a96ecfd27ee670e; path=/
pixel_session_hash_34730=3415259331988301171; expires=Mon, 08-Jan-2024 12:50:08 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_34730=f4f2ab2460c1e4f6151fbc406ae9f64da12d6386d398fdfbe033545fda22e40a; expires=Mon, 11-Dec-2023 12:50:08 GMT; Max-Age=172800
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6YYUOy55FYgFDXPSZd2nTJQFvagsDbIcVWDqDFkIKp489g1WIjsjUGYVFKcZdMbU4gTwMRviO%2Fwk1hMCkmY9qrUhefy%2FVpLxHbObZhxLSwJ%2BCdu%2FSXs%2BEPkdlroBx0pGPkQ1dZn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d5f47fc630b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19388, version 1.0
Size
19 kB (19388 bytes)
Hash
f816f16f297c801aaf01ff43c9fcd563
2e9e2c80bc5aa5f01f75cd486baa1769f53dea5e
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e

HTTP Headers

GET /s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19388
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:44:48 GMT
expires: Fri, 06 Dec 2024 15:44:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Jul 2023 20:53:09 GMT
content-type: font/woff2
age: 162324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

172.67.73.236

200 OK

121 kB

URL GET HTTP/2
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
IP
172.67.73.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
121 kB (121276 bytes)
Hash
e62854326dd7bd0cfb2dbd34156ef1b8
1cf7afd34c3fcc830250528db1a268844da45926
37d5713b91ab76efc80f0ae4857adddc1c4f6e5709f3b6112efcb5bd931f7fca

HTTP Headers

GET /api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:12 GMT
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 6457
last-modified: Sat, 09 Dec 2023 11:02:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BhDYjrfq0qEblFoKPZBYEORVAvLLitu8gMVHhFSg9upW1laxLuVsFWArZFeIM%2FjxLpZiSlP8hC3LFhLG5l8Yc%2FHH3dtZpbkmZL%2F68Ck7elC4tj0wFsfxbtBzZfB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d5f5b0a42b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kanit/v15/nKKX-Go6G5tXcraQKwKAcA.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/kanit/v15/nKKX-Go6G5tXcraQKwKAcA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19916, version 1.0
Size
20 kB (19916 bytes)
Hash
fb872dc738752b156c722c2acb7cfae5
ec5924c1493d6d784f49ce61dde66c0aea5c986d
864cc08aa6c75c74cf8488a6829c00117d583ddb54c0b39f96b4499ce3b4e9d1

HTTP Headers

GET /s/kanit/v15/nKKX-Go6G5tXcraQKwKAcA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19916
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:54:14 GMT
expires: Fri, 06 Dec 2024 15:54:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Jul 2023 20:54:11 GMT
content-type: font/woff2
age: 161758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

216.58.207.227

200 OK

34 kB

URL GET HTTP/2
fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34328, version 1.0
Size
34 kB (34328 bytes)
Hash
6581ab53c220b5828e37162349375431
1922912ca5ab6eb5a55db138b183b38d066e85c8
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

HTTP Headers

GET /s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 04:53:27 GMT
expires: Fri, 06 Dec 2024 04:53:27 GMT
cache-control: public, max-age=31536000
age: 201405
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/bg.png

54.231.168.176

200 OK

127 kB

URL GET HTTP/1.1
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/bg.png
IP
54.231.168.176:443
ASN
#0

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
PNG image data, 2000 x 1200, 8-bit colormap, non-interlaced
Size
127 kB (127021 bytes)
Hash
6f458a92f3fe9527d69e75be25a8a32a
5b8900e5412897168cecdbe1829a520fd326cd93
af3f431637d5f12cdf40c46fbd61b6172dbcf29472a33716de58c3a5f8b962a6

HTTP Headers

GET /assets.manwardpress.com/promo/MWL/dark/bg.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: nZI8tjFzL+mQvpi3PmJ06TO/8+vPI00g74LtseIUz+fVXFUFhoFt7dhJ66xzHEaVk1O14GzCp80=
x-amz-request-id: WCGABEZJGZ39NKS6
Date: Sat, 09 Dec 2023 12:50:13 GMT
Last-Modified: Fri, 27 Oct 2023 17:14:09 GMT
ETag: "6f458a92f3fe9527d69e75be25a8a32a"
x-amz-server-side-encryption: AES256
x-amz-version-id: t0pnOFM2wSkzC0PVz2VuslCpwv2vdO4N
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 127021

s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/OF/asi-profit-and-protect-ipad.png

54.231.168.176

200 OK

233 kB

URL GET HTTP/1.1
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/OF/asi-profit-and-protect-ipad.png
IP
54.231.168.176:443
ASN
#0

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
PNG image data, 1097 x 976, 8-bit/color RGBA, non-interlaced
Size
233 kB (232844 bytes)
Hash
346f2e0aa4ffdc608e5c78eb20e57035
6a71b5f122fe06c31f6094e08c69fbc8dc547b15
66d056fc5eec74ee8809f641e63cd1fc2ce993807f56060fb54295aedbe93eb6

HTTP Headers

GET /assets.manwardpress.com/promo/MWL/dark/OF/asi-profit-and-protect-ipad.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: wIQqBxBZZPqrm07+jRtl+ZyfWubJbjWthz+2ce+gYzu4RJRD4a9lX2PoNDpbdwOlJ95k8QSdsBc=
x-amz-request-id: WCG1R2VGC23K1JV4
Date: Sat, 09 Dec 2023 12:50:13 GMT
Last-Modified: Mon, 06 Nov 2023 17:17:43 GMT
ETag: "346f2e0aa4ffdc608e5c78eb20e57035"
x-amz-server-side-encryption: AES256
x-amz-version-id: UKHR_rSfd1Jp9XcsrMHwhadqLc4Geqsh
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 232844

fast.wistia.com/embed/medias/jupsr1090a.json

151.101.2.132

200 OK

1.6 kB

URL GET HTTP/2
fast.wistia.com/embed/medias/jupsr1090a.json
IP
151.101.2.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
JSON data
Size
1.6 kB (1643 bytes)
Hash
b4a6d47dbf95c17586a4523e2e2d24de
dd75494f72aaf9e1242ebb0c85321aaec9e982a2
f0f3fc22031576f70a3635059f4308ae3ebf499a72f51e605d7fcc96b26e24b2

HTTP Headers

GET /embed/medias/jupsr1090a.json HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"f0f3fc22031576f70a3635059f4308ae"
x-request-id: 4019a7bc-9abd-4ed3-881b-f0a54f3ccb9c
x-runtime: 0.037752
content-encoding: br
x-envoy-upstream-service-time: 40
via: 1.1 fe9f3a9bfd72e25ec0825c1236d3d8e8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: MIA3-C4
x-amz-cf-id: HPqi5kb_I1k7RHHYCfeEezTEeLLD25LTbBmHxd0zu_anfvY7kPFdpQ==
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:12 GMT
age: 87470
x-served-by: cache-iad-kjyo7100109-IAD, cache-bma1672-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 265, 1
x-timer: S1702126213.923078,VS0,VE2
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1643
X-Firefox-Spdy: h2

portrait-tracker.s3.amazonaws.com/index.html

52.217.168.145

200 OK

2.4 kB

URL GET HTTP/1.1
portrait-tracker.s3.amazonaws.com/index.html
IP
52.217.168.145:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
2.4 kB (2371 bytes)
Hash
c029f674b13b082e9a03b16217c3f576
f8ac05a2a24d42c863275c8dfd7e94486a237d0b
9b6554e3dbe9e11702720eb95ef8808b4e1e307bbec908ab5e6d0e1da2294470

HTTP Headers

GET /index.html HTTP/1.1
Host: portrait-tracker.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Xbg5n2ZB2bZoEweXxXnIcutrITVtQVFKlGI6OLfrJYUv0uJTX1LjcyT2PYv2hj30tBDLka75+cE=
x-amz-request-id: WCG4RZTK2NTGRAD9
Date: Sat, 09 Dec 2023 12:50:13 GMT
Last-Modified: Wed, 03 Nov 2021 21:10:09 GMT
ETag: "c029f674b13b082e9a03b16217c3f576"
x-amz-version-id: X1zblgbOV1d.Qkc55AyQidmgNGbabuW5
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 2371

s3.amazonaws.com/assets.manwardpress.com/favicon.png

54.231.168.176

200 OK

524 B

URL GET HTTP/1.1
s3.amazonaws.com/assets.manwardpress.com/favicon.png
IP
54.231.168.176:443
ASN
#0

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced
Size
524 B (524 bytes)
Hash
ecc1bd1d1cbccff2b4d8d68e630dfc10
c434a84131752093f031f8097b1efde89465a20d
1517ed0281ec8256ac007c3de7c96cec87188715989358baf4eb52fb660876c5

HTTP Headers

GET /assets.manwardpress.com/favicon.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: qwr7Z4P4a6Zan8UJ2y9IRj2QbtY3lQK9Ms9IDRedJC2e2iSeOnlex4RThOcSONkhzXxwQC+gVeM=
x-amz-request-id: WCG7G2C3RJJBE39K
Date: Sat, 09 Dec 2023 12:50:13 GMT
Last-Modified: Fri, 26 Mar 2021 14:07:46 GMT
ETag: "ecc1bd1d1cbccff2b4d8d68e630dfc10"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 524

c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1702126219875&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&_v=3.0.35&_uid=8f96a13b-24e7-424e-a59a-d8684639fab9&_getid=t

172.67.73.236

200 OK

35 B

URL GET HTTP/2
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1702126219875&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&_v=3.0.35&_uid=8f96a13b-24e7-424e-a59a-d8684639fab9&_getid=t
IP
172.67.73.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1702126219875&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&_v=3.0.35&_uid=8f96a13b-24e7-424e-a59a-d8684639fab9&_getid=t HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:13 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: seerid=8f96a13b-24e7-424e-a59a-d8684639fab9; Path=/; Domain=lytics.io; Max-Age=77760000; Secure; SameSite=None
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teJVrBIt0HQPYU6h%2BNLvytKaA5CqLOoASAcGQY2hzz2bEimu7jG0XNPftrc6qzwJ48OmqEyvRvXGdawo8H1ysM8sAq1zZ7lOquDJ3hezzcBqDln7RrSUaozGMNF1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d5f5efd92b4f4-OSL
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/playPauseLoadingControl.js

151.101.2.132

200 OK

21 kB

URL GET HTTP/2
fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
151.101.2.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65455)
Size
21 kB (21129 bytes)
Hash
31f0b908fbd5fc16bf6737c637b83178
26f5effe6525ca16ceb9815cb26776a8ac36f81c
863614886d87b0fbc5b99b2c002a8e382ab9161cacc1290006ea02e428e09747

HTTP Headers

GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "b09d2ef450c9011369afee5fc7a5a161"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:13 GMT
age: 3302
x-served-by: cache-iad-kjyo7100036-IAD, cache-bma1672-BMA
x-cache: HIT, HIT
x-cache-hits: 68, 69
x-timer: S1702126213.239220,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 21129
X-Firefox-Spdy: h2

pro.manwardpress.com/p/effortattributes/extractEffortattributes/NMWLZB11

192.135.136.168

200 OK

691 B

URL GET HTTP/1.1
pro.manwardpress.com/p/effortattributes/extractEffortattributes/NMWLZB11
IP
192.135.136.168:443
ASN
#11372 14WEST-AS

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking2.pubsvs.com
Fingerprint21:30:C0:C7:EE:E3:FC:D2:C5:C5:89:D3:CD:75:43:C9:99:B2:A0:76
ValidityMon, 25 Sep 2023 13:28:41 GMT - Sun, 24 Dec 2023 13:28:40 GMT

File type
JSON data
Size
691 B (691 bytes)
Hash
95c6f6c8aa14ee1ed3fea65ff63015ab
f1b98087c3a0f34985ca8d2eb798759ccc823b6f
3c1795c82ab9ff3b5d85ad12bb520625b8bf1086056062f335601db5b37c0035

HTTP Headers

GET /p/effortattributes/extractEffortattributes/NMWLZB11 HTTP/1.1
Host: pro.manwardpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
DNT: 1
Connection: keep-alive
Cookie: 2261672=2677139; BIGipServerIRIS_PROD_HTTPS_POOL=!lBSTccRYsq56/aU0QCUGrw3uOK3bWZdOUhJTq7qRes+wWcjjxHrQCqiLuyIpgMdX/9mFjzrFNi5gTy4=; NMWLZB11=; seerses=e; seerid=8f96a13b-24e7-424e-a59a-d8684639fab9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 12:50:12 GMT
Content-Length: 691
Strict-Transport-Security: max-age=63072000; includeSubDomains

embed-ssl.wistia.com/deliveries/ef6d1743f95d45b58afe30918ade93ca.webp?image_crop_resized=1280x720

143.204.55.103

200 OK

38 kB

URL GET HTTP/2
embed-ssl.wistia.com/deliveries/ef6d1743f95d45b58afe30918ade93ca.webp?image_crop_resized=1280x720
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Size
38 kB (37799 bytes)
Hash
a2f562984d99f823a923972dbb46eacd
f550613e0853427e7cfe4d46bc7cc0f25d6d41bb
959e25f29957c07d7c3f72de3d9f6d05db21d7fc5462d265974c175826c0e2ad

HTTP Headers

GET /deliveries/ef6d1743f95d45b58afe30918ade93ca.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
accept-ranges: none
access-control-request-method: *
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: ef6d1743f95d45b58afe30918ade93ca
etag: FeAz6PM7B5JMI3EKzOF3WTHC1xU=
last-modified: Wed, 08 Nov 2023 05:14:52 UTC
surrogate-key: ef6d1743f95d45b58afe30918ade93ca thumbnail-delivery
date: Fri, 08 Dec 2023 05:07:18 GMT
x-envoy-upstream-service-time: 350
server: envoy
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O3RvwDfO4YncY6YpucMLcu_0VodQTAU8tHkBL5Y9TQ_iZGg6K3v7ag==
age: 114175
x-cdn: cloudfront
vary: Origin
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c

142.250.74.168

200 OK

95 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (7711)
Size
95 kB (95297 bytes)
Hash
3950c3fa883ae61fb7412f0b95b49cb8
755277ef39b251333edeb3699acb8b3d5c15b62e
c0d41fd9ad902c2e8918f4d69fe738a155a32241bf1b71fcd80c52ed97e6bc9f

HTTP Headers

GET /gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 12:50:13 GMT
expires: Sat, 09 Dec 2023 12:50:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C

142.250.74.168

200 OK

76 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (4660)
Size
76 kB (76533 bytes)
Hash
3093f004366f1fd5334fdfedaf98848d
dc55051be4d7d83929e5691de0429ac5f2957795
e163ec2c1ea3d5892709239c3c383a86234e25b9dfec7bfaca32c9efcb64d3a1

HTTP Headers

GET /gtm.js?id=GTM-TJ3NG7C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 12:50:13 GMT
expires: Sat, 09 Dec 2023 12:50:13 GMT
cache-control: private, max-age=900
last-modified: Sat, 09 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76533
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG

142.250.74.168

200 OK

82 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (64013)
Size
82 kB (81827 bytes)
Hash
d5fc856292e509592dec0ea5042490ff
7e4bbc6d275ff10ad8319db3f41d35c2cfd8ff5a
53bc8c4e3d6353ee09d90ad478181f1e5b8a3ff390dafe1675f1ce019f4f5839

HTTP Headers

GET /gtm.js?id=GTM-5S9B9GG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 12:50:13 GMT
expires: Sat, 09 Dec 2023 12:50:13 GMT
cache-control: private, max-age=900
last-modified: Sat, 09 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fast.wistia.com/assets/external/engines/hls_video.js

151.101.2.132

200 OK

118 kB

URL GET HTTP/2
fast.wistia.com/assets/external/engines/hls_video.js
IP
151.101.2.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
118 kB (117668 bytes)
Hash
6e1e307293f078c95c07db8660ce607a
2a08bcf1166c9707485e568102f7c96e1f933b36
f0150171f993137d09210b10e0629ea4d57a465046ba791adb4bf4a2da978357

HTTP Headers

GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "5258bd9b9f222d0dd6df0056cd2b7524"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:13 GMT
age: 3509
x-served-by: cache-iad-kcgs7200099-IAD, cache-bma1672-BMA
x-cache: HIT, HIT
x-cache-hits: 64, 63
x-timer: S1702126214.501846,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 117668
X-Firefox-Spdy: h2

c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait?page.url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&page.timestamp=1702126219255&page.page_domain=pro.manwardpress.com&page.page_referrer=&page.page_title=Manward%20Press&page.page_name=DARKTO99MWLLT2YRDSCBP&page.promocode=NMWLZB11&page.page_type=promo%20page&page.abandon_time=300000&page.system=Iris&page.page_template_type=video&identity.sessionid=_zoriyug33d&identity.device_width=large&identity.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&identity.clientid=3e1b8598-edea-45cf-9dcd-da30eb8a406a&identity.lytics_uid=8f96a13b-24e7-424e-a59a-d8684639fab9&identity.first_touch=pro.manwardpress.com&effort.ScheduledDate=11%2F06%2F2023&effort.ScheduleTime=&effort.PromoCode=NMWLZB11&effort.EffortId=2677139&effort.MultivariateId=2261672&effort.EffortType=Dedicated&effort.ItemCode=MWL&effort.ItemName=Manward%20Money%20Report&effort.ItemType=Subscription&effort.ItemSubscriptionType=FrontEnd&effort.AdvantageListCode=&effort.ListName=8020%20Publishing&effort.PlacementName=Dedicated&effort.SegmentName=All&effort.TagsName_len=1&effort.TagsName_json=%5B%22Affiliates%22%5D&effort.TagsName=Affiliates&effort.Advertisement=&effort.Page1=DarkTO49%20(Video)&effort.Page1Status=Active&effort.Page2=&effort.Page2Status=&effort.OfferStatus=Active&effort.TreeName=DarkTO99%20(Video)&effort.TreeStatus=Active&effort.MediaChannel=N%20-%20Agora%20Swap%20Website&effort.AcquisitionMethod=UX%20-%20Web%2FEmail%20Promo%20External&effort.CampaignName=MWL%20Dark&effort.timestamp=1702126219255&_ts=1702126220372&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&_uid=8f96a13b-24e7-424e-a59a-d8684639fab9&_v=3.0.35&_uido=8f96a13b-24e7-424e-a59a-d8684639fab9

172.67.73.236

200 OK

35 B

URL GET HTTP/2
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait?page.url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&page.timestamp=1702126219255&page.page_domain=pro.manwardpress.com&page.page_referrer=&page.page_title=Manward%20Press&page.page_name=DARKTO99MWLLT2YRDSCBP&page.promocode=NMWLZB11&page.page_type=promo%20page&page.abandon_time=300000&page.system=Iris&page.page_template_type=video&identity.sessionid=_zoriyug33d&identity.device_width=large&identity.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&identity.clientid=3e1b8598-edea-45cf-9dcd-da30eb8a406a&identity.lytics_uid=8f96a13b-24e7-424e-a59a-d8684639fab9&identity.first_touch=pro.manwardpress.com&effort.ScheduledDate=11%2F06%2F2023&effort.ScheduleTime=&effort.PromoCode=NMWLZB11&effort.EffortId=2677139&effort.MultivariateId=2261672&effort.EffortType=Dedicated&effort.ItemCode=MWL&effort.ItemName=Manward%20Money%20Report&effort.ItemType=Subscription&effort.ItemSubscriptionType=FrontEnd&effort.AdvantageListCode=&effort.ListName=8020%20Publishing&effort.PlacementName=Dedicated&effort.SegmentName=All&effort.TagsName_len=1&effort.TagsName_json=%5B%22Affiliates%22%5D&effort.TagsName=Affiliates&effort.Advertisement=&effort.Page1=DarkTO49%20(Video)&effort.Page1Status=Active&effort.Page2=&effort.Page2Status=&effort.OfferStatus=Active&effort.TreeName=DarkTO99%20(Video)&effort.TreeStatus=Active&effort.MediaChannel=N%20-%20Agora%20Swap%20Website&effort.AcquisitionMethod=UX%20-%20Web%2FEmail%20Promo%20External&effort.CampaignName=MWL%20Dark&effort.timestamp=1702126219255&_ts=1702126220372&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&_uid=8f96a13b-24e7-424e-a59a-d8684639fab9&_v=3.0.35&_uido=8f96a13b-24e7-424e-a59a-d8684639fab9
IP
172.67.73.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /c/9c32784e3cc4888a693a7988ad64c63d/portrait?page.url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&page.timestamp=1702126219255&page.page_domain=pro.manwardpress.com&page.page_referrer=&page.page_title=Manward%20Press&page.page_name=DARKTO99MWLLT2YRDSCBP&page.promocode=NMWLZB11&page.page_type=promo%20page&page.abandon_time=300000&page.system=Iris&page.page_template_type=video&identity.sessionid=_zoriyug33d&identity.device_width=large&identity.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&identity.clientid=3e1b8598-edea-45cf-9dcd-da30eb8a406a&identity.lytics_uid=8f96a13b-24e7-424e-a59a-d8684639fab9&identity.first_touch=pro.manwardpress.com&effort.ScheduledDate=11%2F06%2F2023&effort.ScheduleTime=&effort.PromoCode=NMWLZB11&effort.EffortId=2677139&effort.MultivariateId=2261672&effort.EffortType=Dedicated&effort.ItemCode=MWL&effort.ItemName=Manward%20Money%20Report&effort.ItemType=Subscription&effort.ItemSubscriptionType=FrontEnd&effort.AdvantageListCode=&effort.ListName=8020%20Publishing&effort.PlacementName=Dedicated&effort.SegmentName=All&effort.TagsName_len=1&effort.TagsName_json=%5B%22Affiliates%22%5D&effort.TagsName=Affiliates&effort.Advertisement=&effort.Page1=DarkTO49%20(Video)&effort.Page1Status=Active&effort.Page2=&effort.Page2Status=&effort.OfferStatus=Active&effort.TreeName=DarkTO99%20(Video)&effort.TreeStatus=Active&effort.MediaChannel=N%20-%20Agora%20Swap%20Website&effort.AcquisitionMethod=UX%20-%20Web%2FEmail%20Promo%20External&effort.CampaignName=MWL%20Dark&effort.timestamp=1702126219255&_ts=1702126220372&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&_uid=8f96a13b-24e7-424e-a59a-d8684639fab9&_v=3.0.35&_uido=8f96a13b-24e7-424e-a59a-d8684639fab9 HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Cookie: seerid=8f96a13b-24e7-424e-a59a-d8684639fab9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:13 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fd48pr1GNupR4aQmXn7BvF6SuD3PVccwE%2FmlI58%2BeE03DgyRZwXY1qQIbHjG2FqGa%2BJ7WGB2E5pTJj%2FxP%2F1KFRiPL4q21k5lpiAEpwa5rSvqBjcRlJVY6Tgx3Gak"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d5f621834b4f4-OSL
X-Firefox-Spdy: h2

s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css

54.231.168.176

200 OK

320 kB

URL GET HTTP/1.1
s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
IP
54.231.168.176:443
ASN
#0

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
320 kB (320044 bytes)
Hash
48675c50d74a44b365f09b856784ef85
9a9079ed745b845985b1cdf7816d4c8de5ecee2e
a797c2308c39d7f9ef25337b020a4321e5256c8cddae6e3b4f25b18dcfcdd53a

HTTP Headers

GET /assets.oxfordclub.com/css/global/lytics-styles.css HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: rzDsO+qUjGg6cz9xY8ofXo3euVo0UtAaCDxJt8ksnZutLEMGU4gaM/BYLLSFFksL+N0VUF16uzc=
x-amz-request-id: YG6JWX1X95TNXZ59
Date: Sat, 09 Dec 2023 12:50:14 GMT
Last-Modified: Thu, 07 Dec 2023 20:33:03 GMT
ETag: "48675c50d74a44b365f09b856784ef85"
x-amz-server-side-encryption: AES256
x-amz-version-id: Xwtq9VgVuBUMlWQB.46vckHGj2y7ON.P
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 320044

dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData

143.204.55.112

200 OK

3 B

URL POST HTTP/2
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.execute-api.us-east-1.amazonaws.com
FingerprintC8:81:6C:B7:7D:FE:7C:8F:6F:98:5D:66:05:CD:D5:82:C3:F3:48:4E
ValidityWed, 08 Feb 2023 00:00:00 GMT - Thu, 07 Mar 2024 23:59:59 GMT

File type
JSON data
Size
3 B (3 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

OPTIONS /Prod/GetLyticsUserData HTTP/1.1
Host: dnzkifeab6.execute-api.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pro.manwardpress.com/
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
content-length: 3
date: Sat, 09 Dec 2023 12:50:13 GMT
x-amzn-requestid: b8c9b559-0f02-4b49-a218-4c73d53785b6
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: PrRU7HnWIAMEUTg=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3xNpRmzt8a1r5YjaRzf5VdlcYe9W-Q55D-IxwdgakhpSBQh8V4hTJw==
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/jupsr1090a.m3u8

151.101.2.132

200 OK

943 B

URL GET HTTP/2
fast.wistia.com/embed/medias/jupsr1090a.m3u8
IP
151.101.2.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
M3U playlist, ASCII text
Size
943 B (943 bytes)
Hash
7d7d6fbbcb682828f780674a440f620c
7fec30bd73e0c740c5930b48aa22448fddb059b1
6c22225f1e71845451b6d2dc031d7b51912bf6966d2e6fbcd3cc203b065e14ab

HTTP Headers

GET /embed/medias/jupsr1090a.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-mpegURL
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"6c22225f1e71845451b6d2dc031d7b51"
x-request-id: b0e4137e-95c6-4ae3-8adc-b14df93b4787
x-runtime: 0.030739
x-envoy-upstream-service-time: 32
via: 1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: xrIBd50KzH_4qp3SaOoeu03_voxAUzuGbmaHpb9kgkux0IhPtHH-ow==
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:13 GMT
age: 5
x-served-by: cache-iad-kcgs7200065-IAD, cache-bma1672-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 1082, 1
x-timer: S1702126214.765005,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 943
X-Firefox-Spdy: h2

fast.wistia.com/assets/images/blank.gif

151.101.2.132

200 OK

1.2 kB

URL GET HTTP/2
fast.wistia.com/assets/images/blank.gif
IP
151.101.2.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
GIF image data, version 89a, 100 x 100
Size
1.2 kB (1214 bytes)
Hash
fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

HTTP Headers

GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Wed, 10 May 2023 19:48:54 GMT
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
x-amz-server-side-encryption: AES256
content-type: image/gif
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:13 GMT
age: 2667
x-served-by: cache-iad-kcgs7200077-IAD, cache-bma1673-BMA
x-cache: HIT, HIT
x-cache-hits: 37, 68
x-timer: S1702126214.779224,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2

use.typekit.net/ivq3tmv.css

23.33.119.67

200 OK

924 B

URL GET HTTP/2
use.typekit.net/ivq3tmv.css
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
924 B (924 bytes)
Hash
a77e9b96ff5fde4169651e452b9a0825
0dbbc811bdafa4f2fa14a313ee70eb4f3ceb4e0a
d40d7107bd64185b99e2fcca3a73d14c2a2c6b7b7a156ec5f06679149c229735

HTTP Headers

GET /ivq3tmv.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 924
date: Sat, 09 Dec 2023 12:50:13 GMT
X-Firefox-Spdy: h2

use.typekit.net/ncb8zzv.css

23.33.119.67

200 OK

750 B

URL GET HTTP/2
use.typekit.net/ncb8zzv.css
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
750 B (750 bytes)
Hash
de5097050c4d5a51d45bc0b306afc50e
76923b641b6d88cdd7f79fc870e295b13e5e079c
9cea872c4cf57a50ee40950b57f8a74f7c83060335e8f19ee3b9fbfc451add52

HTTP Headers

GET /ncb8zzv.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 750
date: Sat, 09 Dec 2023 12:50:13 GMT
X-Firefox-Spdy: h2

use.typekit.net/jsh5erf.css

23.33.119.67

200 OK

678 B

URL GET HTTP/2
use.typekit.net/jsh5erf.css
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
678 B (678 bytes)
Hash
23c4af4bce4aafabe73936c82ee55d6d
8340a4fbe51d0c929651b1c3c9b3a4f82f935a6c
df8723e4f66b842107f3f27ee5acea125f56163819925b33bde3dd1cc1e8d8a9

HTTP Headers

GET /jsh5erf.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 678
date: Sat, 09 Dec 2023 12:50:13 GMT
X-Firefox-Spdy: h2

use.typekit.net/eab1nzm.css

23.33.119.67

200 OK

602 B

URL GET HTTP/2
use.typekit.net/eab1nzm.css
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
602 B (602 bytes)
Hash
59ed759c43e6a90623ff8c3586b49118
6572626ae238e59ee6a4fabb9f9b8b8273443b1b
4207fb06ea6afa96ed2eecea8510ee7e7726d022619bd2ca49191a6a89f1ebb8

HTTP Headers

GET /eab1nzm.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 602
date: Sat, 09 Dec 2023 12:50:13 GMT
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8

143.204.55.103

200 OK

116 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
116 kB (116419 bytes)
Hash
1d15153fe72f32c5465a40cd3cabae74
0070f32173d2b39d622b3f3e6834f2fda4c881f8
c25eb3ecb480bbb23e31adf523d92baecef5eb47e12e78dc95c1833cfd9647ff

HTTP Headers

GET /deliveries/43565402fec316214945c01451539a224e66578c.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 116419
server: envoy
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 43565402fec316214945c01451539a224e66578c-hls-segment
surrogate-key: 43565402fec316214945c01451539a224e66578c-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 85
date: Wed, 06 Dec 2023 18:26:23 GMT
expires: Thu, 05 Dec 2024 18:26:23 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8CmxKPi9j_4cNY7VS1ElNbY3jw7Z6TrSLiy6HOb7OX9jxyxWRMN5JQ==
age: 239030
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.103

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 686
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 12:50:13 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PNDwmhqL8ptcVk6a2q0v017yE81QnXBchQpX18kuVLMzRZ2MdduH6Q==
X-Firefox-Spdy: h2

dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData

143.204.55.112

200 OK

76 B

URL POST HTTP/2
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
IP
143.204.55.112:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.execute-api.us-east-1.amazonaws.com
FingerprintC8:81:6C:B7:7D:FE:7C:8F:6F:98:5D:66:05:CD:D5:82:C3:F3:48:4E
ValidityWed, 08 Feb 2023 00:00:00 GMT - Thu, 07 Mar 2024 23:59:59 GMT

File type
JSON data
Size
76 B (76 bytes)
Hash
74cd2ce4def6577d2db4502c943c3289
c5ac742f41f7052834573a7f11ec085cc8506d55
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984

HTTP Headers

POST /Prod/GetLyticsUserData HTTP/1.1
Host: dnzkifeab6.execute-api.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 22
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 76
date: Sat, 09 Dec 2023 12:50:14 GMT
x-amzn-requestid: 3a637997-843a-4d17-b42b-adfef16914dd
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: PrRU-FW3IAMEWnw=
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
x-amzn-trace-id: Root=1-65746285-42e318196e70c6c308d5a88d;Sampled=0;lineage=17be0e8a:0
x-cache: Miss from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WtllBIh1DtqRnhe0LdRQNzv8zz-OA-dsIm4QuDXUFEhgwu1-XcjO8Q==
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8/seg-1-v1-a1.ts

143.204.55.103

200 OK

1.6 MB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8/seg-1-v1-a1.ts
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
1.6 MB (1630712 bytes)
Hash
42f8311802bd0228b38798acb7291931
e1b2aac90d6edd29c378f8a8990fadfca0757682
e50bbdde3a7c0f8c04016edbde607f80c38871fc0474f1a8b0c8c90bd231c0a8

HTTP Headers

GET /deliveries/43565402fec316214945c01451539a224e66578c.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 1630712
server: envoy
date: Thu, 07 Dec 2023 07:25:18 GMT
expires: Fri, 06 Dec 2024 07:25:18 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 43565402fec316214945c01451539a224e66578c-hls-segment
surrogate-key: 43565402fec316214945c01451539a224e66578c-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 392
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GonTLVsqH64RThz08tWazPO1SVNvbvbIWt-3FHMvTUqdP6JlhEjmMg==
age: 192296
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=ivq3tmv&ht=tk&f=22489.22490.22495.22496.26016.26017.26018.26019&a=87036570&app=typekit&e=css

23.33.119.26

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=ivq3tmv&ht=tk&f=22489.22490.22495.22496.26016.26017.26018.26019&a=87036570&app=typekit&e=css
IP
23.33.119.26:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=ivq3tmv&ht=tk&f=22489.22490.22495.22496.26016.26017.26018.26019&a=87036570&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:14 GMT
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/allIntegrations.js

151.101.2.132

200 OK

5.8 kB

URL GET HTTP/2
fast.wistia.com/assets/external/allIntegrations.js
IP
151.101.2.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (23371)
Size
5.8 kB (5774 bytes)
Hash
9a9248fb8178a9640de37511b065850f
086459b7f718251f753b82cee05f51c6ca2d3a84
fb7f597f64e9b0c17f7f99fb577f164c36f93f13ffda2ccb736b786e4e705d12

HTTP Headers

GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "2de48c3cd29dd8ca8c43042875b49727"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:14 GMT
age: 3206
x-served-by: cache-iad-kcgs7200101-IAD, cache-bma1672-BMA
x-cache: HIT, HIT
x-cache-hits: 65, 41
x-timer: S1702126214.341473,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 5774
X-Firefox-Spdy: h2

www.redditstatic.com/ads/pixel.js

151.101.193.140

200 OK

7.4 kB

URL GET HTTP/2
www.redditstatic.com/ads/pixel.js
IP
151.101.193.140:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subjectwww.redditstatic.com
Fingerprint5B:10:93:15:D0:06:B8:27:DD:C8:15:7C:8A:49:4B:AD:06:D3:8E:15
ValidityFri, 25 Aug 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23776)
Size
7.4 kB (7409 bytes)
Hash
78b6c68984a6ce5b3fcac1c6a9cad00c
02e1d366a17506cea8adfe5a15949aca89719a02
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

HTTP Headers

GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:14 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7409
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=ncb8zzv&ht=tk&f=35050.35053.40427.40433&a=102213364&app=typekit&e=css

23.33.119.26

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=ncb8zzv&ht=tk&f=35050.35053.40427.40433&a=102213364&app=typekit&e=css
IP
23.33.119.26:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=ncb8zzv&ht=tk&f=35050.35053.40427.40433&a=102213364&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:14 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=jsh5erf&ht=tk&f=16466.16468.16470&a=647398&app=typekit&e=css

23.33.119.26

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=jsh5erf&ht=tk&f=16466.16468.16470&a=647398&app=typekit&e=css
IP
23.33.119.26:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=jsh5erf&ht=tk&f=16466.16468.16470&a=647398&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:14 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=eab1nzm&ht=tk&f=26014&a=102213364&app=typekit&e=css

23.33.119.26

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=eab1nzm&ht=tk&f=26014&a=102213364&app=typekit&e=css
IP
23.33.119.26:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=eab1nzm&ht=tk&f=26014&a=102213364&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:14 GMT
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609z8813057436&_p=1702126219258&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1091952826.1702126221&ul=en-us&sr=1280x1024&_s=1&sid=1702126220&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&dt=Manward%20Press&en=page_view&_fv=1&_nsi=1&_ss=1&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&tfd=5137

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609z8813057436&_p=1702126219258&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1091952826.1702126221&ul=en-us&sr=1280x1024&_s=1&sid=1702126220&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&dt=Manward%20Press&en=page_view&_fv=1&_nsi=1&_ss=1&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&tfd=5137
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609z8813057436&_p=1702126219258&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1091952826.1702126221&ul=en-us&sr=1280x1024&_s=1&sid=1702126220&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&dt=Manward%20Press&en=page_view&_fv=1&_nsi=1&_ss=1&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&tfd=5137 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.manwardpress.com
date: Sat, 09 Dec 2023 12:50:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

distillery.wistia.com/x

54.230.111.55

204 No Content

0 B

URL POST HTTP/2
distillery.wistia.com/x
IP
54.230.111.55:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subjectstats-tap-production-cloudfront-app-cname.wistia.com
Fingerprint37:C6:AB:79:1C:DF:9B:5E:3A:B8:3E:F1:0C:1D:48:BF:89:2D:1F:40
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1658
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 09 Dec 2023 12:50:14 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
server: envoy
x-envoy-upstream-service-time: 1
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i92S1HWV0ZPYZavsXG7rC_4uZu9a7ZgXyDx-YeJjhIrU_yQ1QUH6Kw==
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/18590de2085b7ce8ac5729ff0cc972e004fb2734.m3u8

143.204.55.103

200 OK

116 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/18590de2085b7ce8ac5729ff0cc972e004fb2734.m3u8
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
116 kB (116419 bytes)
Hash
7c81f8ab4bab44f28118835de7bc945c
222c86395850560b7084a85da0b2b0d2ef0ec08d
63068b8cb05fa55f4f7be7887ab1b85613207f119bb4d5da07efc3f4141dcdb9

HTTP Headers

GET /deliveries/18590de2085b7ce8ac5729ff0cc972e004fb2734.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 116419
server: envoy
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 18590de2085b7ce8ac5729ff0cc972e004fb2734-hls-segment
surrogate-key: 18590de2085b7ce8ac5729ff0cc972e004fb2734-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 101
date: Wed, 06 Dec 2023 17:18:06 GMT
expires: Thu, 05 Dec 2024 17:18:06 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8lqXLmmCMeqYC4gwL9qDJFZ_dhlSfWSGuOWCXdNoKbPTgLVsnX4GGg==
age: 243128
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css

142.250.74.123

200 OK

602 B

URL GET HTTP/2
storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css
IP
142.250.74.123:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectstorage.googleapis.com
FingerprintF1:10:D7:72:C2:3B:0A:45:C6:0E:9C:5E:22:3D:E7:08:37:61:CF:DB
ValidityMon, 20 Nov 2023 08:13:19 GMT - Mon, 12 Feb 2024 08:13:18 GMT

File type
ASCII text, with very long lines (602), with no line terminators
Size
602 B (602 bytes)
Hash
9df2d5ae6031369aa6e0f3685608cd8c
cdf5ad44e5e1e9bf2b0413e046189830a1921e17
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06

HTTP Headers

GET /lioservices/2470-oxford-club/lytics_overrides.min.css HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPoiE9_kVcxl0aQJOEifKeIeAOwOdhfwLMedeqaBA12ncP2pi2ueo-j2Up-xStWlQBDE1tU
x-goog-generation: 1538689646128559
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 602
x-goog-hash: crc32c=VZEimQ==, md5=nfLVrmAxNpqm4PNoVgjNjA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 602
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Sat, 09 Dec 2023 12:03:08 GMT
expires: Sat, 09 Dec 2023 13:03:08 GMT
cache-control: public, max-age=3600
age: 2826
last-modified: Thu, 04 Oct 2018 21:47:26 GMT
etag: "9df2d5ae6031369aa6e0f3685608cd8c"
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.103

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1518
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 12:50:14 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cvQaoehwA0MSCNhKqhCXFChYkDB8I9EpQCkL1olncb7G2kZgAhIBig==
X-Firefox-Spdy: h2

protect-us.mimecast.com/s/h1jcCER74NcBE3k1UNVigd?domain=connect.facebook.net

205.139.111.12

307 Temporary Redirect

0 B

URL GET HTTP/1.1
protect-us.mimecast.com/s/h1jcCER74NcBE3k1UNVigd?domain=connect.facebook.net
IP
205.139.111.12:443
ASN
#30031 MIMECAST

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subject*.mimecast.com
FingerprintE4:2D:2A:92:C3:85:1A:6E:2A:4E:39:EF:1B:0E:C2:A4:BA:5B:CB:DE
ValidityFri, 20 Jan 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/h1jcCER74NcBE3k1UNVigd?domain=connect.facebook.net HTTP/1.1
Host: protect-us.mimecast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Date: Sat, 09 Dec 2023 12:50:14 GMT
Content-Length: 0
Connection: keep-alive
Location: https://protect-us.mimecast.com/r/IW55N6w1pZriZ_pUaVPurrEde0moxhkBtKa4pklyGL8qUqxDQePobYDh7k0jO2Te2qQ3HGjdx-ZOty_BppmjmX_OY6SHGmXcO6CRQ6LUdZYwwqU9XY6iNOSiFBTKeHwfza2TU0S0pWLC4gaK7DijkZNB1fMCoJYAgxeMpZIOuk5AyHGFZvH52UvBHl-GzpzV6XkS1C4SGaaqecNin7hQbjendb1k45k-azQBDTrCJPefgO8vHGJcRooNB2q_rN56Y5rrMlCP1Z2jgFAhx4fN7KfVNMtbJNjMpCxjFPa4zMjnTddNYoa2uEvV605_VxA86Ug_2UGF28vYV-m9AYWjhvpAxqU3y0usBu3KCv4CUyA6AvcRyTS0pAzxNPaEZpvsJCr2GQHNayc95p4HOP9IUR3nOlR9UGgTGVZRbAwnPZGpAE-G61g-5Od0D375p6dInroISE8bdXyL0K9ZOO0umOm7MJ1sgvuQ8Qwaqb5aCMgCoKzhSB3vVjy1aujW_wG2eHuPDDZt10TieyPZGAsGNPbP832_z_yfmfzwHFh6M-sywLWv6-cjW6TLFH5TW3xh8wxYtUkTEMjsfXU6dMCi4tKOgRziPUmCnmeAqqlu6eruR9oryLOPKztelOGr0_ZkU-UxE1tNgXBnOk91Ugh-McMV0mWsqvVNhS1WUHCz4OKfQtsMXFJexHLmEu4Dqy-Xtgt1GJ1BRz18fqItSfi6x6HfJ83ZuHO_37i2xc9ZDpGe-H6gtAmBgNqKn-8BuCAzGhpCXYWpreMV_gjsypzT0vFrd1xOBemixg-rVlKxkIwfgmNDuh1sfNEZlMJ4yYSQ2luY2Vw_lq7Fh8PX-22YK1rf-pcpRz91Dy8MVVgPKgFSjoQaXiRNYSV0JIUpEhPpqkgU7SRQIsS4KRgW_otDUYouzFH0uGgdkWOisxCIGYR18QfyvHdqt_UjXLarOJKv19edb3E94LHsd6ANkXhdoEsWGMGuKq7x6o6JidQ6tmpa3-Zc-ahfjedvXVUgud3VpuTcdWjZcZieEb7v6YO4V5wbQ10iuHPLfRFfB8QhPyfVGPdN1MonDUarrek4CybBULwF9kh9vUVXiS6fvK-e01k1zQy5Wi-kSVimKspVObntORLUuJFnLP0l7SEI8jv6LdqvMRH2QPPYkpjWyL3DK8f-Yzv-nJvgXvTfcFwxbFCEHx0yjplSuodqk6xCKKlku2jlIzVIgMOPgHM2yd6fCbN7HuLxJGE-M514n-yQGeWkMEr063UuaOKRJFvngqc6IdDfrfNjyW0RmUOB6BvMmQNwQ5x45ExEwrbyVCMqGHD9mA-bNdh_ph7V7Rd7aF1hUttKWdujSKFoDLPgzsgmTEo_sTk0KovyAZITHQwlTt32qM1eNNeugSbgZ9dyGBDf7Sq2xyXlvy8_7gQj1vrAwhPcwXmh-NRkAxhs9kMFidKHSf04r1w1M8lpDcBsohBkbWVDQp5fhpsj3Gxst_FadTy8EUYtfWTey_LAqQ2swEtxgfmMNMNh8J8GsOTb594DWemhITTjU2kd00MHkVmScghZoDtk_FDSz6kHnv1yCtKCz3wp5WO4qT96AXCEnRs_Y1hRWMjmVTxW0MCmC4CDrDAxUFiE4mzOuISQOJl7xCnQNLK92aEokeaLeYxXJJfXTC56rFfGU24nepoOYurCWD1ZkJxCkMp-9Mf-1NfNkyPQJZN1XvnJZOi34VJ5s9MHtBzg4phMbCXIKfx9CqKg7_PgLkwQ6Dv8MLX9wC3cZsL_nPGFurIORhYW1-db3VbD-lybiOU_URyoA4YuQoKpAcK08tHs-C-MG8WiecQPEZbxjnr8396Y_-pye1J94S5f_9B2odwOpi2v8l81FpNeqhBXlNT6_Tt46-voxTrsn6rbIqQnPwcj6nz7lhGKwegz80A-S7tMvYwCe2ApPDYthvpoZZSYyHD8mrBOIf7NPS7b0BLcVh7RaRFOquWZoRwNHHp5MvtQbwUisF5S6V6H2mKmLxmHq7-lyon_H38WR8k
Cache-control: no-store
Pragma: no-cache
X-Robots-Tag: noindex, nofollow

c.pmsrv.co/v2/acvr3?a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=page-land&weight=0&dnt=false&_ible=1&ej=%7B%22dnt%22%3Afalse%7D&ord=4935942417101400&sid=f5f5bede-baf5-49a3-b3b5-d1c1f8484022&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&_ii=0&ppg=&_tk=%7B%7D

143.204.55.94

302 Found

441 B

URL GET HTTP/2
c.pmsrv.co/v2/acvr3?a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=page-land&weight=0&dnt=false&_ible=1&ej=%7B%22dnt%22%3Afalse%7D&ord=4935942417101400&sid=f5f5bede-baf5-49a3-b3b5-d1c1f8484022&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&_ii=0&ppg=&_tk=%7B%7D
IP
143.204.55.94:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subjectpmsrv.co
Fingerprint75:6B:BA:1B:09:1C:F0:09:3F:A7:0A:8D:BC:E2:85:28:5E:AF:4F:47
ValiditySat, 16 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (441), with no line terminators
Size
441 B (441 bytes)
Hash
07b73e92e2a44a0ad814eae1e24794b1
d16cb2c8788c86fcdecc6404d695dd88261dd2fd
1d3232c003e95f94d85cbfbfcac67df82eed1fe86a7427618c5f8692696f6cef

HTTP Headers

GET /v2/acvr3?a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=page-land&weight=0&dnt=false&_ible=1&ej=%7B%22dnt%22%3Afalse%7D&ord=4935942417101400&sid=f5f5bede-baf5-49a3-b3b5-d1c1f8484022&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&_ii=0&ppg=&_tk=%7B%7D HTTP/1.1
Host: c.pmsrv.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/plain; charset=utf-8
content-length: 441
location: https://contextual.media.net/cksync.php?cs=1&type=max&ovsid=setstatuscode&redirect=https%3A%2F%2Fc.pmsrv.co%2Fv2%2Fcsync%3FMNETID%3D%24%7Bmnetid%7D%26MAXID%3D37a3cf3d-d8bb-4333-9f44-f7eda50d632a%26o_url%3Dhttps%253A%252F%252Fc.pmsrv.co%252Fv2%252Facvr3%253Fa%253D50bbcf39-5fab-4416-a13c-acc35b621b86%2526event%253Dpage-land%2526_ible%253D1%2526sid%253Df5f5bede-baf5-49a3-b3b5-d1c1f8484022%2526weight%253D0%2526_ii%253D0
date: Sat, 09 Dec 2023 12:50:14 GMT
x-amzn-requestid: 37a3cf3d-d8bb-4333-9f44-f7eda50d632a
access-control-allow-origin: *
x-amzn-remapped-content-length: 441
x-amzn-remapped-connection: close
x-amz-apigw-id: PrRVFGJKSK4EK9Q=
cache-control: private, no-cache, no-store, must-revalidate
expires: -1
x-powered-by: Express
x-amzn-trace-id: Root=1-65746286-061775cc1c69a4bd14abfda6;Sampled=0;lineage=c8fdcb33:0
pragma: no-cache
x-amzn-remapped-date: Sat, 09 Dec 2023 12:50:14 GMT
x-cache: Miss from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iWeydKbKN6xiKk0clqIzh5k-BhjwNP5W7IE-YYszmMN_QlaIeZ73Rw==
X-Firefox-Spdy: h2

protect-us.mimecast.com/r/IW55N6w1pZriZ_pUaVPurrEde0moxhkBtKa4pklyGL8qUqxDQePobYDh7k0jO2Te2qQ3HGjdx-ZOty_BppmjmX_OY6SHGmXcO6CRQ6LUdZYwwqU9XY6iNOSiFBTKeHwfza2TU0S0pWLC4gaK7DijkZNB1fMCoJYAgxeMpZIOuk5AyHGFZvH52UvBHl-GzpzV6XkS1C4SGaaqecNin7hQbjendb1k45k-azQBDTrCJPefgO8vHGJcRooNB2q_rN56Y5rrMlCP1Z2jgFAhx4fN7KfVNMtbJNjMpCxjFPa4zMjnTddNYoa2uEvV605_VxA86Ug_2UGF28vYV-m9AYWjhvpAxqU3y0usBu3KCv4CUyA6AvcRyTS0pAzxNPaEZpvsJCr2GQHNayc95p4HOP9IUR3nOlR9UGgTGVZRbAwnPZGpAE-G61g-5Od0D375p6dInroISE8bdXyL0K9ZOO0umOm7MJ1sgvuQ8Qwaqb5aCMgCoKzhSB3vVjy1aujW_wG2eHuPDDZt10TieyPZGAsGNPbP832_z_yfmfzwHFh6M-sywLWv6-cjW6TLFH5TW3xh8wxYtUkTEMjsfXU6dMCi4tKOgRziPUmCnmeAqqlu6eruR9oryLOPKztelOGr0_ZkU-UxE1tNgXBnOk91Ugh-McMV0mWsqvVNhS1WUHCz4OKfQtsMXFJexHLmEu4Dqy-Xtgt1GJ1BRz18fqItSfi6x6HfJ83ZuHO_37i2xc9ZDpGe-H6gtAmBgNqKn-8BuCAzGhpCXYWpreMV_gjsypzT0vFrd1xOBemixg-rVlKxkIwfgmNDuh1sfNEZlMJ4yYSQ2luY2Vw_lq7Fh8PX-22YK1rf-pcpRz91Dy8MVVgPKgFSjoQaXiRNYSV0JIUpEhPpqkgU7SRQIsS4KRgW_otDUYouzFH0uGgdkWOisxCIGYR18QfyvHdqt_UjXLarOJKv19edb3E94LHsd6ANkXhdoEsWGMGuKq7x6o6JidQ6tmpa3-Zc-ahfjedvXVUgud3VpuTcdWjZcZieEb7v6YO4V5wbQ10iuHPLfRFfB8QhPyfVGPdN1MonDUarrek4CybBULwF9kh9vUVXiS6fvK-e01k1zQy5Wi-kSVimKspVObntORLUuJFnLP0l7SEI8jv6LdqvMRH2QPPYkpjWyL3DK8f-Yzv-nJvgXvTfcFwxbFCEHx0yjplSuodqk6xCKKlku2jlIzVIgMOPgHM2yd6fCbN7HuLxJGE-M514n-yQGeWkMEr063UuaOKRJFvngqc6IdDfrfNjyW0RmUOB6BvMmQNwQ5x45ExEwrbyVCMqGHD9mA-bNdh_ph7V7Rd7aF1hUttKWdujSKFoDLPgzsgmTEo_sTk0KovyAZITHQwlTt32qM1eNNeugSbgZ9dyGBDf7Sq2xyXlvy8_7gQj1vrAwhPcwXmh-NRkAxhs9kMFidKHSf04r1w1M8lpDcBsohBkbWVDQp5fhpsj3Gxst_FadTy8EUYtfWTey_LAqQ2swEtxgfmMNMNh8J8GsOTb594DWemhITTjU2kd00MHkVmScghZoDtk_FDSz6kHnv1yCtKCz3wp5WO4qT96AXCEnRs_Y1hRWMjmVTxW0MCmC4CDrDAxUFiE4mzOuISQOJl7xCnQNLK92aEokeaLeYxXJJfXTC56rFfGU24nepoOYurCWD1ZkJxCkMp-9Mf-1NfNkyPQJZN1XvnJZOi34VJ5s9MHtBzg4phMbCXIKfx9CqKg7_PgLkwQ6Dv8MLX9wC3cZsL_nPGFurIORhYW1-db3VbD-lybiOU_URyoA4YuQoKpAcK08tHs-C-MG8WiecQPEZbxjnr8396Y_-pye1J94S5f_9B2odwOpi2v8l81FpNeqhBXlNT6_Tt46-voxTrsn6rbIqQnPwcj6nz7lhGKwegz80A-S7tMvYwCe2ApPDYthvpoZZSYyHD8mrBOIf7NPS7b0BLcVh7RaRFOquWZoRwNHHp5MvtQbwUisF5S6V6H2mKmLxmHq7-lyon_H38WR8k

205.139.111.12

307 Temporary Redirect

0 B

URL GET HTTP/1.1
protect-us.mimecast.com/r/IW55N6w1pZriZ_pUaVPurrEde0moxhkBtKa4pklyGL8qUqxDQePobYDh7k0jO2Te2qQ3HGjdx-ZOty_BppmjmX_OY6SHGmXcO6CRQ6LUdZYwwqU9XY6iNOSiFBTKeHwfza2TU0S0pWLC4gaK7DijkZNB1fMCoJYAgxeMpZIOuk5AyHGFZvH52UvBHl-GzpzV6XkS1C4SGaaqecNin7hQbjendb1k45k-azQBDTrCJPefgO8vHGJcRooNB2q_rN56Y5rrMlCP1Z2jgFAhx4fN7KfVNMtbJNjMpCxjFPa4zMjnTddNYoa2uEvV605_VxA86Ug_2UGF28vYV-m9AYWjhvpAxqU3y0usBu3KCv4CUyA6AvcRyTS0pAzxNPaEZpvsJCr2GQHNayc95p4HOP9IUR3nOlR9UGgTGVZRbAwnPZGpAE-G61g-5Od0D375p6dInroISE8bdXyL0K9ZOO0umOm7MJ1sgvuQ8Qwaqb5aCMgCoKzhSB3vVjy1aujW_wG2eHuPDDZt10TieyPZGAsGNPbP832_z_yfmfzwHFh6M-sywLWv6-cjW6TLFH5TW3xh8wxYtUkTEMjsfXU6dMCi4tKOgRziPUmCnmeAqqlu6eruR9oryLOPKztelOGr0_ZkU-UxE1tNgXBnOk91Ugh-McMV0mWsqvVNhS1WUHCz4OKfQtsMXFJexHLmEu4Dqy-Xtgt1GJ1BRz18fqItSfi6x6HfJ83ZuHO_37i2xc9ZDpGe-H6gtAmBgNqKn-8BuCAzGhpCXYWpreMV_gjsypzT0vFrd1xOBemixg-rVlKxkIwfgmNDuh1sfNEZlMJ4yYSQ2luY2Vw_lq7Fh8PX-22YK1rf-pcpRz91Dy8MVVgPKgFSjoQaXiRNYSV0JIUpEhPpqkgU7SRQIsS4KRgW_otDUYouzFH0uGgdkWOisxCIGYR18QfyvHdqt_UjXLarOJKv19edb3E94LHsd6ANkXhdoEsWGMGuKq7x6o6JidQ6tmpa3-Zc-ahfjedvXVUgud3VpuTcdWjZcZieEb7v6YO4V5wbQ10iuHPLfRFfB8QhPyfVGPdN1MonDUarrek4CybBULwF9kh9vUVXiS6fvK-e01k1zQy5Wi-kSVimKspVObntORLUuJFnLP0l7SEI8jv6LdqvMRH2QPPYkpjWyL3DK8f-Yzv-nJvgXvTfcFwxbFCEHx0yjplSuodqk6xCKKlku2jlIzVIgMOPgHM2yd6fCbN7HuLxJGE-M514n-yQGeWkMEr063UuaOKRJFvngqc6IdDfrfNjyW0RmUOB6BvMmQNwQ5x45ExEwrbyVCMqGHD9mA-bNdh_ph7V7Rd7aF1hUttKWdujSKFoDLPgzsgmTEo_sTk0KovyAZITHQwlTt32qM1eNNeugSbgZ9dyGBDf7Sq2xyXlvy8_7gQj1vrAwhPcwXmh-NRkAxhs9kMFidKHSf04r1w1M8lpDcBsohBkbWVDQp5fhpsj3Gxst_FadTy8EUYtfWTey_LAqQ2swEtxgfmMNMNh8J8GsOTb594DWemhITTjU2kd00MHkVmScghZoDtk_FDSz6kHnv1yCtKCz3wp5WO4qT96AXCEnRs_Y1hRWMjmVTxW0MCmC4CDrDAxUFiE4mzOuISQOJl7xCnQNLK92aEokeaLeYxXJJfXTC56rFfGU24nepoOYurCWD1ZkJxCkMp-9Mf-1NfNkyPQJZN1XvnJZOi34VJ5s9MHtBzg4phMbCXIKfx9CqKg7_PgLkwQ6Dv8MLX9wC3cZsL_nPGFurIORhYW1-db3VbD-lybiOU_URyoA4YuQoKpAcK08tHs-C-MG8WiecQPEZbxjnr8396Y_-pye1J94S5f_9B2odwOpi2v8l81FpNeqhBXlNT6_Tt46-voxTrsn6rbIqQnPwcj6nz7lhGKwegz80A-S7tMvYwCe2ApPDYthvpoZZSYyHD8mrBOIf7NPS7b0BLcVh7RaRFOquWZoRwNHHp5MvtQbwUisF5S6V6H2mKmLxmHq7-lyon_H38WR8k
IP
205.139.111.12:443
ASN
#30031 MIMECAST

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subject*.mimecast.com
FingerprintE4:2D:2A:92:C3:85:1A:6E:2A:4E:39:EF:1B:0E:C2:A4:BA:5B:CB:DE
ValidityFri, 20 Jan 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /r/IW55N6w1pZriZ_pUaVPurrEde0moxhkBtKa4pklyGL8qUqxDQePobYDh7k0jO2Te2qQ3HGjdx-ZOty_BppmjmX_OY6SHGmXcO6CRQ6LUdZYwwqU9XY6iNOSiFBTKeHwfza2TU0S0pWLC4gaK7DijkZNB1fMCoJYAgxeMpZIOuk5AyHGFZvH52UvBHl-GzpzV6XkS1C4SGaaqecNin7hQbjendb1k45k-azQBDTrCJPefgO8vHGJcRooNB2q_rN56Y5rrMlCP1Z2jgFAhx4fN7KfVNMtbJNjMpCxjFPa4zMjnTddNYoa2uEvV605_VxA86Ug_2UGF28vYV-m9AYWjhvpAxqU3y0usBu3KCv4CUyA6AvcRyTS0pAzxNPaEZpvsJCr2GQHNayc95p4HOP9IUR3nOlR9UGgTGVZRbAwnPZGpAE-G61g-5Od0D375p6dInroISE8bdXyL0K9ZOO0umOm7MJ1sgvuQ8Qwaqb5aCMgCoKzhSB3vVjy1aujW_wG2eHuPDDZt10TieyPZGAsGNPbP832_z_yfmfzwHFh6M-sywLWv6-cjW6TLFH5TW3xh8wxYtUkTEMjsfXU6dMCi4tKOgRziPUmCnmeAqqlu6eruR9oryLOPKztelOGr0_ZkU-UxE1tNgXBnOk91Ugh-McMV0mWsqvVNhS1WUHCz4OKfQtsMXFJexHLmEu4Dqy-Xtgt1GJ1BRz18fqItSfi6x6HfJ83ZuHO_37i2xc9ZDpGe-H6gtAmBgNqKn-8BuCAzGhpCXYWpreMV_gjsypzT0vFrd1xOBemixg-rVlKxkIwfgmNDuh1sfNEZlMJ4yYSQ2luY2Vw_lq7Fh8PX-22YK1rf-pcpRz91Dy8MVVgPKgFSjoQaXiRNYSV0JIUpEhPpqkgU7SRQIsS4KRgW_otDUYouzFH0uGgdkWOisxCIGYR18QfyvHdqt_UjXLarOJKv19edb3E94LHsd6ANkXhdoEsWGMGuKq7x6o6JidQ6tmpa3-Zc-ahfjedvXVUgud3VpuTcdWjZcZieEb7v6YO4V5wbQ10iuHPLfRFfB8QhPyfVGPdN1MonDUarrek4CybBULwF9kh9vUVXiS6fvK-e01k1zQy5Wi-kSVimKspVObntORLUuJFnLP0l7SEI8jv6LdqvMRH2QPPYkpjWyL3DK8f-Yzv-nJvgXvTfcFwxbFCEHx0yjplSuodqk6xCKKlku2jlIzVIgMOPgHM2yd6fCbN7HuLxJGE-M514n-yQGeWkMEr063UuaOKRJFvngqc6IdDfrfNjyW0RmUOB6BvMmQNwQ5x45ExEwrbyVCMqGHD9mA-bNdh_ph7V7Rd7aF1hUttKWdujSKFoDLPgzsgmTEo_sTk0KovyAZITHQwlTt32qM1eNNeugSbgZ9dyGBDf7Sq2xyXlvy8_7gQj1vrAwhPcwXmh-NRkAxhs9kMFidKHSf04r1w1M8lpDcBsohBkbWVDQp5fhpsj3Gxst_FadTy8EUYtfWTey_LAqQ2swEtxgfmMNMNh8J8GsOTb594DWemhITTjU2kd00MHkVmScghZoDtk_FDSz6kHnv1yCtKCz3wp5WO4qT96AXCEnRs_Y1hRWMjmVTxW0MCmC4CDrDAxUFiE4mzOuISQOJl7xCnQNLK92aEokeaLeYxXJJfXTC56rFfGU24nepoOYurCWD1ZkJxCkMp-9Mf-1NfNkyPQJZN1XvnJZOi34VJ5s9MHtBzg4phMbCXIKfx9CqKg7_PgLkwQ6Dv8MLX9wC3cZsL_nPGFurIORhYW1-db3VbD-lybiOU_URyoA4YuQoKpAcK08tHs-C-MG8WiecQPEZbxjnr8396Y_-pye1J94S5f_9B2odwOpi2v8l81FpNeqhBXlNT6_Tt46-voxTrsn6rbIqQnPwcj6nz7lhGKwegz80A-S7tMvYwCe2ApPDYthvpoZZSYyHD8mrBOIf7NPS7b0BLcVh7RaRFOquWZoRwNHHp5MvtQbwUisF5S6V6H2mKmLxmHq7-lyon_H38WR8k HTTP/1.1
Host: protect-us.mimecast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Date: Sat, 09 Dec 2023 12:50:14 GMT
Content-Length: 0
Connection: keep-alive
Location: https://connect.facebook.net/en_US/fbevents.js
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-control: no-store
Pragma: no-cache
X-Robots-Tag: noindex, nofollow

bat.bing.com/bat.js

204.79.197.200

200 OK

13 kB

URL GET HTTP/2
bat.bing.com/bat.js
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type
Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Size
13 kB (13175 bytes)
Hash
7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E54EE9F48874F299DE82254DF91E098 Ref B: OSL30EDGE0507 Ref C: 2023-12-09T12:50:15Z
date: Sat, 09 Dec 2023 12:50:14 GMT
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BBMPM3EJHQ&cid=1091952826.1702126221&gtm=45je3bt0v9106739609z8813057436&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1668149366

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BBMPM3EJHQ&cid=1091952826.1702126221&gtm=45je3bt0v9106739609z8813057436&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1668149366
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintDB:33:6A:DD:DA:72:55:0D:55:09:60:6E:D1:5B:40:D8:2B:9B:4F:3C
ValidityMon, 20 Nov 2023 08:12:16 GMT - Mon, 12 Feb 2024 08:12:15 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BBMPM3EJHQ&cid=1091952826.1702126221&gtm=45je3bt0v9106739609z8813057436&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1668149366 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:50:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.getblueshift.com/unity.gif?t=1702126221&e=pageload&r=&z=581152&x=5475fa15fca6698857e67e2705849cfa&k=6f36c64a-f3f2-037f-b035-902f3e6d7d8d&u=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue

52.40.78.89

200 OK

42 B

URL GET HTTP/2
api.getblueshift.com/unity.gif?t=1702126221&e=pageload&r=&z=581152&x=5475fa15fca6698857e67e2705849cfa&k=6f36c64a-f3f2-037f-b035-902f3e6d7d8d&u=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue
IP
52.40.78.89:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
Fingerprint53:0D:6B:AE:94:24:EE:BE:0F:BD:6E:C6:61:2F:FD:37:71:D2:21:0F
ValidityThu, 09 Mar 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /unity.gif?t=1702126221&e=pageload&r=&z=581152&x=5475fa15fca6698857e67e2705849cfa&k=6f36c64a-f3f2-037f-b035-902f3e6d7d8d&u=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:15 GMT
content-type: image/gif
content-length: 42
access-control-allow-origin: https://pro.manwardpress.com
access-control-expose-headers: etag
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: u0Yy2QOKb5ZyMbqIzvP9shVH8NEk2ShXNzf8gmeWkjQ9xfN58IkaX06rut8F0yF4P6Fp2r7L2vg=
x-amz-request-id: N915H33PHF83KBZM
date: Sat, 09 Dec 2023 11:59:45 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 3031
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

bat.bing.com/p/action/15322609.js

204.79.197.200

204 No Content

0 B

URL GET HTTP/2
bat.bing.com/p/action/15322609.js
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/15322609.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD9D598A31B2478582CBDE3E777BF904 Ref B: OSL30EDGE0507 Ref C: 2023-12-09T12:50:15Z
date: Sat, 09 Dec 2023 12:50:15 GMT
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=15322609&Ver=2&mid=46142a11-fbcc-4518-b285-c7da4bddafa2&sid=83e9dbc0969111ee83536bd4ed6a8666&vid=83e9f8a0969111eeb3fbb1f483d4e96a&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Manward%20Press&p=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&r=&lt=4763&evt=pageLoad&sv=1&rn=600887

204.79.197.200

204 No Content

0 B

URL GET HTTP/2
bat.bing.com/action/0?ti=15322609&Ver=2&mid=46142a11-fbcc-4518-b285-c7da4bddafa2&sid=83e9dbc0969111ee83536bd4ed6a8666&vid=83e9f8a0969111eeb3fbb1f483d4e96a&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Manward%20Press&p=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&r=&lt=4763&evt=pageLoad&sv=1&rn=600887
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=15322609&Ver=2&mid=46142a11-fbcc-4518-b285-c7da4bddafa2&sid=83e9dbc0969111ee83536bd4ed6a8666&vid=83e9f8a0969111eeb3fbb1f483d4e96a&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Manward%20Press&p=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&r=&lt=4763&evt=pageLoad&sv=1&rn=600887 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=303540D7F4816B56192B5335F5746AB3; domain=.bing.com; expires=Thu, 02-Jan-2025 12:50:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 113868C86447468E8C8786FBAB8DEB6F Ref B: OSL30EDGE0507 Ref C: 2023-12-09T12:50:15Z
date: Sat, 09 Dec 2023 12:50:15 GMT
X-Firefox-Spdy: h2

s.yimg.com/wi/config/405446.json

188.125.94.206

200 OK

22 B

URL GET HTTP/2
s.yimg.com/wi/config/405446.json
IP
188.125.94.206:443
ASN
#10310 YAHOO-1

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
JSON data
Size
22 B (22 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/405446.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: RFAKD4BCPX0WV3EC
x-amz-id-2: Jd/qbeSNngvlT7cvmvvWRukj0525HrQb3UUfGWG1sBKOqHmyeifx1EKaPyS54aSLLV/EAwCs7Io=
content-type: application/json
date: Sat, 09 Dec 2023 12:50:15 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609&_p=1702126219258&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1091952826.1702126221&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1702126220&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&dt=Manward%20Press&en=scroll&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&epn.percent_scrolled=90&tfd=10160

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609&_p=1702126219258&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1091952826.1702126221&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1702126220&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&dt=Manward%20Press&en=scroll&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&epn.percent_scrolled=90&tfd=10160
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609&_p=1702126219258&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1091952826.1702126221&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1702126220&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&dt=Manward%20Press&en=scroll&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&epn.percent_scrolled=90&tfd=10160 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.manwardpress.com
date: Sat, 09 Dec 2023 12:50:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

analytics.pmsrv.co/v2/track?&a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=s004&weight=0&_ible=1&sid=f5f5bede-baf5-49a3-b3b5-d1c1f8484022&ord=1304526997539908.8&_ii=0&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&ppg=&_tk=%7B%7D

54.230.111.89

204 No Content

0 B

URL GET HTTP/2
analytics.pmsrv.co/v2/track?&a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=s004&weight=0&_ible=1&sid=f5f5bede-baf5-49a3-b3b5-d1c1f8484022&ord=1304526997539908.8&_ii=0&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&ppg=&_tk=%7B%7D
IP
54.230.111.89:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subjectpmsrv.co
Fingerprint75:6B:BA:1B:09:1C:F0:09:3F:A7:0A:8D:BC:E2:85:28:5E:AF:4F:47
ValiditySat, 16 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/track?&a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=s004&weight=0&_ible=1&sid=f5f5bede-baf5-49a3-b3b5-d1c1f8484022&ord=1304526997539908.8&_ii=0&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue&ppg=&_tk=%7B%7D HTTP/1.1
Host: analytics.pmsrv.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 09 Dec 2023 09:38:35 GMT
x-powered-by: Express
cache-control: private, no-cache, no-store, must-revalidate
expires: -1
pragma: no-cache
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fqXG4yYQjkAtTWpgRXelVwd_jc6ZSqHwffowe1z7eaPCGMtWXa7p7w==
age: 11503
X-Firefox-Spdy: h2

c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js

172.67.73.236

200 OK

36 kB

URL GET HTTP/2
c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js
IP
172.67.73.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
36 kB (35580 bytes)
Hash
9540b49971afefdcc3a5f8b148faeab1
b21d31696987a3f01dec22c572164a451078dc18
7fe93561c3918c2afeb2bf9d43c7d9f8a43e4132a54579a3f765cfe26dff0a68

HTTP Headers

GET /api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Cookie: seerid=8f96a13b-24e7-424e-a59a-d8684639fab9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:14 GMT
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 6454
last-modified: Sat, 09 Dec 2023 11:02:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Tzr%2BF7DTIjBfAdc8Mi1XXnufaETKHefZJn1uLatnCeHynFhkYIGXAQZSY04rStYzOWbYo4wXlPNm9W5rYOxDuDvFdHg4uw3dldj0ws12igIxRLk5%2F9%2B1BY4TXaZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d5f697e3bb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

62.115.252.115

512 kB

URL
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
62.115.252.115:0
ASN
#1299 Telia Company AB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
512 kB (511815 bytes)
Hash
152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

HTTP Headers

GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Last-Modified: Thu, 16 Nov 2023 07:38:15 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1700120294.87662
Content-Type: application/zip
X-Trans-Id: tx15b69f172b404fa58b2bb-006555fb11dfw1
Cache-Control: public, max-age=252653
Expires: Tue, 12 Dec 2023 11:01:20 GMT
Date: Sat, 09 Dec 2023 12:50:27 GMT
Connection: keep-alive

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap

142.250.74.106

200 OK

24 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text
Size
24 kB (23516 bytes)
Hash
8f951224eee5d13cb6e5c0c52564cf11
2ea00064796f8a054292ae731394643ed08b7fcf
e436a714148a2710fcf230078fec5c0cfb5d311203960e7b70bf87a2a863e50f

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 12:50:11 GMT
date: Sat, 09 Dec 2023 12:50:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap

142.250.74.106

200 OK

19 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text
Size
19 kB (18670 bytes)
Hash
6cea54965aa223a15ce0ba8ac93cd283
76afec798101be62cbc972b4d319ba0e0bb15ab1
d28bc900afc46b86256434d0c4f4ddbcc8408f8da9e914c53e8d58a8d12accf7

HTTP Headers

GET /css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 12:50:11 GMT
date: Sat, 09 Dec 2023 12:50:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

142.250.74.106

200 OK

8.8 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (9024), with no line terminators
Size
8.8 kB (8784 bytes)
Hash
565832cd9e54dcc65c3c5122daef745a
e8ef7f5920e5bb8b8ab8eaa2fd3e655f6f6ee1e4
eb4a48cc79897f38180a3b2603931f3dc297daab6e538998477784467e823489

HTTP Headers

GET /css?family=Open+Sans:400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 12:50:13 GMT
date: Sat, 09 Dec 2023 12:50:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

104.18.11.207

200 OK

160 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (65324)
Size
160 kB (160403 bytes)
Hash
3afe15e976734d9daac26310110c4594
4f14a09a606c99a11f8fda15564ef66f70402826
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

HTTP Headers

GET /bootstrap/4.5.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"3afe15e976734d9daac26310110c4594"
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 10/31/2023 18:50:52
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e253b5ad4f77c12f2826704c281cb283
cdn-cache: HIT
cf-cache-status: HIT
age: 1202965
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 832d5f577a105691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C

142.250.74.168

200 OK

335 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (40346)
Size
335 kB (335092 bytes)
Hash
fd36081c0d91fa6b6cf9c9dba8d89421
713d099585f87e95b93c0aeb6ff5b399da22e3a5
b486d4bd061d5fe92fee872b2f58aabfd7342a1c21e720b5cf628b671406707d

HTTP Headers

GET /gtm.js?id=GTM-KTM4C7C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 12:50:12 GMT
expires: Sat, 09 Dec 2023 12:50:12 GMT
cache-control: private, max-age=900
last-modified: Sat, 09 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

go.goodlifestylenews.com/mwldark1123/0edf09ebcd410828c106ce09750b4d7a/55/leadsource/2412/1610/445c805f45ca4564b57a14bf72f5d8a1/mpmta

172.67.172.49

302 Found

77 kB

URL User Request GET HTTP/2
go.goodlifestylenews.com/mwldark1123/0edf09ebcd410828c106ce09750b4d7a/55/leadsource/2412/1610/445c805f45ca4564b57a14bf72f5d8a1/mpmta
IP
172.67.172.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
Fingerprint6F:1A:61:CC:60:1F:26:F1:38:1B:42:D6:62:31:00:BC:39:7F:73:8B
ValidityFri, 24 Nov 2023 10:01:12 GMT - Thu, 22 Feb 2024 10:01:11 GMT

File type

Size
77 kB (77007 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mwldark1123/0edf09ebcd410828c106ce09750b4d7a/55/leadsource/2412/1610/445c805f45ca4564b57a14bf72f5d8a1/mpmta HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 09 Dec 2023 12:50:09 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=0edf09ebcd410828c106ce09750b4d7a&product=34730&ar=55&cid=2412&lid=1610&slhash=445c805f45ca4564b57a14bf72f5d8a1&mtaid=mpmta&cid2=[s8]
cache-control: max-age=600
expires: Sat, 09 Dec 2023 13:00:08 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGIbYVMVQH77cuCdAwSTHkqb0rYerFmvt%2F0f2pTqULvVTBomPZq4ZqGDivvKpNlCRVojZ0FagS1%2FSbWzSvw3XEvQ4b2RDiOHqyBrXF7p%2BPGSQHdbQHkRZga9QZBar%2B2VakyLR9PLIqb%2B6Rk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d5f438bde5688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Public+Sans:400,600,700&display=swap

142.250.74.106

200 OK

3.6 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Public+Sans:400,600,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (3717), with no line terminators
Size
3.6 kB (3636 bytes)
Hash
3c5a9b9d15c76b4597555ec2b8fd9c93
b3a4b8d679a2be88b8c9c5112efef81bfff9a858
389fb784d48cf045270dd5f2782824ccb1e61ebb06407e06a5084ad134656561

HTTP Headers

GET /css?family=Public+Sans:400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 12:50:13 GMT
date: Sat, 09 Dec 2023 12:50:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com

143.204.55.94

200 OK

9.7 kB

URL GET HTTP/2
c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com
IP
143.204.55.94:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subjectpmsrv.co
Fingerprint75:6B:BA:1B:09:1C:F0:09:3F:A7:0A:8D:BC:E2:85:28:5E:AF:4F:47
ValiditySat, 16 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (10017), with no line terminators
Size
9.7 kB (9738 bytes)
Hash
e130ffde3103bbbdb95d26907f340524
0f15df26f0c121fed867f7d5b55e177d62832c9e
819d288a38d6aa1a5c4ab287b70c178bab73b6459657fda32a135f2aa921d8c8

HTTP Headers

GET /v1/analytics.js?d=pro.manwardpress.com HTTP/1.1
Host: c.pmsrv.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Fri, 08 Dec 2023 19:59:17 GMT
x-amzn-requestid: b98ce463-d502-4465-a46f-ab787495da65
x-amzn-remapped-content-length: 9738
x-amzn-remapped-connection: close
x-amz-apigw-id: Po9PWF3zSK4Eeeg=
cache-control: private, no-cache, no-store, must-revalidate
expires: -1
x-powered-by: Express
x-amzn-trace-id: Root=1-65737595-183c10d95e878f844d858919;Sampled=0;lineage=c8fdcb33:0
pragma: no-cache
x-amzn-remapped-date: Fri, 08 Dec 2023 19:59:17 GMT
content-encoding: br
etag: W/"260a-0ti1LKcOFAjKF+aS9gUUhwQqEFE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8vdnyYGkoxay_mLgSLuZ70-OzAf_lTj_Sz1CEpcbOSgAueSNp1-QPw==
age: 60656
X-Firefox-Spdy: h2

analytics.pmsrv.co/v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86

54.230.111.89

200 OK

3.0 kB

URL GET HTTP/2
analytics.pmsrv.co/v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86
IP
54.230.111.89:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerAmazon
Subjectpmsrv.co
Fingerprint75:6B:BA:1B:09:1C:F0:09:3F:A7:0A:8D:BC:E2:85:28:5E:AF:4F:47
ValiditySat, 16 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3099), with no line terminators
Size
3.0 kB (3016 bytes)
Hash
e67eeb0a5fde100a9a9b8218be6ff7b7
900455bf5702428b4260ae17a16226e8f730896a
1ac534d6bbb2bfc01317c298911ee45cd0199cadebe1b7d8cf43dd178ec2a49d

HTTP Headers

GET /v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86 HTTP/1.1
Host: analytics.pmsrv.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Sat, 09 Dec 2023 12:34:32 GMT
x-powered-by: Express
cache-control: private, no-cache, no-store, must-revalidate
expires: -1
pragma: no-cache
content-encoding: gzip
etag: W/"bc8-CwjlEyZMeJT2T4gdzys39D9fgms"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e7T3ht_40NWJkSQ0Ofi-VpstbqKhYoCMNktIlYkwchDEFMpDOrLT3A==
age: 942
X-Firefox-Spdy: h2

c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/8f96a13b-24e7-424e-a59a-d8684639fab9?segments=true&mergestate=true&state=%7B%22_uid%22%3A%228f96a13b-24e7-424e-a59a-d8684639fab9%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1702126219918&callback=u_425907214853790460

0.0.0.0

0 B

URL GET
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/8f96a13b-24e7-424e-a59a-d8684639fab9?segments=true&mergestate=true&state=%7B%22_uid%22%3A%228f96a13b-24e7-424e-a59a-d8684639fab9%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1702126219918&callback=u_425907214853790460
IP
0.0.0.0:0
ASN
#0

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/8f96a13b-24e7-424e-a59a-d8684639fab9?segments=true&mergestate=true&state=%7B%22_uid%22%3A%228f96a13b-24e7-424e-a59a-d8684639fab9%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3D48eef4264b4b479e843b139e822e4331%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1702126219918&callback=u_425907214853790460 HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:13 GMT
content-type: application/json
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
access-control-allow-methods: GET
access-control-allow-origin: 
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQXVssBgqNFzDzypibzbyHeUTk4WREJgyMT%2BdMZEtHf1h6xqilEsljv9OhpxCaxKuY9YnbuKfQI1YYc77yq%2BHC7miikJ%2FUxMrVI%2B%2FIaD0ftbN%2FTPyUzCJLVyvj6o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d5f5efd97b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

c.lytics.io/static/pathfora.min.js

172.67.73.236

200 OK

105 kB

URL GET HTTP/2
c.lytics.io/static/pathfora.min.js
IP
172.67.73.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
105 kB (105002 bytes)
Hash
1dda5c62f6d686fe449a9d217388da4b
a2cfd95511bd1a0f8ae3275e44d309c7279c4a69
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b

HTTP Headers

GET /static/pathfora.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Cookie: seerid=8f96a13b-24e7-424e-a59a-d8684639fab9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:14 GMT
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 9
last-modified: Sat, 09 Dec 2023 12:50:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amtLpBtQu0WWiE5y0FvnuQZJ0yB81WKtp%2BN5vxzdRHeUQ6E0SFin9qHLzPlXczQ3j3sHhlCZSjYHduigvNNM8bBweW6yiVB2NK1OzvbjA2BVkZCqiJK9oZ3ns6jX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d5f666b8db4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

c.lytics.io/static/pathfora.min.css

172.67.73.236

200 OK

21 kB

URL GET HTTP/2
c.lytics.io/static/pathfora.min.css
IP
172.67.73.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=48eef4264b4b479e843b139e822e4331&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20939), with no line terminators
Size
21 kB (20939 bytes)
Hash
eecb9ff4af0757a947f791bc35393abc
2d23a8718b63c1cd96a10674bdc92ca61682e85b
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685

HTTP Headers

GET /static/pathfora.min.css HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Cookie: seerid=8f96a13b-24e7-424e-a59a-d8684639fab9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:14 GMT
content-type: text/css; charset=utf-8
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 7150
last-modified: Sat, 09 Dec 2023 10:51:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWxWjnEQ2%2BCTa9fzeN5ma2yXhjIHxapHSgVSApF%2B98G2EoZO0SGYGnpfHYVJP7yFvJzK%2FfMns16QH9xlZCCJWzpg2tqfXU%2FcAcAo86oR6l3wcmIr%2B2mRcCSSqBsT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d5f678c64b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (2)

JavaScript (53)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML