Report - go.goodlifestylenews.com/mwldark1123/bf826571fdea1fe07895c6c76ad71e1e/55/leadsource/2412/1610/445c805f45ca4564b57a14bf72f5d8a1/mpmta

Report Overview

Visited public
2023-12-09 12:50:25
Tags
URL
go.goodlifestylenews.com/mwldark1123/bf826571fdea1fe07895c6c76ad71e1e/55/leadsource/2412/1610/445c805f45ca4564b57a14bf72f5d8a1/mpmta
Finishing URL
pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
IP / ASN
104.21.30.61
#13335 CLOUDFLARENET
Title
Manward Press

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.starfieldtech.com	6616	2003-03-06	2012-06-22 20:08:50	2023-12-09 05:12:42	692 B	5.3 kB	192.124.249.23
www.p3lstrk.com	unknown	2020-08-06	2020-08-10 15:07:26	2023-12-02 10:55:42	522 B	802 B	35.241.49.11
use.typekit.net	494	2010-08-02	2012-07-05 03:42:39	2023-12-09 05:09:32	1.7 kB	4.7 kB	23.33.119.67
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-09 06:34:48	597 B	578 B	142.250.74.163
api.getblueshift.com	9346	2014-03-09	2014-05-10 00:20:22	2023-12-08 19:24:24	695 B	332 B	52.40.78.89
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-09 06:06:20	1.6 kB	76 kB	216.58.207.227
s.yimg.com	375	1997-05-14	2012-05-21 00:45:00	2023-12-08 18:36:52	868 B	8.0 kB	87.248.119.252
analytics.pmsrv.co	unknown	2017-06-20	2022-09-13 11:30:23	2023-12-08 09:57:44	1.2 kB	4.0 kB	54.230.111.2
go.goodlifestylenews.com	unknown	2020-07-10	2022-06-02 23:11:17	2023-12-08 12:31:39	598 B	130 kB	104.21.30.61
portrait-tracker.s3.amazonaws.com	281321	2005-08-18	2019-11-18 11:43:38	2023-12-08 07:33:24	1.4 kB	68 kB	3.5.10.233
embed-cloudfront.wistia.com	unknown	2007-03-18	2022-11-08 05:17:21	2023-12-09 08:21:53	1.6 kB	1.9 MB	143.204.55.78
p.typekit.net	620	2010-08-02	2012-05-23 16:28:57	2023-12-08 05:19:07	2.0 kB	1.4 kB	23.33.119.50
storage.googleapis.com	420	2005-01-25	2012-08-06 08:33:30	2023-12-08 13:55:02	481 B	1.4 kB	142.250.74.123
pro.manwardpress.com	824535	2016-07-21	2017-07-13 16:13:11	2023-12-06 08:36:01	3.3 kB	39 kB	192.135.136.168
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-09 08:02:00	469 B	5.2 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-09 08:21:37	461 B	31 kB	151.101.130.137
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-09 08:02:02	2.6 kB	884 B	216.239.34.36
verifiedwebpage.com	unknown	2022-03-23	2022-03-23 19:03:14	2023-12-08 05:51:23	629 B	78 kB	188.114.97.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-09 07:42:19	2.0 kB	1.6 MB	142.250.74.106
fast.wistia.com	5153	2007-03-18	2012-07-04 02:34:57	2023-12-08 19:31:27	3.3 kB	916 kB	151.101.130.132
dnzkifeab6.execute-api.us-east-1.amazonaws.com	307755	2005-08-18	2021-04-27 13:06:09	2023-12-08 07:40:15	1.1 kB	1.4 kB	143.204.55.5
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-09 08:02:34	506 B	161 kB	104.18.10.207
embed-ssl.wistia.com	22795	2007-03-18	2017-01-29 18:01:09	2023-12-09 05:21:52	511 B	38 kB	143.204.55.78
www.redditstatic.com	1440	2011-11-09	2012-06-30 14:33:28	2023-12-08 18:13:38	424 B	8.4 kB	151.101.129.140
c.pmsrv.co	45333	2017-06-20	2017-11-13 19:10:50	2023-12-08 09:57:44	1.2 kB	5.2 kB	143.204.55.94
bat.bing.com	387	1996-01-29	2014-04-08 11:23:16	2023-12-08 05:23:49	1.7 kB	15 kB	13.107.21.200
cdn.getblueshift.com	12716	2014-03-09	2016-09-19 05:21:38	2023-12-08 13:18:21	424 B	3.4 kB	54.230.111.60
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-09 07:44:59	2.6 kB	594 kB	142.250.74.168
distillery.wistia.com	6708	2007-03-18	2012-09-30 04:46:15	2023-12-09 08:21:53	511 B	410 B	54.230.111.90
s3.amazonaws.com	unknown	2005-08-18	2020-05-13 22:53:44	2023-11-20 03:46:36	2.4 kB	710 kB	54.231.139.80
c.lytics.io	5538	2012-02-18	2015-10-07 14:26:51	2023-12-08 14:23:17	6.1 kB	817 kB	104.26.2.22
pipedream.wistia.com	6958	2007-03-18	2017-01-30 05:30:40	2023-12-08 17:50:40	1.6 kB	1.4 kB	143.204.55.51

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-09	medium	goodlifestylenews.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (53)

	URL	From	Size	First Seen	Last Seen
	fast.wistia.com/assets/external/E-v1.js	ScriptElement	761 kB	2023-12-07	2023-12-11
Pretty URL fast.wistia.com/assets/external/E-v1.js IP 151.101.130.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 20:39 Last Seen2023-12-11 15:44 Times Seen73 Hash 126858c9f3376ca1bc419aa2a2d0af28 51e06cde2e8cc415d06c63e144e6c36d2c95270d 78cf6679aa583fd97b9700d6dafa7e791d7861b72d173df807b5f8f27d246877 Loading...

	fast.wistia.com/assets/external/playPauseLoadingControl.js	ScriptElement	81 kB	2023-11-29	2023-12-12
Pretty URL fast.wistia.com/assets/external/playPauseLoadingControl.js IP 151.101.130.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2023-12-12 14:56 Times Seen192 Hash 31f0b908fbd5fc16bf6737c637b83178 26f5effe6525ca16ceb9815cb26776a8ac36f81c 863614886d87b0fbc5b99b2c002a8e382ab9161cacc1290006ea02e428e09747 Loading...

	unknown	ScriptElement	558 B	2023-06-29	2025-01-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-29 00:01 Last Seen2025-01-12 09:34 Times Seen139 Hash 35b7504e8ea864cf776a9f2a09f6af48 036191a991cc50ba6e26151f5d1052710e5c5afa 82e178bf447a3b4278146398e90d96de8fb3f10b5a749d2181beb036663b1b8f Loading...

	unknown	ScriptElement	269 B	2023-05-03	2025-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 21:53 Last Seen2025-04-17 16:57 Times Seen768 Hash c6a502d6dd91b1ce3b9695996109a487 c537b552faa5bd94e521bb2bc3c7218734160a8b a9b05f01d29af004401ecf51ccceec9591d37d8e404cceee4d82083460009711 Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true	ScriptElement	107 B	2023-03-09	2025-04-17
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 14:56 Last Seen2025-04-17 16:57 Times Seen772 Hash b58dfce79698a4dfa6e4420f7b827fed 5791bc0dcd249392a3fc3d3fb0c2df7e87f2cc63 9dd6293a1360dd5964260b738759aac6909fc781bbd51245924a5849f20f5f94 Loading...

	fast.wistia.com/assets/external/engines/hls_video.js	ScriptElement	484 kB	2023-12-04	2023-12-12
Pretty URL fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.130.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 21:23 Last Seen2023-12-12 14:56 Times Seen117 Hash 6e1e307293f078c95c07db8660ce607a 2a08bcf1166c9707485e568102f7c96e1f933b36 f0150171f993137d09210b10e0629ea4d57a465046ba791adb4bf4a2da978357 Loading...

	www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c	ScriptElement	291 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 13:50 Last Seen2023-12-09 13:50 Times Seen1 Hash ec23ae28a64789aaceb5d01c6f946373 29908acfff2efe94f18c0848fbdf9c5f668fb280 964b92f7c84e612ab8ca1ebb0e653519babb5fea24eeef9a058a46bf35e6c951 Loading...

	c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com	ScriptElement	9.7 kB	2023-11-29	2024-12-11
Pretty URL c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com IP 143.204.55.94 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2024-12-11 03:52 Times Seen110 Hash 7a5bdfac6f7e6d06281a5d72f283fcf5 d2d8b52ca70e1408ca17e692f6051487042a1051 4f2d67f554fdc058d41f8b62af5f31f2794c4253647b3e327c8dfc7cc7ed436b Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true	ScriptElement	42 B	2023-11-29	2024-08-20
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen35 Hash 997cf0ad0c2f7d884f66c64ed9451196 3dadaa3e816c53ac8ee976c2b715a0b85fe56cbf f738e52d0ee578320282656547668eeedaa94182e1a512a9132fbc0533ecd307 Loading...

	unknown	ScriptElement	265 B	2023-03-09	2025-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-17 16:57 Times Seen769 Hash 3204dc8c9407b7683e5587680fdec6e8 d4d51d38513ef6eb078f0c009508d019ed3c8842 6895b5e759cdbe4dbfa804dfdfdaab627939bbf1a6de9b3f4257884a8abffb92 Loading...

	unknown	ScriptElement	422 B	2023-03-09	2025-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-14 18:45 Times Seen50 Hash 033c5a0961f6c6a06907d24ee141d616 f691cf4a4b65ffd91e02ff2fc556389eabe20ec8 b9e9711821aeefc2f4f0dd67401449b2bdabee55ace5b1aa2d7eb78e1268e112 Loading...

	analytics.pmsrv.co/v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86	ScriptElement	3.0 kB	2023-03-14	2025-04-14
Pretty URL analytics.pmsrv.co/v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86 IP 54.230.111.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:40 Last Seen2025-04-14 18:45 Times Seen616 Hash fad20eb8e941eab88130a37297e48327 0b08e513264c7894f64f881dcf2b37f43f5f826b 31969a9254d2e57b3a58d33f19c2247cc20e4cd982e79eb8d2eb05f5f94682a3 Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true	ScriptElement	41 B	2023-03-07	2025-05-11
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:37 Times Seen5297 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true	ScriptElement	1.7 kB	2023-11-29	2024-08-20
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen35 Hash e146364da8f694ea88ed3fc6d5b1c68a b54c057a1ab5441c6f6c01d8812bc4331c1c3fa0 9c65c53079ec0a63c9fb5dd9f4eb3a1a7e86f8607383fe1856db777a9f87425e Loading...

	unknown	ScriptElement	240 B	2023-11-29	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen12 Hash 15a478a38c82134f2d4dedfc235117c5 728de935d36382b1cdd3a4e40d10c514c3eedcab db926948d241a661821b9456cbc5475fc276b5f344d05907e6a65bdcec550f9c Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 22:36 Times Seen342017 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	c.lytics.io/static/pathfora.min.js	ScriptElement	105 kB	2023-11-08	2024-08-20
Pretty URL c.lytics.io/static/pathfora.min.js IP 104.26.2.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 00:41 Last Seen2024-08-20 20:29 Times Seen429 Hash 1dda5c62f6d686fe449a9d217388da4b a2cfd95511bd1a0f8ae3275e44d309c7279c4a69 1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b Loading...

	portrait-tracker.s3.amazonaws.com/promo.js	ScriptElement	25 kB	2023-12-05	2024-08-20
Pretty URL portrait-tracker.s3.amazonaws.com/promo.js IP 3.5.10.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 00:55 Last Seen2024-08-20 16:45 Times Seen80 Hash ade4b9bddef78cf33d60018590245ff8 56fb418a4a3ca2f1510309eda02ca4f75cc6e17d a095f39e85e1eda398ad708a5d835db2972ff7bd06d305519ceb59539d5aa8f7 Loading...

	unknown	ScriptElement	424 B	2023-03-07	2025-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:40 Last Seen2025-04-17 16:57 Times Seen794 Hash 7bec0f36f729827c720a727018a81fe2 670b8295e6f09157d59d2446d550c8d4dee88178 c2a5942d8b537d0ad1483733eb9cad4719d9132c092e9488141fdc84819e5453 Loading...

	c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js	ScriptElement	565 kB	2023-12-08	2023-12-09
Pretty URL c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js IP 104.26.2.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 20:00 Last Seen2023-12-09 13:51 Times Seen9 Hash 9540b49971afefdcc3a5f8b148faeab1 b21d31696987a3f01dec22c572164a451078dc18 7fe93561c3918c2afeb2bf9d43c7d9f8a43e4132a54579a3f765cfe26dff0a68 Loading...

	code.jquery.com/jquery-3.3.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 21:26 Times Seen57576 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	unknown	ScriptElement	326 B	2023-03-09	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2024-12-11 03:52 Times Seen109 Hash 6ed5c46c230df9cc47bb336ad5245443 94f51ab34b2d67e4ac060cf9fa7b4783cd142a77 c20138034173e82be31de2ecb9a7a716bcb28c16ed5f0a0bf25fe264a711f87a Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 22:36 Times Seen341215 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	unknown	ScriptElement	463 B	2023-03-09	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2024-08-21 08:03 Times Seen21 Hash de2d375d0347f124fe53c890db87ce0f 69862e92df7b92a621783a08d05b8719120b03e1 fa6053826a32d9c6376e07c7659868d4103962a6d06b5718f8aeee91894ebbed Loading...

	unknown	ScriptElement	463 B	2023-03-09	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2024-08-21 08:03 Times Seen21 Hash 2ec208a2bb000141c33c2cac96535c7e 7fea8dc585a11decf26de4570987dd188a33193b 9635bc1130fbbb7ee76548b029b7b0df504ca9798dc007ba68db50e06b6e23af Loading...

	pro.manwardpress.com/p/Scripts/Common.js	ScriptElement	2.4 kB	2023-03-09	2025-04-26
Pretty URL pro.manwardpress.com/p/Scripts/Common.js IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-26 09:06 Times Seen3875 Hash ef9b6f612e89926fa10830ad89a7f3b6 faa8fbf56e4834534455c46ba2753118eb554c2e 86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd Loading...

	cdn.getblueshift.com/blueshift.js	ScriptElement	6.6 kB	2023-11-22	2024-08-20
Pretty URL cdn.getblueshift.com/blueshift.js IP 54.230.111.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 06:19 Last Seen2024-08-20 18:22 Times Seen312 Hash 859d16b4786a243736a9b219445eae43 e6dd4c8dcac4df40615338f1e7ecfe50c54aa0d5 393483170bc4a2319e51ea073f4e13b85185948301acce471b482094d11af7c7 Loading...

	unknown	ScriptElement	423 B	2023-03-09	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2024-12-11 03:52 Times Seen109 Hash d2d50aff3f89008fd20f6ff0cd5daa11 c213c1c162bfba8f8dab0e8a4147fed5034bd366 5fe617faf52fd56ad709726edc4fc38d8db33db22d2451605b2a4e22af5db4a9 Loading...

	www.redditstatic.com/ads/pixel.js	ScriptElement	24 kB	2023-06-15	2024-08-29
Pretty URL www.redditstatic.com/ads/pixel.js IP 151.101.129.140 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-15 23:22 Last Seen2024-08-29 17:49 Times Seen4079 Hash 78b6c68984a6ce5b3fcac1c6a9cad00c 02e1d366a17506cea8adfe5a15949aca89719a02 e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f Loading...

	pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true	ScriptElement	2.3 kB	2023-11-29	2024-12-11
Pretty URL pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-29 23:01 Last Seen2024-12-11 03:52 Times Seen108 Hash 87a931c82d501b724673a1902eed5aca 0d2e066c172a2aae222412d161508e6e0948876d 4b12029c24064ea48d5710fc61f45817958747627e3208f88bbc648d51804183 Loading...

	unknown	ScriptElement	396 B	2023-03-07	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:40 Last Seen2024-08-21 09:39 Times Seen405 Hash fcde8b9997bd67cf11862a1149b3ad86 553ea95faef57f8d68dccc1246b7991be64fd70e 112f9d119a1d906f05c1cc18502fb162a1e1096ffc9dec82533825909e8c2787 Loading...

	unknown	ScriptElement	464 B	2023-11-29	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen20 Hash 3ae0d1d642022a0e7ce49cdeea0b5b36 b86067dd6feaf7df8b94e0c145912ba19a374eb7 8fa46adc928c90f78086afe7a8812a978b43387d262d30264ad20e40cd15b9cc Loading...

	c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js	ScriptElement	69 kB	2023-11-08	2024-08-20
Pretty URL c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js IP 104.26.2.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 03:50 Last Seen2024-08-20 20:28 Times Seen116 Hash e62854326dd7bd0cfb2dbd34156ef1b8 1cf7afd34c3fcc830250528db1a268844da45926 37d5713b91ab76efc80f0ae4857adddc1c4f6e5709f3b6112efcb5bd931f7fca Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C	ScriptElement	335 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 13:50 Last Seen2023-12-09 13:51 Times Seen4 Hash d34ee1ba0e3b33f57c38f14a4d242fec 378bb598af1f17ae5e7b69fee2c0451baf97af31 a5027e64d4ae4ee0ae92b159ef96d85cb8184cd178a2a323b75e324ba49ddb84 Loading...

	unknown	ScriptElement	403 B	2023-03-09	2025-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-14 18:45 Times Seen612 Hash 10dd026711893edaa2579012fee51f5e 7aeddcd0b6e595db1ab583d46b7fb04040401877 0e7b422070756f8bfb260d1a67201289ecf50e883079989e274aea15ffbc4879 Loading...

	pro.manwardpress.com/p/Scripts/HideContent.js	ScriptElement	721 B	2023-03-09	2025-04-26
Pretty URL pro.manwardpress.com/p/Scripts/HideContent.js IP 192.135.136.168 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-26 09:06 Times Seen3875 Hash 624fa8179cc49ca9e80737453a6b3367 226693fb4119bc204e4dd3b8d36da8587fd00bb0 809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac Loading...

	unknown	ScriptElement	429 B	2023-11-29	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen35 Hash f3afb7052064e9d9e4c4d680c78d8f6a 3856cf030a60d4e29265269db2cc186aabddb49f 9f1b283bb63ec64b0228b98eed613ef81dbd59280e879523b2815d5b7e464afe Loading...

	unknown	ScriptElement	326 B	2023-05-03	2025-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 21:53 Last Seen2025-04-17 16:57 Times Seen771 Hash 2f39af3bffe6c3d706848e72017ab091 0ace9067f14c6539a3c711084b74752d1c0d6312 cdcc3d173b0f46a400c30d70f03a6792f5312390be92006152db451f67476b47 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C	ScriptElement	217 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 13:50 Last Seen2023-12-09 13:50 Times Seen1 Hash a4b3062be6a7a641cab3820736cea13c 89c9be35c60931efc6be2ebc0a2e71f33951da71 bfb14b5517412479455393cb05cf36a31b62ee31d4537c58cfad661b43b48cb2 Loading...

	fast.wistia.com/assets/external/allIntegrations.js	ScriptElement	23 kB	2023-11-29	2023-12-12
Pretty URL fast.wistia.com/assets/external/allIntegrations.js IP 151.101.130.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2023-12-12 14:56 Times Seen129 Hash 9a9248fb8178a9640de37511b065850f 086459b7f718251f753b82cee05f51c6ca2d3a84 fb7f597f64e9b0c17f7f99fb577f164c36f93f13ffda2ccb736b786e4e705d12 Loading...

	unknown	ScriptElement	3.9 kB	2023-08-11	2025-04-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-11 02:46 Last Seen2025-04-17 16:57 Times Seen770 Hash c73e3d0fea587af6606eb4d912567436 7bbc086d9a6ed3e8c1620ab8cc4e2050dbc548f8 054b3f9520a3bdd1c232e16f3ebbf935f54f9bd93eb0d6192cc3d657f616bed9 Loading...

	s.yimg.com/wi/ytc.js	ScriptElement	18 kB	2023-06-26	2024-08-29
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.252 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 11:33 Last Seen2024-08-29 17:29 Times Seen6264 Hash 5c6ed25dce803fd84288922b8928409e 3ccc10546ae12f160bacac1e9e422af091ea4a41 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Loading...

	bat.bing.com/p/action/15322609.js	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL bat.bing.com/p/action/15322609.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 22:47 Times Seen4657974 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	467 B	2023-03-07	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:40 Last Seen2024-12-11 03:52 Times Seen110 Hash 5205451dbd38fec37040c9f79350e310 b8bdb17a6e5aa92e8f62cae03fb00f5dd4f7f66f c19eac7e9c404a2453ddfbb066d11181c952a47491714626d61c1a0dc62c6186 Loading...

	portrait-tracker.s3.amazonaws.com/all.js	ScriptElement	38 kB	2023-09-05	2024-08-21
Pretty URL portrait-tracker.s3.amazonaws.com/all.js IP 3.5.10.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-05 10:36 Last Seen2024-08-21 07:28 Times Seen133 Hash 1460caa541e7ae81380de414c9d2a67c 7da00cef9b3bf78a75e19c455c247ace72cb9ce8 8e3eae4b3bdc6b8060cfee108e4a703344cdec648e7fb8ac3182e7b3515323a7 Loading...

	portrait-tracker.s3.amazonaws.com/index.html	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL portrait-tracker.s3.amazonaws.com/index.html IP 3.5.10.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 22:47 Times Seen4657974 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/85869cb5-a82a-4bf3-bb9e-ab52de35ed8d?segments=true&mergestate=true&state=%7B%22_uid%22%3A%2285869cb5-a82a-4bf3-bb9e-ab52de35ed8d%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1702126215128&callback=u_468777369028385540	ScriptElement	218 kB	2024-08-20	2024-08-20
Pretty URL c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/85869cb5-a82a-4bf3-bb9e-ab52de35ed8d?segments=true&mergestate=true&state=%7B%22_uid%22%3A%2285869cb5-a82a-4bf3-bb9e-ab52de35ed8d%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1702126215128&callback=u_468777369028385540 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:17 Last Seen2024-08-20 16:17 Times Seen1 Hash 6ed050bedaa21f6413b6db191afe0935 d7aa3eed9e0d4775cf7414586174d230bd747189 5ee85852a25a1ce84ae44d283fce70c1a04f03616713a42f42aa2db060d86023 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG	ScriptElement	282 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 13:50 Last Seen2023-12-09 13:50 Times Seen3 Hash 4881cc552e0e7b3890721b89ba79dab8 042b4c79705a91d04a1d880aea2cb10af5ad148f 5f0b3dd86e9f42b3df08ce79662d107cc7b89a46c9e3a9c02217c0c03270dd1c Loading...

	bat.bing.com/bat.js	ScriptElement	46 kB	2023-11-10	2024-09-19
Pretty URL bat.bing.com/bat.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 23:20 Last Seen2024-09-19 20:57 Times Seen11863 Hash 7f75f159026f3a2c8cccda487b43157b 021cf5c854db063cd79bf0394c24eb994e095640 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 85ee10f7637e8faa856a011acbb6176d	143 B	2023-06-29 00:01	2025-01-12 09:34
Pretty Observations First Seen2023-06-29 00:01 Last Seen2025-01-12 09:34 Times Seen139 Hash 85ee10f7637e8faa856a011acbb6176d b206fe9eb1eb4c82d316921b21f29bbc0e973972 c390908cdc1dd92ffcbadc80608fd508b7cae84fc39bd57cc37f4ba0f6687ba5 Loading...

	#2 Eval - c1b6d812d9d6859ed607be7cc412b11d	21 kB	2023-11-29 23:01	2024-08-20 17:25
Pretty Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen22 Hash c1b6d812d9d6859ed607be7cc412b11d 85d9f1d6f5ab94e9d2f7b79460eb8222afd7bfb1 e1309c30f66ff386fa546dabeeb013f49718ddd5587197272e242f6f0fb0df10 Loading...

	#3 Eval - e88b3d6ad7057fa4a04f8b8648253af6	21 kB	2023-11-29 23:01	2024-08-20 17:25
Pretty Observations First Seen2023-11-29 23:01 Last Seen2024-08-20 17:25 Times Seen22 Hash e88b3d6ad7057fa4a04f8b8648253af6 bc43c330c44cb0a7c136e2af87d72af7abe2c9f1 c1798c766de81dc19c9b3e14aa52c9d53a53c9cd4cc6c18b2e26841c18a2b960 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12 12:17	2024-08-29 17:45
Pretty Observations First Seen2023-03-12 12:17 Last Seen2024-08-29 17:45 Times Seen7112 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (81)

URL IP Response Size

ocsp.starfieldtech.com/

192.124.249.23

2.1 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
2.1 kB (2149 bytes)
Hash
35096d26b87744f0f199d222cc099f34
6558aa86b9e5aca62e8c012b4374d91f47d366e2
3055a2319dea80ccf6dfdbe30632866b6290b20c5e7bc8b5ff49a1c8d061ae28

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 09 Dec 2023 12:50:05 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 09 Dec 2023 02:05:27 GMT
Expires: Sun, 10 Dec 2023 02:05:27 GMT
ETag: "6558aa86b9e5aca62e8c012b4374d91f47d366e2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.p3lstrk.com/2MGNK7T/FNH5DF/?sub1=3415202737506935453

35.241.49.11

302 Found

97 B

URL User Request GET HTTP/2
www.p3lstrk.com/2MGNK7T/FNH5DF/?sub1=3415202737506935453
IP
35.241.49.11:443
ASN
#15169 GOOGLE

Certificate
IssuerStarfield Technologies, Inc.
Subjectof59trk.com
Fingerprint36:4C:C5:0D:80:E5:8B:10:E5:4F:B3:55:F3:FD:5C:E8:EA:BA:69:0F
ValiditySun, 01 Jan 2023 15:34:26 GMT - Fri, 02 Feb 2024 15:34:26 GMT

File type
HTML document, ASCII text
Size
97 B (97 bytes)
Hash
393c5bfc10d123b198b93b295b5dc2ec
b3fa59d735d66e40cf4aeb711daa3a9b7da25394
8e80021c40c2363846190ea318b83810aacf4a5b9c049f0722b3c5b8270ffc61

HTTP Headers

GET /2MGNK7T/FNH5DF/?sub1=3415202737506935453 HTTP/1.1
Host: www.p3lstrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sat, 09 Dec 2023 12:50:05 GMT
content-type: text/html; charset=utf-8
content-length: 97
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://pro.manwardpress.com/m/2261672?s1=b121e554cdb544adb6ae0742b3377b54
set-cookie: uniqueClick_FNH5DF=a6287b4c-97f7-4c21-8879-d7b5ab1b738a:1702126205; Path=/; Expires=Sat, 06 Jan 2024 12:50:05 GMT; Secure; SameSite=None
transaction_id=b121e554cdb544adb6ae0742b3377b54; Path=/; Expires=Fri, 08 Mar 2024 12:50:05 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: dca173eb-6edc-4ec6-9d8d-8bac649f0361
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.41

2.1 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
2.1 kB (2149 bytes)
Hash
35096d26b87744f0f199d222cc099f34
6558aa86b9e5aca62e8c012b4374d91f47d366e2
3055a2319dea80ccf6dfdbe30632866b6290b20c5e7bc8b5ff49a1c8d061ae28

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 09 Dec 2023 12:50:05 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 09 Dec 2023 02:05:27 GMT
Expires: Sun, 10 Dec 2023 02:05:27 GMT
ETag: "6558aa86b9e5aca62e8c012b4374d91f47d366e2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

pro.manwardpress.com/m/2261672?s1=b121e554cdb544adb6ae0742b3377b54

192.135.136.168

301 Moved Permanently

226 B

URL User Request GET HTTP/1.1
pro.manwardpress.com/m/2261672?s1=b121e554cdb544adb6ae0742b3377b54
IP
192.135.136.168:443
ASN
#11372 14WEST-AS

Certificate
IssuerLet's Encrypt
Subjectordertracking2.pubsvs.com
Fingerprint21:30:C0:C7:EE:E3:FC:D2:C5:C5:89:D3:CD:75:43:C9:99:B2:A0:76
ValidityMon, 25 Sep 2023 13:28:41 GMT - Sun, 24 Dec 2023 13:28:40 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
226 B (226 bytes)
Hash
d78364cf00c9a461ac38fe46e249fe43
67798f96ce6e2a38716a47df3d8ade8a9e5ca8a1
93396a3b64370fb8082378baaf19128b170ee3c2d0adf6071cb965ced1755934

HTTP Headers

GET /m/2261672?s1=b121e554cdb544adb6ae0742b3377b54 HTTP/1.1
Host: pro.manwardpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Date: Sat, 09 Dec 2023 12:50:06 GMT
Content-Length: 226
Set-Cookie: 2261672=2677139; expires=Fri, 29-Dec-2023 12:50:06 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!xSca0/szTj/kwEk0QCUGrw3uOK3bWVpPwgKpeF79z31/H0KCmrCnLna549IsrX88YRjBqYs0vL9Z+So=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true

192.135.136.168

200 OK

35 kB

URL User Request GET HTTP/1.1
pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
IP
192.135.136.168:443
ASN
#11372 14WEST-AS

Certificate
IssuerLet's Encrypt
Subjectordertracking2.pubsvs.com
Fingerprint21:30:C0:C7:EE:E3:FC:D2:C5:C5:89:D3:CD:75:43:C9:99:B2:A0:76
ValidityMon, 25 Sep 2023 13:28:41 GMT - Sun, 24 Dec 2023 13:28:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (505), with CRLF, LF line terminators
Size
35 kB (34915 bytes)
Hash
c781a184c77eac7cd588580f43b5bb21
5b8b2072806be8a88030dd02035dfb7b7f6ced72
6da8beea129bb65a526b0628b87ec19c79f7e6eff09eefe8d5966fe67c629236

HTTP Headers

GET /p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true HTTP/1.1
Host: pro.manwardpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: 2261672=2677139; BIGipServerIRIS_PROD_HTTPS_POOL=!xSca0/szTj/kwEk0QCUGrw3uOK3bWVpPwgKpeF79z31/H0KCmrCnLna549IsrX88YRjBqYs0vL9Z+So=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: NMWLZB11=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 12:50:06 GMT
Content-Length: 34915
Strict-Transport-Security: max-age=63072000; includeSubDomains

cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/animate.min.css

104.17.25.14

200 OK

4.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/animate.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65346)
Size
4.2 kB (4216 bytes)
Hash
39aca93cfd689b19cc6241e859642a92
5022a36b3d077c80b0b4a550ddfb280aae28dafe
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4

HTTP Headers

GET /ajax/libs/animate.css/4.0.0/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:07 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb436a8-11848"
last-modified: Thu, 07 May 2020 16:26:16 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 811765
expires: Thu, 28 Nov 2024 12:50:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3C9UeNDW%2Fx1BgZBh3ASk2V%2BkuvcxXdV%2FYpZOP3LNCPp3Adb0tc1tXvOm0XbUmq5oF1dofmTrnp8qCgnPd7QOdV7d3vc%2F5fVo04aue%2FXrPf64zjfrPrYwnHCV93LX3sNthlLdoni"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 832d5f3a7f8d5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.3.1.min.js

151.101.130.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.3.1.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
30 kB (30288 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1538f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:07 GMT
age: 7324006
x-served-by: cache-lga13622-LGA, cache-bma1636-BMA
x-cache: HIT, HIT
x-cache-hits: 24, 179543
x-timer: S1702126207.129626,VS0,VE0
vary: Accept-Encoding
content-length: 30288
X-Firefox-Spdy: h2

go.goodlifestylenews.com/mwldark1123/bf826571fdea1fe07895c6c76ad71e1e/55/leadsource/2412/1610/445c805f45ca4564b57a14bf72f5d8a1/mpmta

104.21.30.61

302 Found

129 kB

URL User Request GET HTTP/2
go.goodlifestylenews.com/mwldark1123/bf826571fdea1fe07895c6c76ad71e1e/55/leadsource/2412/1610/445c805f45ca4564b57a14bf72f5d8a1/mpmta
IP
104.21.30.61:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
Fingerprint6F:1A:61:CC:60:1F:26:F1:38:1B:42:D6:62:31:00:BC:39:7F:73:8B
ValidityFri, 24 Nov 2023 10:01:12 GMT - Thu, 22 Feb 2024 10:01:11 GMT

File type
data
Size
129 kB (129063 bytes)
Hash
2dfa35fa3c2d63da5bfe8edd5f3cb8df
91ccdd64c31762cb4b0ba8590c35654f381804d5
ccdc75767848c8593a6723e2c63b44377c509e8a8af6f323ac86abef3ff2b800

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mwldark1123/bf826571fdea1fe07895c6c76ad71e1e/55/leadsource/2412/1610/445c805f45ca4564b57a14bf72f5d8a1/mpmta HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 09 Dec 2023 12:50:04 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=bf826571fdea1fe07895c6c76ad71e1e&product=34730&ar=55&cid=2412&lid=1610&slhash=445c805f45ca4564b57a14bf72f5d8a1&mtaid=mpmta&cid2=[s8]
cache-control: max-age=600
expires: Sat, 09 Dec 2023 13:00:03 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTbzqLj1gn%2B%2BlkYNi%2BV9GBGbj88KNPkStAsoWhDorzAkQOddJAISBQ20WDcqVIHdWnrJcp%2FD%2BuDewEBZkRhrDmR366IBtBq9w2ROqg71Zian%2F3qoRQF%2B8YZpNLxhA6M57bSgM0rSOWBIMnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d5f261c58712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pro.manwardpress.com/p/Scripts/Common.js

192.135.136.168

200 OK

1.1 kB

URL GET HTTP/1.1
pro.manwardpress.com/p/Scripts/Common.js
IP
192.135.136.168:443
ASN
#11372 14WEST-AS

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking2.pubsvs.com
Fingerprint21:30:C0:C7:EE:E3:FC:D2:C5:C5:89:D3:CD:75:43:C9:99:B2:A0:76
ValidityMon, 25 Sep 2023 13:28:41 GMT - Sun, 24 Dec 2023 13:28:40 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.1 kB (1140 bytes)
Hash
2fa1e7a35bfa376eff7f1426fc4a8afa
008b48dbd95a158542969743c18d0bc33e0a9384
857d94bd23b6437baa66255e1d507ad4a23d75ef9a271fb3e1303dc7dd0aced9

HTTP Headers

GET /p/Scripts/Common.js HTTP/1.1
Host: pro.manwardpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
DNT: 1
Connection: keep-alive
Cookie: 2261672=2677139; BIGipServerIRIS_PROD_HTTPS_POOL=!xSca0/szTj/kwEk0QCUGrw3uOK3bWVpPwgKpeF79z31/H0KCmrCnLna549IsrX88YRjBqYs0vL9Z+So=; NMWLZB11=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "a37f814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 12:50:06 GMT
Content-Length: 1140
Strict-Transport-Security: max-age=63072000; includeSubDomains

pro.manwardpress.com/p/Scripts/HideContent.js

192.135.136.168

200 OK

466 B

URL GET HTTP/1.1
pro.manwardpress.com/p/Scripts/HideContent.js
IP
192.135.136.168:443
ASN
#11372 14WEST-AS

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking2.pubsvs.com
Fingerprint21:30:C0:C7:EE:E3:FC:D2:C5:C5:89:D3:CD:75:43:C9:99:B2:A0:76
ValidityMon, 25 Sep 2023 13:28:41 GMT - Sun, 24 Dec 2023 13:28:40 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
466 B (466 bytes)
Hash
cc54a637e514fddfe0be2e7c2d062e5b
a0f97813508d22d71f015b93cc8dfdcee65acdfd
580942b09dd77a53c0501f35a1d6c61cbcff1d504a6efb0dfa5d77cbdb1af741

HTTP Headers

GET /p/Scripts/HideContent.js HTTP/1.1
Host: pro.manwardpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
DNT: 1
Connection: keep-alive
Cookie: 2261672=2677139; BIGipServerIRIS_PROD_HTTPS_POOL=!xSca0/szTj/kwEk0QCUGrw3uOK3bWVpPwgKpeF79z31/H0KCmrCnLna549IsrX88YRjBqYs0vL9Z+So=; NMWLZB11=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "bbcd814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 12:50:06 GMT
Content-Length: 466
Strict-Transport-Security: max-age=63072000; includeSubDomains

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap

142.250.74.106

200 OK

1.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
gzip compressed data, max compression
Size
1.5 kB (1488 bytes)
Hash
94f81aa6c564f6951ab0cac268ccd2ed
0c8ae09bc637b14b4067a0476cf7aeebe67a264b
f4bd0eec75c4dfbd49f2def6e7a6a2c5afea47ec47e83c0e05592f86d1f8f533

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 12:50:07 GMT
date: Sat, 09 Dec 2023 12:50:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap

142.250.74.106

200 OK

1.6 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
gzip compressed data, max compression
Size
1.6 kB (1589 bytes)
Hash
2f8bc71a87b26ab3c3b1c5aa1ec2540a
04ffa25f2768351718b7cd1e03a7dc045d26be8c
2f1b31eb2ff4ed490c410b784710ff4ccc5156a55b74db32979ca9685e59052f

HTTP Headers

GET /css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 12:50:07 GMT
date: Sat, 09 Dec 2023 12:50:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

portrait-tracker.s3.amazonaws.com/promo.js

3.5.10.233

200 OK

25 kB

URL GET HTTP/1.1
portrait-tracker.s3.amazonaws.com/promo.js
IP
3.5.10.233:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
25 kB (25222 bytes)
Hash
ade4b9bddef78cf33d60018590245ff8
56fb418a4a3ca2f1510309eda02ca4f75cc6e17d
a095f39e85e1eda398ad708a5d835db2972ff7bd06d305519ceb59539d5aa8f7

HTTP Headers

GET /promo.js HTTP/1.1
Host: portrait-tracker.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: EfNkXpeP6YdTZHl8bRDodcZ+iyPL38E+bpQcLn1q6haq7FRHa/xcyhZjfbDdHPduzigIIhnxAVuuaGsOkj9KfA==
x-amz-request-id: D4SHAKQPABWXHXCT
Date: Sat, 09 Dec 2023 12:50:08 GMT
Last-Modified: Mon, 04 Dec 2023 18:30:38 GMT
ETag: "ade4b9bddef78cf33d60018590245ff8"
x-amz-server-side-encryption: AES256
x-amz-version-id: cXC3qWJAccekxs7Ey.uMIQ5gFtuOBV.4
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 25222

portrait-tracker.s3.amazonaws.com/all.js

3.5.10.233

200 OK

38 kB

URL GET HTTP/1.1
portrait-tracker.s3.amazonaws.com/all.js
IP
3.5.10.233:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (38500), with no line terminators
Size
38 kB (38500 bytes)
Hash
1460caa541e7ae81380de414c9d2a67c
7da00cef9b3bf78a75e19c455c247ace72cb9ce8
8e3eae4b3bdc6b8060cfee108e4a703344cdec648e7fb8ac3182e7b3515323a7

HTTP Headers

GET /all.js HTTP/1.1
Host: portrait-tracker.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: pl1MYc7lQgJYtXeUxAgoRxmuPa2blG0cXCbmmIj8q7SfnVSnXXt0OYFP+KUTSjsjO14vYwQaw49YoR1/P2EXKw==
x-amz-request-id: D4SKFW844NE89NSB
Date: Sat, 09 Dec 2023 12:50:08 GMT
Last-Modified: Wed, 30 Aug 2023 15:02:46 GMT
ETag: "1460caa541e7ae81380de414c9d2a67c"
x-amz-server-side-encryption: AES256
x-amz-version-id: 7g4s3_ZTCbOwPNu0yskg5_y26GtP5xQS
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 38500

s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles.css

54.231.139.80

200 OK

27 kB

URL GET HTTP/1.1
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles.css
IP
54.231.139.80:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
27 kB (27215 bytes)
Hash
a77364a3685f408e9802843ec2099f5f
7ae957ac205073e4f1430edf476431c4bef10d5c
f94f1ee66752e3577dbf42e5b264db35f3a83a71b95c1ed433701a458960fb59

HTTP Headers

GET /assets.manwardpress.com/promo/MWL/dark/styles.css HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: m+RrbZ1Tb4rI7YGjiWKHhCVk68nJYWt6t0mVNmkbTRsnZMWCdfRLQdcd6fscF/e0p03lzHwCQTg=
x-amz-request-id: D4SNRKEDWAA1BHSS
Date: Sat, 09 Dec 2023 12:50:08 GMT
Last-Modified: Fri, 03 Nov 2023 15:37:48 GMT
ETag: "a77364a3685f408e9802843ec2099f5f"
x-amz-server-side-encryption: AES256
x-amz-version-id: 8MfX2jDe5m7dvAdrTvDDoryIZhDJ3wxY
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 27215

cdn.getblueshift.com/blueshift.js

54.230.111.60

200 OK

2.8 kB

URL GET HTTP/1.1
cdn.getblueshift.com/blueshift.js
IP
54.230.111.60:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
Fingerprint29:49:01:4C:AB:3A:C5:E4:F6:F2:67:75:BE:5B:FF:4B:F3:5C:EC:47
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6564), with no line terminators
Size
2.8 kB (2805 bytes)
Hash
859d16b4786a243736a9b219445eae43
e6dd4c8dcac4df40615338f1e7ecfe50c54aa0d5
393483170bc4a2319e51ea073f4e13b85185948301acce471b482094d11af7c7

HTTP Headers

GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2805
Connection: keep-alive
Last-Modified: Tue, 21 Nov 2023 12:16:06 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 09 Dec 2023 12:33:30 GMT
Cache-Control: max-age=3600
ETag: "e7a548f293fa4dad39c906cae250b1ed"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rtMVsBAq9zlEtAUD-vOx1QMKWBBwmPQMmA3feyxzFDrMGg9RoLRnkQ==
Age: 998

fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19388, version 1.0
Size
19 kB (19388 bytes)
Hash
f816f16f297c801aaf01ff43c9fcd563
2e9e2c80bc5aa5f01f75cd486baa1769f53dea5e
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e

HTTP Headers

GET /s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19388
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:44:48 GMT
expires: Fri, 06 Dec 2024 15:44:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Jul 2023 20:53:09 GMT
content-type: font/woff2
age: 162319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

104.26.2.22

200 OK

121 kB

URL GET HTTP/2
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
IP
104.26.2.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
121 kB (121222 bytes)
Hash
e62854326dd7bd0cfb2dbd34156ef1b8
1cf7afd34c3fcc830250528db1a268844da45926
37d5713b91ab76efc80f0ae4857adddc1c4f6e5709f3b6112efcb5bd931f7fca

HTTP Headers

GET /api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:07 GMT
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 6452
last-modified: Sat, 09 Dec 2023 11:02:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F81491yu%2FfMPq9%2B2MFqQxDDnFjFv%2Bry4fV595aEcc1vVBNvPSDXXqIIdfXnCrGIZABv3bprP%2F31LgSFS%2BtnLA1iYxOr%2BrhkOrkrb3ZxKA5P56O9npou7%2F2s%2BNnEL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d5f3def241c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kanit/v15/nKKX-Go6G5tXcraQKwKAcA.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/kanit/v15/nKKX-Go6G5tXcraQKwKAcA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19916, version 1.0
Size
20 kB (19916 bytes)
Hash
fb872dc738752b156c722c2acb7cfae5
ec5924c1493d6d784f49ce61dde66c0aea5c986d
864cc08aa6c75c74cf8488a6829c00117d583ddb54c0b39f96b4499ce3b4e9d1

HTTP Headers

GET /s/kanit/v15/nKKX-Go6G5tXcraQKwKAcA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19916
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:54:14 GMT
expires: Fri, 06 Dec 2024 15:54:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Jul 2023 20:54:11 GMT
content-type: font/woff2
age: 161753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/OF/asi-profit-and-protect-ipad.png

54.231.139.80

200 OK

233 kB

URL GET HTTP/1.1
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/OF/asi-profit-and-protect-ipad.png
IP
54.231.139.80:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
PNG image data, 1097 x 976, 8-bit/color RGBA, non-interlaced
Size
233 kB (232844 bytes)
Hash
346f2e0aa4ffdc608e5c78eb20e57035
6a71b5f122fe06c31f6094e08c69fbc8dc547b15
66d056fc5eec74ee8809f641e63cd1fc2ce993807f56060fb54295aedbe93eb6

HTTP Headers

GET /assets.manwardpress.com/promo/MWL/dark/OF/asi-profit-and-protect-ipad.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: ICxRRkDXt6FzLman0iGhTIVNmpXcxxFf9gRrAxnWV9ljFPcrXJNGII/wNIQQSfJ2oKi+K9O6SMI=
x-amz-request-id: D4SMX2MQM09VE2GW
Date: Sat, 09 Dec 2023 12:50:08 GMT
Last-Modified: Mon, 06 Nov 2023 17:17:43 GMT
ETag: "346f2e0aa4ffdc608e5c78eb20e57035"
x-amz-server-side-encryption: AES256
x-amz-version-id: UKHR_rSfd1Jp9XcsrMHwhadqLc4Geqsh
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 232844

fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

216.58.207.227

200 OK

34 kB

URL GET HTTP/2
fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34328, version 1.0
Size
34 kB (34328 bytes)
Hash
6581ab53c220b5828e37162349375431
1922912ca5ab6eb5a55db138b183b38d066e85c8
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

HTTP Headers

GET /s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 04:53:27 GMT
expires: Fri, 06 Dec 2024 04:53:27 GMT
cache-control: public, max-age=31536000
age: 201401
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/jupsr1090a.json

151.101.130.132

200 OK

1.6 kB

URL GET HTTP/2
fast.wistia.com/embed/medias/jupsr1090a.json
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
JSON data
Size
1.6 kB (1643 bytes)
Hash
b4a6d47dbf95c17586a4523e2e2d24de
dd75494f72aaf9e1242ebb0c85321aaec9e982a2
f0f3fc22031576f70a3635059f4308ae3ebf499a72f51e605d7fcc96b26e24b2

HTTP Headers

GET /embed/medias/jupsr1090a.json HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"f0f3fc22031576f70a3635059f4308ae"
x-request-id: 4019a7bc-9abd-4ed3-881b-f0a54f3ccb9c
x-runtime: 0.037752
content-encoding: br
x-envoy-upstream-service-time: 40
via: 1.1 fe9f3a9bfd72e25ec0825c1236d3d8e8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: MIA3-C4
x-amz-cf-id: HPqi5kb_I1k7RHHYCfeEezTEeLLD25LTbBmHxd0zu_anfvY7kPFdpQ==
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:08 GMT
age: 87466
x-served-by: cache-iad-kjyo7100109-IAD, cache-bma1657-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 265, 1
x-timer: S1702126208.257249,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1643
X-Firefox-Spdy: h2

portrait-tracker.s3.amazonaws.com/index.html

3.5.10.233

200 OK

2.4 kB

URL GET HTTP/1.1
portrait-tracker.s3.amazonaws.com/index.html
IP
3.5.10.233:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
2.4 kB (2371 bytes)
Hash
c029f674b13b082e9a03b16217c3f576
f8ac05a2a24d42c863275c8dfd7e94486a237d0b
9b6554e3dbe9e11702720eb95ef8808b4e1e307bbec908ab5e6d0e1da2294470

HTTP Headers

GET /index.html HTTP/1.1
Host: portrait-tracker.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Ujv1c8+CRu0Ho9Q9AWriI2rVStYjerRyj45rrSmPam2YJ/NLtF6TAwGzHiJxoN05Wpho0foqZHwLzVBHC4D51Q==
x-amz-request-id: 69MASRPXGS7GYQRM
Date: Sat, 09 Dec 2023 12:50:09 GMT
Last-Modified: Wed, 03 Nov 2021 21:10:09 GMT
ETag: "c029f674b13b082e9a03b16217c3f576"
x-amz-version-id: X1zblgbOV1d.Qkc55AyQidmgNGbabuW5
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 2371

c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1702126215057&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&_v=3.0.35&_uid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d&_getid=t

104.26.2.22

200 OK

35 B

URL GET HTTP/2
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1702126215057&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&_v=3.0.35&_uid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d&_getid=t
IP
104.26.2.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1702126215057&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&_v=3.0.35&_uid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d&_getid=t HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:08 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: seerid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d; Path=/; Domain=lytics.io; Max-Age=77760000; Secure; SameSite=None
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJspKvso9m9tuCK7SIU06E4gMxHunfAr0yy6pzuNBvMh3CHK5w%2BzAtqATOEauM%2BVoVbodx7JWzhTp8hypFf%2FOQMpp9GrTBTRo%2Bxx6zFAt%2FiI6Kqe9JI6kWce%2BKPx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d5f4169431c0e-OSL
X-Firefox-Spdy: h2

s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/bg.png

54.231.139.80

200 OK

127 kB

URL GET HTTP/1.1
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/bg.png
IP
54.231.139.80:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
PNG image data, 2000 x 1200, 8-bit colormap, non-interlaced
Size
127 kB (127021 bytes)
Hash
6f458a92f3fe9527d69e75be25a8a32a
5b8900e5412897168cecdbe1829a520fd326cd93
af3f431637d5f12cdf40c46fbd61b6172dbcf29472a33716de58c3a5f8b962a6

HTTP Headers

GET /assets.manwardpress.com/promo/MWL/dark/bg.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: sSU3CTDkPIScjZxZzbduARvswxsjhgPrE2acspjiWb4nF6NAiqX7xFU1TROf+sT2uGWMn6er8tk=
x-amz-request-id: 69MC7K16CGVK1WC5
Date: Sat, 09 Dec 2023 12:50:09 GMT
Last-Modified: Fri, 27 Oct 2023 17:14:09 GMT
ETag: "6f458a92f3fe9527d69e75be25a8a32a"
x-amz-server-side-encryption: AES256
x-amz-version-id: t0pnOFM2wSkzC0PVz2VuslCpwv2vdO4N
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 127021

fast.wistia.com/assets/external/playPauseLoadingControl.js

151.101.130.132

200 OK

21 kB

URL GET HTTP/2
fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65455)
Size
21 kB (21129 bytes)
Hash
31f0b908fbd5fc16bf6737c637b83178
26f5effe6525ca16ceb9815cb26776a8ac36f81c
863614886d87b0fbc5b99b2c002a8e382ab9161cacc1290006ea02e428e09747

HTTP Headers

GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "b09d2ef450c9011369afee5fc7a5a161"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:08 GMT
age: 3298
x-served-by: cache-iad-kjyo7100036-IAD, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 68, 76
x-timer: S1702126209.548057,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 21129
X-Firefox-Spdy: h2

s3.amazonaws.com/assets.manwardpress.com/favicon.png

54.231.139.80

200 OK

524 B

URL GET HTTP/1.1
s3.amazonaws.com/assets.manwardpress.com/favicon.png
IP
54.231.139.80:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced
Size
524 B (524 bytes)
Hash
ecc1bd1d1cbccff2b4d8d68e630dfc10
c434a84131752093f031f8097b1efde89465a20d
1517ed0281ec8256ac007c3de7c96cec87188715989358baf4eb52fb660876c5

HTTP Headers

GET /assets.manwardpress.com/favicon.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 0iGMfGQfEymAEPTSp43QI28Pujj/ArgF9KggigYQp5FdGCL5Ul2jI8F1C6nMWhLJyqw0F9KXDas=
x-amz-request-id: 69MDFP0981SSH8XW
Date: Sat, 09 Dec 2023 12:50:09 GMT
Last-Modified: Fri, 26 Mar 2021 14:07:46 GMT
ETag: "ecc1bd1d1cbccff2b4d8d68e630dfc10"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 524

pro.manwardpress.com/p/effortattributes/extractEffortattributes/NMWLZB11

192.135.136.168

200 OK

691 B

URL GET HTTP/1.1
pro.manwardpress.com/p/effortattributes/extractEffortattributes/NMWLZB11
IP
192.135.136.168:443
ASN
#11372 14WEST-AS

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking2.pubsvs.com
Fingerprint21:30:C0:C7:EE:E3:FC:D2:C5:C5:89:D3:CD:75:43:C9:99:B2:A0:76
ValidityMon, 25 Sep 2023 13:28:41 GMT - Sun, 24 Dec 2023 13:28:40 GMT

File type
JSON data
Size
691 B (691 bytes)
Hash
95c6f6c8aa14ee1ed3fea65ff63015ab
f1b98087c3a0f34985ca8d2eb798759ccc823b6f
3c1795c82ab9ff3b5d85ad12bb520625b8bf1086056062f335601db5b37c0035

HTTP Headers

GET /p/effortattributes/extractEffortattributes/NMWLZB11 HTTP/1.1
Host: pro.manwardpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
DNT: 1
Connection: keep-alive
Cookie: 2261672=2677139; BIGipServerIRIS_PROD_HTTPS_POOL=!xSca0/szTj/kwEk0QCUGrw3uOK3bWVpPwgKpeF79z31/H0KCmrCnLna549IsrX88YRjBqYs0vL9Z+So=; NMWLZB11=; seerses=e; seerid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 12:50:07 GMT
Content-Length: 691
Strict-Transport-Security: max-age=63072000; includeSubDomains

www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c

142.250.74.168

200 OK

95 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (7711)
Size
95 kB (95317 bytes)
Hash
ec23ae28a64789aaceb5d01c6f946373
29908acfff2efe94f18c0848fbdf9c5f668fb280
964b92f7c84e612ab8ca1ebb0e653519babb5fea24eeef9a058a46bf35e6c951

HTTP Headers

GET /gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 12:50:08 GMT
expires: Sat, 09 Dec 2023 12:50:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fast.wistia.com/assets/external/engines/hls_video.js

151.101.130.132

200 OK

118 kB

URL GET HTTP/2
fast.wistia.com/assets/external/engines/hls_video.js
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
118 kB (117668 bytes)
Hash
6e1e307293f078c95c07db8660ce607a
2a08bcf1166c9707485e568102f7c96e1f933b36
f0150171f993137d09210b10e0629ea4d57a465046ba791adb4bf4a2da978357

HTTP Headers

GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "5258bd9b9f222d0dd6df0056cd2b7524"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:08 GMT
age: 3504
x-served-by: cache-iad-kcgs7200099-IAD, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 64, 54
x-timer: S1702126209.816714,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 117668
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C

142.250.74.168

200 OK

79 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (4660)
Size
79 kB (78837 bytes)
Hash
a4b3062be6a7a641cab3820736cea13c
89c9be35c60931efc6be2ebc0a2e71f33951da71
bfb14b5517412479455393cb05cf36a31b62ee31d4537c58cfad661b43b48cb2

HTTP Headers

GET /gtm.js?id=GTM-TJ3NG7C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 12:50:08 GMT
expires: Sat, 09 Dec 2023 12:50:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 09 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG

142.250.74.168

200 OK

82 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (64013)
Size
82 kB (81829 bytes)
Hash
4881cc552e0e7b3890721b89ba79dab8
042b4c79705a91d04a1d880aea2cb10af5ad148f
5f0b3dd86e9f42b3df08ce79662d107cc7b89a46c9e3a9c02217c0c03270dd1c

HTTP Headers

GET /gtm.js?id=GTM-5S9B9GG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 12:50:08 GMT
expires: Sat, 09 Dec 2023 12:50:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 09 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait?page.url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&page.timestamp=1702126214606&page.page_domain=pro.manwardpress.com&page.page_referrer=&page.page_title=Manward%20Press&page.page_name=DARKTO99MWLLT2YRDSCBP&page.promocode=NMWLZB11&page.page_type=promo%20page&page.abandon_time=300000&page.system=Iris&page.page_template_type=video&identity.sessionid=_g8o8crk466w&identity.device_width=large&identity.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&identity.clientid=5852adac-7445-43e8-a5a6-96a8f352c9d2&identity.lytics_uid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d&identity.first_touch=pro.manwardpress.com&effort.ScheduledDate=11%2F06%2F2023&effort.ScheduleTime=&effort.PromoCode=NMWLZB11&effort.EffortId=2677139&effort.MultivariateId=2261672&effort.EffortType=Dedicated&effort.ItemCode=MWL&effort.ItemName=Manward%20Money%20Report&effort.ItemType=Subscription&effort.ItemSubscriptionType=FrontEnd&effort.AdvantageListCode=&effort.ListName=8020%20Publishing&effort.PlacementName=Dedicated&effort.SegmentName=All&effort.TagsName_len=1&effort.TagsName_json=%5B%22Affiliates%22%5D&effort.TagsName=Affiliates&effort.Advertisement=&effort.Page1=DarkTO49%20(Video)&effort.Page1Status=Active&effort.Page2=&effort.Page2Status=&effort.OfferStatus=Active&effort.TreeName=DarkTO99%20(Video)&effort.TreeStatus=Active&effort.MediaChannel=N%20-%20Agora%20Swap%20Website&effort.AcquisitionMethod=UX%20-%20Web%2FEmail%20Promo%20External&effort.CampaignName=MWL%20Dark&effort.timestamp=1702126214606&_ts=1702126215669&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&_uid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d&_v=3.0.35&_uido=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d

104.26.2.22

200 OK

35 B

URL GET HTTP/2
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait?page.url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&page.timestamp=1702126214606&page.page_domain=pro.manwardpress.com&page.page_referrer=&page.page_title=Manward%20Press&page.page_name=DARKTO99MWLLT2YRDSCBP&page.promocode=NMWLZB11&page.page_type=promo%20page&page.abandon_time=300000&page.system=Iris&page.page_template_type=video&identity.sessionid=_g8o8crk466w&identity.device_width=large&identity.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&identity.clientid=5852adac-7445-43e8-a5a6-96a8f352c9d2&identity.lytics_uid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d&identity.first_touch=pro.manwardpress.com&effort.ScheduledDate=11%2F06%2F2023&effort.ScheduleTime=&effort.PromoCode=NMWLZB11&effort.EffortId=2677139&effort.MultivariateId=2261672&effort.EffortType=Dedicated&effort.ItemCode=MWL&effort.ItemName=Manward%20Money%20Report&effort.ItemType=Subscription&effort.ItemSubscriptionType=FrontEnd&effort.AdvantageListCode=&effort.ListName=8020%20Publishing&effort.PlacementName=Dedicated&effort.SegmentName=All&effort.TagsName_len=1&effort.TagsName_json=%5B%22Affiliates%22%5D&effort.TagsName=Affiliates&effort.Advertisement=&effort.Page1=DarkTO49%20(Video)&effort.Page1Status=Active&effort.Page2=&effort.Page2Status=&effort.OfferStatus=Active&effort.TreeName=DarkTO99%20(Video)&effort.TreeStatus=Active&effort.MediaChannel=N%20-%20Agora%20Swap%20Website&effort.AcquisitionMethod=UX%20-%20Web%2FEmail%20Promo%20External&effort.CampaignName=MWL%20Dark&effort.timestamp=1702126214606&_ts=1702126215669&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&_uid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d&_v=3.0.35&_uido=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d
IP
104.26.2.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /c/9c32784e3cc4888a693a7988ad64c63d/portrait?page.url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&page.timestamp=1702126214606&page.page_domain=pro.manwardpress.com&page.page_referrer=&page.page_title=Manward%20Press&page.page_name=DARKTO99MWLLT2YRDSCBP&page.promocode=NMWLZB11&page.page_type=promo%20page&page.abandon_time=300000&page.system=Iris&page.page_template_type=video&identity.sessionid=_g8o8crk466w&identity.device_width=large&identity.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&identity.clientid=5852adac-7445-43e8-a5a6-96a8f352c9d2&identity.lytics_uid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d&identity.first_touch=pro.manwardpress.com&effort.ScheduledDate=11%2F06%2F2023&effort.ScheduleTime=&effort.PromoCode=NMWLZB11&effort.EffortId=2677139&effort.MultivariateId=2261672&effort.EffortType=Dedicated&effort.ItemCode=MWL&effort.ItemName=Manward%20Money%20Report&effort.ItemType=Subscription&effort.ItemSubscriptionType=FrontEnd&effort.AdvantageListCode=&effort.ListName=8020%20Publishing&effort.PlacementName=Dedicated&effort.SegmentName=All&effort.TagsName_len=1&effort.TagsName_json=%5B%22Affiliates%22%5D&effort.TagsName=Affiliates&effort.Advertisement=&effort.Page1=DarkTO49%20(Video)&effort.Page1Status=Active&effort.Page2=&effort.Page2Status=&effort.OfferStatus=Active&effort.TreeName=DarkTO99%20(Video)&effort.TreeStatus=Active&effort.MediaChannel=N%20-%20Agora%20Swap%20Website&effort.AcquisitionMethod=UX%20-%20Web%2FEmail%20Promo%20External&effort.CampaignName=MWL%20Dark&effort.timestamp=1702126214606&_ts=1702126215669&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&_uid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d&_v=3.0.35&_uido=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Cookie: seerid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:08 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZFny%2BB9SXiuOEhYtKEbVatgEf8bq13XtmV8ZEAmANj8T%2FtztQTBNg0e1QDGGpbIHUgpBuTGt6F01rWNzbRMAotZTDVik%2BWYy8rj4dfJrh%2FAN1lk9cnHjUgUOnUk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d5f44cbbd1c0e-OSL
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 62
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 12:50:08 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2UuBDlIM6XvSgb8B1D6od1zdQQL3lh4dfU-trKtpgy3IFynQQZBAVw==
X-Firefox-Spdy: h2

s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css

54.231.139.80

200 OK

320 kB

URL GET HTTP/1.1
s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
IP
54.231.139.80:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjects3.amazonaws.com
FingerprintA6:0A:22:E1:56:35:ED:0D:1D:46:99:79:4D:17:07:70:1F:EE:1D:B6
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
320 kB (320044 bytes)
Hash
48675c50d74a44b365f09b856784ef85
9a9079ed745b845985b1cdf7816d4c8de5ecee2e
a797c2308c39d7f9ef25337b020a4321e5256c8cddae6e3b4f25b18dcfcdd53a

HTTP Headers

GET /assets.oxfordclub.com/css/global/lytics-styles.css HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Xd1gmjbI1uovcEs0960iXx5e2yeFDKIGmBH4sz822/kGzyaBfsUGr8Hrs6RQUTw6907g+dPimJw=
x-amz-request-id: 69MC3TD0CEQT5AVF
Date: Sat, 09 Dec 2023 12:50:09 GMT
Last-Modified: Thu, 07 Dec 2023 20:33:03 GMT
ETag: "48675c50d74a44b365f09b856784ef85"
x-amz-server-side-encryption: AES256
x-amz-version-id: Xwtq9VgVuBUMlWQB.46vckHGj2y7ON.P
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 320044

fast.wistia.com/embed/medias/jupsr1090a.m3u8

151.101.130.132

200 OK

943 B

URL GET HTTP/2
fast.wistia.com/embed/medias/jupsr1090a.m3u8
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
M3U playlist, ASCII text
Size
943 B (943 bytes)
Hash
7d7d6fbbcb682828f780674a440f620c
7fec30bd73e0c740c5930b48aa22448fddb059b1
6c22225f1e71845451b6d2dc031d7b51912bf6966d2e6fbcd3cc203b065e14ab

HTTP Headers

GET /embed/medias/jupsr1090a.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-mpegURL
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"6c22225f1e71845451b6d2dc031d7b51"
x-request-id: b0e4137e-95c6-4ae3-8adc-b14df93b4787
x-runtime: 0.030739
x-envoy-upstream-service-time: 32
via: 1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: xrIBd50KzH_4qp3SaOoeu03_voxAUzuGbmaHpb9kgkux0IhPtHH-ow==
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:09 GMT
age: 1380
x-served-by: cache-iad-kcgs7200065-IAD, cache-bma1657-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 1082, 1
x-timer: S1702126209.018674,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 943
X-Firefox-Spdy: h2

dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData

143.204.55.5

200 OK

3 B

URL POST HTTP/2
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
IP
143.204.55.5:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.execute-api.us-east-1.amazonaws.com
FingerprintC8:81:6C:B7:7D:FE:7C:8F:6F:98:5D:66:05:CD:D5:82:C3:F3:48:4E
ValidityWed, 08 Feb 2023 00:00:00 GMT - Thu, 07 Mar 2024 23:59:59 GMT

File type
JSON data
Size
3 B (3 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

OPTIONS /Prod/GetLyticsUserData HTTP/1.1
Host: dnzkifeab6.execute-api.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pro.manwardpress.com/
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
content-length: 3
date: Sat, 09 Dec 2023 12:50:09 GMT
x-amzn-requestid: d578efc7-0b83-4c5f-ad02-d69da3767bf4
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: PrRUNFBLIAMEZHg=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bOYNWUiRx9KWgtaAQiq2z3-YqcijCsV18fE0qIfNfHHvP3Ha17tjkA==
X-Firefox-Spdy: h2

fast.wistia.com/assets/images/blank.gif

151.101.130.132

200 OK

1.2 kB

URL GET HTTP/2
fast.wistia.com/assets/images/blank.gif
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
GIF image data, version 89a, 100 x 100
Size
1.2 kB (1214 bytes)
Hash
fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

HTTP Headers

GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Wed, 10 May 2023 19:48:54 GMT
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
x-amz-server-side-encryption: AES256
content-type: image/gif
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:09 GMT
age: 2662
x-served-by: cache-iad-kcgs7200077-IAD, cache-bma1642-BMA
x-cache: HIT, HIT
x-cache-hits: 37, 58
x-timer: S1702126209.050737,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8

143.204.55.78

200 OK

116 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8
IP
143.204.55.78:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
116 kB (116419 bytes)
Hash
1d15153fe72f32c5465a40cd3cabae74
0070f32173d2b39d622b3f3e6834f2fda4c881f8
c25eb3ecb480bbb23e31adf523d92baecef5eb47e12e78dc95c1833cfd9647ff

HTTP Headers

GET /deliveries/43565402fec316214945c01451539a224e66578c.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 116419
server: envoy
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 43565402fec316214945c01451539a224e66578c-hls-segment
surrogate-key: 43565402fec316214945c01451539a224e66578c-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 85
date: Wed, 06 Dec 2023 18:26:23 GMT
expires: Thu, 05 Dec 2024 18:26:23 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DUcz3Hpie0K20xL5yX8roXvsqeRmUTQSIhA5szGMM4McVUC9sPa3aA==
age: 239026
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Public+Sans:400,600,700&display=swap

142.250.74.106

200 OK

1.6 MB

URL GET HTTP/3
fonts.googleapis.com/css?family=Public+Sans:400,600,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
gzip compressed data, max compression
Size
1.6 MB (1631205 bytes)
Hash
cec601988f17e5e85ad7f3744fa5a90e
91c32c742f0027910371e53402c0bd4b134bdb88
e161de29ef8bbd0b7deb959d84a4922d9ce88aa147239f239f75a09c77f019d4

HTTP Headers

GET /css?family=Public+Sans:400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 12:50:09 GMT
date: Sat, 09 Dec 2023 12:50:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?v=3&t=l&pid=1041421075&rv=3bt0&u=AAAAAAAIAAAAAIA&h=Ag&gtm=45He3bt0&ccid=_GTM-TJ3NG7C&cid=GTM-TJ3NG7C&l=GTM-TJ3NG7C.L3837.S7.Y149.B1.E11.I3886.EC7.TC6.HTC4~gtm.init.S1.V0.E93~*.S1.V0.TS5html.TI5.TE4.TS5html.TI8.TE2.TS6paused.TI9.TE0.TS1sp.TI24.TE3.TS5html.TI25.TE2.TS1html.TI29.TE2~gtm.dom.S1.V1.E73~gtm.load.S0.V0.E71~*.S0.V0~gtm.scrollDepth.S1.V1~gtm.init_consent.S1.V0.E94~AWCT1594

142.250.74.168

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?v=3&t=l&pid=1041421075&rv=3bt0&u=AAAAAAAIAAAAAIA&h=Ag&gtm=45He3bt0&ccid=_GTM-TJ3NG7C&cid=GTM-TJ3NG7C&l=GTM-TJ3NG7C.L3837.S7.Y149.B1.E11.I3886.EC7.TC6.HTC4~gtm.init.S1.V0.E93~*.S1.V0.TS5html.TI5.TE4.TS5html.TI8.TE2.TS6paused.TI9.TE0.TS1sp.TI24.TE3.TS5html.TI25.TE2.TS1html.TI29.TE2~gtm.dom.S1.V1.E73~gtm.load.S0.V0.E71~*.S0.V0~gtm.scrollDepth.S1.V1~gtm.init_consent.S1.V0.E94~AWCT1594
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?v=3&t=l&pid=1041421075&rv=3bt0&u=AAAAAAAIAAAAAIA&h=Ag&gtm=45He3bt0&ccid=_GTM-TJ3NG7C&cid=GTM-TJ3NG7C&l=GTM-TJ3NG7C.L3837.S7.Y149.B1.E11.I3886.EC7.TC6.HTC4~gtm.init.S1.V0.E93~*.S1.V0.TS5html.TI5.TE4.TS5html.TI8.TE2.TS6paused.TI9.TE0.TS1sp.TI24.TE3.TS5html.TI25.TE2.TS1html.TI29.TE2~gtm.dom.S1.V1.E73~gtm.load.S0.V0.E71~*.S0.V0~gtm.scrollDepth.S1.V1~gtm.init_consent.S1.V0.E94~AWCT1594 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Dec 2023 12:50:09 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

use.typekit.net/jsh5erf.css

23.33.119.67

200 OK

678 B

URL GET HTTP/2
use.typekit.net/jsh5erf.css
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
678 B (678 bytes)
Hash
23c4af4bce4aafabe73936c82ee55d6d
8340a4fbe51d0c929651b1c3c9b3a4f82f935a6c
df8723e4f66b842107f3f27ee5acea125f56163819925b33bde3dd1cc1e8d8a9

HTTP Headers

GET /jsh5erf.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 678
date: Sat, 09 Dec 2023 12:50:09 GMT
X-Firefox-Spdy: h2

dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData

143.204.55.5

200 OK

76 B

URL POST HTTP/2
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
IP
143.204.55.5:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.execute-api.us-east-1.amazonaws.com
FingerprintC8:81:6C:B7:7D:FE:7C:8F:6F:98:5D:66:05:CD:D5:82:C3:F3:48:4E
ValidityWed, 08 Feb 2023 00:00:00 GMT - Thu, 07 Mar 2024 23:59:59 GMT

File type
JSON data
Size
76 B (76 bytes)
Hash
74cd2ce4def6577d2db4502c943c3289
c5ac742f41f7052834573a7f11ec085cc8506d55
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984

HTTP Headers

POST /Prod/GetLyticsUserData HTTP/1.1
Host: dnzkifeab6.execute-api.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 22
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 76
date: Sat, 09 Dec 2023 12:50:09 GMT
x-amzn-requestid: 4e4328d7-bd63-497c-b30f-6304c8547f10
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: PrRUQEwEIAMEI5g=
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
x-amzn-trace-id: Root=1-65746281-6f73d351091b3338679d8d79;Sampled=0;lineage=17be0e8a:0
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JgYO55YOCnrL0BGA9BKatX-RA3VNQj8CxwLMgbHzzvgGjoMGLznfOg==
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 623
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 12:50:09 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Tu6Id5-3K40prhiq0OqyRdK8WGH-_rjRGVbEjvTEcmydzYF1vnMyUw==
X-Firefox-Spdy: h2

use.typekit.net/ivq3tmv.css

23.33.119.67

200 OK

924 B

URL GET HTTP/2
use.typekit.net/ivq3tmv.css
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
924 B (924 bytes)
Hash
a77e9b96ff5fde4169651e452b9a0825
0dbbc811bdafa4f2fa14a313ee70eb4f3ceb4e0a
d40d7107bd64185b99e2fcca3a73d14c2a2c6b7b7a156ec5f06679149c229735

HTTP Headers

GET /ivq3tmv.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 924
date: Sat, 09 Dec 2023 12:50:09 GMT
X-Firefox-Spdy: h2

www.redditstatic.com/ads/pixel.js

151.101.129.140

200 OK

7.4 kB

URL GET HTTP/2
www.redditstatic.com/ads/pixel.js
IP
151.101.129.140:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subjectwww.redditstatic.com
Fingerprint5B:10:93:15:D0:06:B8:27:DD:C8:15:7C:8A:49:4B:AD:06:D3:8E:15
ValidityFri, 25 Aug 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23776)
Size
7.4 kB (7409 bytes)
Hash
78b6c68984a6ce5b3fcac1c6a9cad00c
02e1d366a17506cea8adfe5a15949aca89719a02
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

HTTP Headers

GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:09 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true,  "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7409
X-Firefox-Spdy: h2

use.typekit.net/eab1nzm.css

23.33.119.67

200 OK

602 B

URL GET HTTP/2
use.typekit.net/eab1nzm.css
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
602 B (602 bytes)
Hash
59ed759c43e6a90623ff8c3586b49118
6572626ae238e59ee6a4fabb9f9b8b8273443b1b
4207fb06ea6afa96ed2eecea8510ee7e7726d022619bd2ca49191a6a89f1ebb8

HTTP Headers

GET /eab1nzm.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 602
date: Sat, 09 Dec 2023 12:50:09 GMT
X-Firefox-Spdy: h2

distillery.wistia.com/x

54.230.111.90

204 No Content

0 B

URL POST HTTP/2
distillery.wistia.com/x
IP
54.230.111.90:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjectstats-tap-production-cloudfront-app-cname.wistia.com
Fingerprint37:C6:AB:79:1C:DF:9B:5E:3A:B8:3E:F1:0C:1D:48:BF:89:2D:1F:40
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1776
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 09 Dec 2023 12:50:09 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
server: envoy
x-envoy-upstream-service-time: 1
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cGZGzJkhH12FusrrAQKkgKBGHgtixvhP_RDCd-7fQV5PuHBYhWQ2AA==
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/18590de2085b7ce8ac5729ff0cc972e004fb2734.m3u8

143.204.55.78

200 OK

116 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/18590de2085b7ce8ac5729ff0cc972e004fb2734.m3u8
IP
143.204.55.78:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
116 kB (116419 bytes)
Hash
7c81f8ab4bab44f28118835de7bc945c
222c86395850560b7084a85da0b2b0d2ef0ec08d
63068b8cb05fa55f4f7be7887ab1b85613207f119bb4d5da07efc3f4141dcdb9

HTTP Headers

GET /deliveries/18590de2085b7ce8ac5729ff0cc972e004fb2734.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 116419
server: envoy
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 18590de2085b7ce8ac5729ff0cc972e004fb2734-hls-segment
surrogate-key: 18590de2085b7ce8ac5729ff0cc972e004fb2734-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 101
date: Wed, 06 Dec 2023 17:18:06 GMT
expires: Thu, 05 Dec 2024 17:18:06 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qPEy5hfm5fGIlIOLcWFuw1lbrfjpomFPUBD3D3JRX51ue_JVCuT5Qg==
age: 243123
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/allIntegrations.js

151.101.130.132

200 OK

5.8 kB

URL GET HTTP/2
fast.wistia.com/assets/external/allIntegrations.js
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (23371)
Size
5.8 kB (5774 bytes)
Hash
9a9248fb8178a9640de37511b065850f
086459b7f718251f753b82cee05f51c6ca2d3a84
fb7f597f64e9b0c17f7f99fb577f164c36f93f13ffda2ccb736b786e4e705d12

HTTP Headers

GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "2de48c3cd29dd8ca8c43042875b49727"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:09 GMT
age: 3202
x-served-by: cache-iad-kcgs7200101-IAD, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 65, 41
x-timer: S1702126210.733185,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 5774
X-Firefox-Spdy: h2

use.typekit.net/ncb8zzv.css

23.33.119.67

200 OK

750 B

URL GET HTTP/2
use.typekit.net/ncb8zzv.css
IP
23.33.119.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
750 B (750 bytes)
Hash
de5097050c4d5a51d45bc0b306afc50e
76923b641b6d88cdd7f79fc870e295b13e5e079c
9cea872c4cf57a50ee40950b57f8a74f7c83060335e8f19ee3b9fbfc451add52

HTTP Headers

GET /ncb8zzv.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 750
date: Sat, 09 Dec 2023 12:50:09 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=jsh5erf&ht=tk&f=16466.16468.16470&a=647398&app=typekit&e=css

23.33.119.50

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=jsh5erf&ht=tk&f=16466.16468.16470&a=647398&app=typekit&e=css
IP
23.33.119.50:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=jsh5erf&ht=tk&f=16466.16468.16470&a=647398&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:09 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=ivq3tmv&ht=tk&f=22489.22490.22495.22496.26016.26017.26018.26019&a=87036570&app=typekit&e=css

23.33.119.50

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=ivq3tmv&ht=tk&f=22489.22490.22495.22496.26016.26017.26018.26019&a=87036570&app=typekit&e=css
IP
23.33.119.50:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=ivq3tmv&ht=tk&f=22489.22490.22495.22496.26016.26017.26018.26019&a=87036570&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:09 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=eab1nzm&ht=tk&f=26014&a=102213364&app=typekit&e=css

23.33.119.50

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=eab1nzm&ht=tk&f=26014&a=102213364&app=typekit&e=css
IP
23.33.119.50:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=eab1nzm&ht=tk&f=26014&a=102213364&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:09 GMT
X-Firefox-Spdy: h2

c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com

143.204.55.94

200 OK

2.7 kB

URL GET HTTP/2
c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com
IP
143.204.55.94:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjectpmsrv.co
Fingerprint75:6B:BA:1B:09:1C:F0:09:3F:A7:0A:8D:BC:E2:85:28:5E:AF:4F:47
ValiditySat, 16 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9738), with no line terminators
Size
2.7 kB (2682 bytes)
Hash
7a5bdfac6f7e6d06281a5d72f283fcf5
d2d8b52ca70e1408ca17e692f6051487042a1051
4f2d67f554fdc058d41f8b62af5f31f2794c4253647b3e327c8dfc7cc7ed436b

HTTP Headers

GET /v1/analytics.js?d=pro.manwardpress.com HTTP/1.1
Host: c.pmsrv.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Fri, 08 Dec 2023 19:59:17 GMT
x-amzn-requestid: b98ce463-d502-4465-a46f-ab787495da65
x-amzn-remapped-content-length: 9738
x-amzn-remapped-connection: close
x-amz-apigw-id: Po9PWF3zSK4Eeeg=
cache-control: private, no-cache, no-store, must-revalidate
expires: -1
x-powered-by: Express
x-amzn-trace-id: Root=1-65737595-183c10d95e878f844d858919;Sampled=0;lineage=c8fdcb33:0
pragma: no-cache
x-amzn-remapped-date: Fri, 08 Dec 2023 19:59:17 GMT
content-encoding: br
etag: W/"260a-0ti1LKcOFAjKF+aS9gUUhwQqEFE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lki9eybUPkGhoEcRVY24GbhokGiqahD4sFYECjCwdPjLmKEJr77Vbg==
age: 60651
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=ncb8zzv&ht=tk&f=35050.35053.40427.40433&a=102213364&app=typekit&e=css

23.33.119.50

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=ncb8zzv&ht=tk&f=35050.35053.40427.40433&a=102213364&app=typekit&e=css
IP
23.33.119.50:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=ncb8zzv&ht=tk&f=35050.35053.40427.40433&a=102213364&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:09 GMT
X-Firefox-Spdy: h2

storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css

142.250.74.123

200 OK

602 B

URL GET HTTP/2
storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css
IP
142.250.74.123:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectstorage.googleapis.com
FingerprintF1:10:D7:72:C2:3B:0A:45:C6:0E:9C:5E:22:3D:E7:08:37:61:CF:DB
ValidityMon, 20 Nov 2023 08:13:19 GMT - Mon, 12 Feb 2024 08:13:18 GMT

File type
ASCII text, with very long lines (602), with no line terminators
Size
602 B (602 bytes)
Hash
9df2d5ae6031369aa6e0f3685608cd8c
cdf5ad44e5e1e9bf2b0413e046189830a1921e17
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06

HTTP Headers

GET /lioservices/2470-oxford-club/lytics_overrides.min.css HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPoiE9_kVcxl0aQJOEifKeIeAOwOdhfwLMedeqaBA12ncP2pi2ueo-j2Up-xStWlQBDE1tU
x-goog-generation: 1538689646128559
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 602
x-goog-hash: crc32c=VZEimQ==, md5=nfLVrmAxNpqm4PNoVgjNjA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 602
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Sat, 09 Dec 2023 12:03:08 GMT
expires: Sat, 09 Dec 2023 13:03:08 GMT
cache-control: public, max-age=3600
age: 2821
last-modified: Thu, 04 Oct 2018 21:47:26 GMT
etag: "9df2d5ae6031369aa6e0f3685608cd8c"
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1518
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 12:50:10 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gYSUpzeJUJQlnOXjkh0cpvvNUQf06lcU6BMUTdvcy-m9JMasmRMj8Q==
X-Firefox-Spdy: h2

c.pmsrv.co/v2/acvr3?a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=page-land&weight=0&dnt=false&_ible=1&ej=%7B%22dnt%22%3Afalse%7D&ord=6777522852952728&sid=63ab692f-6786-4cc3-8675-8997ebb318d8&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&_ii=0&ppg=&_tk=%7B%7D

143.204.55.94

302 Found

441 B

URL GET HTTP/2
c.pmsrv.co/v2/acvr3?a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=page-land&weight=0&dnt=false&_ible=1&ej=%7B%22dnt%22%3Afalse%7D&ord=6777522852952728&sid=63ab692f-6786-4cc3-8675-8997ebb318d8&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&_ii=0&ppg=&_tk=%7B%7D
IP
143.204.55.94:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjectpmsrv.co
Fingerprint75:6B:BA:1B:09:1C:F0:09:3F:A7:0A:8D:BC:E2:85:28:5E:AF:4F:47
ValiditySat, 16 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (441), with no line terminators
Size
441 B (441 bytes)
Hash
0cef67ab4fe6d6d3f2baf88d068f2826
9dc8b408b783ae7325ac67250c4d8796612ece14
7b326105c2b3fe72728c905505e0cdd149f51d02c217abd6e685b68fc908c718

HTTP Headers

GET /v2/acvr3?a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=page-land&weight=0&dnt=false&_ible=1&ej=%7B%22dnt%22%3Afalse%7D&ord=6777522852952728&sid=63ab692f-6786-4cc3-8675-8997ebb318d8&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&_ii=0&ppg=&_tk=%7B%7D HTTP/1.1
Host: c.pmsrv.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/plain; charset=utf-8
content-length: 441
location: https://contextual.media.net/cksync.php?cs=1&type=max&ovsid=setstatuscode&redirect=https%3A%2F%2Fc.pmsrv.co%2Fv2%2Fcsync%3FMNETID%3D%24%7Bmnetid%7D%26MAXID%3Dd3672644-cc2d-4f75-9603-5397e52edf4d%26o_url%3Dhttps%253A%252F%252Fc.pmsrv.co%252Fv2%252Facvr3%253Fa%253D50bbcf39-5fab-4416-a13c-acc35b621b86%2526event%253Dpage-land%2526_ible%253D1%2526sid%253D63ab692f-6786-4cc3-8675-8997ebb318d8%2526weight%253D0%2526_ii%253D0
date: Sat, 09 Dec 2023 12:50:10 GMT
x-amzn-requestid: d3672644-cc2d-4f75-9603-5397e52edf4d
access-control-allow-origin: *
x-amzn-remapped-content-length: 441
x-amzn-remapped-connection: close
x-amz-apigw-id: PrRUYGtMSK4EFtQ=
cache-control: private, no-cache, no-store, must-revalidate
expires: -1
x-powered-by: Express
x-amzn-trace-id: Root=1-65746282-31aed8476649f85b4356beaa;Sampled=0;lineage=c8fdcb33:0
pragma: no-cache
x-amzn-remapped-date: Sat, 09 Dec 2023 12:50:10 GMT
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: moC1skT7pQCQ8At2y0uGxVBESuHFv1SjUfKXT8Vg5_84WYsrygVA3A==
X-Firefox-Spdy: h2

bat.bing.com/bat.js

13.107.21.200

200 OK

13 kB

URL GET HTTP/2
bat.bing.com/bat.js
IP
13.107.21.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type
Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Size
13 kB (13187 bytes)
Hash
7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13187
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D4FA69318BD947668D82B5B860787360 Ref B: OSL30EDGE0521 Ref C: 2023-12-09T12:50:10Z
date: Sat, 09 Dec 2023 12:50:10 GMT
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BBMPM3EJHQ&cid=968817907.1702126216&gtm=45je3bt0v9106739609z8813057436&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1177477320

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BBMPM3EJHQ&cid=968817907.1702126216&gtm=45je3bt0v9106739609z8813057436&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1177477320
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintDB:33:6A:DD:DA:72:55:0D:55:09:60:6E:D1:5B:40:D8:2B:9B:4F:3C
ValidityMon, 20 Nov 2023 08:12:16 GMT - Mon, 12 Feb 2024 08:12:15 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BBMPM3EJHQ&cid=968817907.1702126216&gtm=45je3bt0v9106739609z8813057436&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1177477320 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:50:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.getblueshift.com/unity.gif?t=1702126217&e=pageload&r=&z=740640&x=5475fa15fca6698857e67e2705849cfa&k=c7249921-c5a9-3355-f981-362497076812&u=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue

52.40.78.89

200 OK

42 B

URL GET HTTP/2
api.getblueshift.com/unity.gif?t=1702126217&e=pageload&r=&z=740640&x=5475fa15fca6698857e67e2705849cfa&k=c7249921-c5a9-3355-f981-362497076812&u=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue
IP
52.40.78.89:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
Fingerprint53:0D:6B:AE:94:24:EE:BE:0F:BD:6E:C6:61:2F:FD:37:71:D2:21:0F
ValidityThu, 09 Mar 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /unity.gif?t=1702126217&e=pageload&r=&z=740640&x=5475fa15fca6698857e67e2705849cfa&k=c7249921-c5a9-3355-f981-362497076812&u=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:10 GMT
content-type: image/gif
content-length: 42
access-control-allow-origin: https://pro.manwardpress.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: etag
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.252

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 249OGS9RFnML1nZ3myHiGzvl+k9yUB+PIbwvM/7JZG/3ARD5aHrxgNONxWQwRT35Q+AWBJHw/eo=
x-amz-request-id: VW59Y019R2Z813YQ
date: Sat, 09 Dec 2023 12:39:58 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 613
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

bat.bing.com/p/action/15322609.js

13.107.21.200

204 No Content

0 B

URL GET HTTP/2
bat.bing.com/p/action/15322609.js
IP
13.107.21.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/15322609.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8D275BDA296B49A1A88EEEB5F52D4DDA Ref B: OSL30EDGE0521 Ref C: 2023-12-09T12:50:10Z
date: Sat, 09 Dec 2023 12:50:10 GMT
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=15322609&Ver=2&mid=c8283c98-e02f-4c8f-8342-486061a8c2ac&sid=81219360969111ee9778e9b9d203e3f8&vid=8121ab60969111ee8b2fb965dcab5d1c&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Manward%20Press&p=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&r=&lt=4717&evt=pageLoad&sv=1&rn=434484

13.107.21.200

204 No Content

0 B

URL GET HTTP/2
bat.bing.com/action/0?ti=15322609&Ver=2&mid=c8283c98-e02f-4c8f-8342-486061a8c2ac&sid=81219360969111ee9778e9b9d203e3f8&vid=8121ab60969111ee8b2fb965dcab5d1c&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Manward%20Press&p=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&r=&lt=4717&evt=pageLoad&sv=1&rn=434484
IP
13.107.21.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=15322609&Ver=2&mid=c8283c98-e02f-4c8f-8342-486061a8c2ac&sid=81219360969111ee9778e9b9d203e3f8&vid=8121ab60969111ee8b2fb965dcab5d1c&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Manward%20Press&p=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&r=&lt=4717&evt=pageLoad&sv=1&rn=434484 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=34850F14F4E26C8828D91CF6F5176D82; domain=.bing.com; expires=Thu, 02-Jan-2025 12:50:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8486B43CBB4C40AA9B4E7A4FC6B66A4D Ref B: OSL30EDGE0521 Ref C: 2023-12-09T12:50:10Z
date: Sat, 09 Dec 2023 12:50:10 GMT
X-Firefox-Spdy: h2

s.yimg.com/wi/config/405446.json

87.248.119.252

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/405446.json
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
JSON data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/405446.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: YMANDX3M2P2JZCBE
x-amz-id-2: ivkkcna6KbQL6w6hreRTJm6tx2OowUEmdJmPiDDKzrLkpk8iggLQHA2s7Zpx5o2+BYwLCg8jNhY=
content-type: application/json
date: Sat, 09 Dec 2023 12:27:10 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 1381
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609&_p=1702126214607&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=968817907.1702126216&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1702126216&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&dt=Manward%20Press&en=scroll&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&epn.percent_scrolled=90&tfd=10424

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609&_p=1702126214607&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=968817907.1702126216&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1702126216&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&dt=Manward%20Press&en=scroll&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&epn.percent_scrolled=90&tfd=10424
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609&_p=1702126214607&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=968817907.1702126216&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1702126216&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&dt=Manward%20Press&en=scroll&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&epn.percent_scrolled=90&tfd=10424 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.manwardpress.com
date: Sat, 09 Dec 2023 12:50:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

analytics.pmsrv.co/v2/track?&a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=s004&weight=0&_ible=1&sid=63ab692f-6786-4cc3-8675-8997ebb318d8&ord=5453474470167996&_ii=0&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&ppg=&_tk=%7B%7D

54.230.111.2

0 B

URL
analytics.pmsrv.co/v2/track?&a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=s004&weight=0&_ible=1&sid=63ab692f-6786-4cc3-8675-8997ebb318d8&ord=5453474470167996&_ii=0&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&ppg=&_tk=%7B%7D
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/track?&a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=s004&weight=0&_ible=1&sid=63ab692f-6786-4cc3-8675-8997ebb318d8&ord=5453474470167996&_ii=0&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&ppg=&_tk=%7B%7D HTTP/1.1
Host: analytics.pmsrv.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 09 Dec 2023 09:38:35 GMT
x-powered-by: Express
cache-control: private, no-cache, no-store, must-revalidate
expires: -1
pragma: no-cache
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RVwPNff0gkaKxn4UQ6slSwx2kRg6dU8IcwUZrYmBpGlHlCuz-PgzLg==
age: 11503
X-Firefox-Spdy: h2

c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/85869cb5-a82a-4bf3-bb9e-ab52de35ed8d?segments=true&mergestate=true&state=%7B%22_uid%22%3A%2285869cb5-a82a-4bf3-bb9e-ab52de35ed8d%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1702126215128&callback=u_468777369028385540

0.0.0.0

0 B

URL GET
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/85869cb5-a82a-4bf3-bb9e-ab52de35ed8d?segments=true&mergestate=true&state=%7B%22_uid%22%3A%2285869cb5-a82a-4bf3-bb9e-ab52de35ed8d%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1702126215128&callback=u_468777369028385540
IP
0.0.0.0:0
ASN
#0

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/85869cb5-a82a-4bf3-bb9e-ab52de35ed8d?segments=true&mergestate=true&state=%7B%22_uid%22%3A%2285869cb5-a82a-4bf3-bb9e-ab52de35ed8d%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1702126215128&callback=u_468777369028385540 HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:08 GMT
content-type: application/json
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
access-control-allow-methods: GET
access-control-allow-origin: 
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mUcn1wkrmiNh3FsErE412McDHppiMde1PC9kF6PQoWJbDggN9tDE8fDatL9EXg4FeyGsxjGvIl9FHmd4oL%2FFqpA1J2GDecr8mtTsq7O27KkWDFxkZdwV1egYTWm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d5f4169451c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

142.250.74.106

200 OK

8.8 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (9024), with no line terminators
Size
8.8 kB (8784 bytes)
Hash
565832cd9e54dcc65c3c5122daef745a
e8ef7f5920e5bb8b8ab8eaa2fd3e655f6f6ee1e4
eb4a48cc79897f38180a3b2603931f3dc297daab6e538998477784467e823489

HTTP Headers

GET /css?family=Open+Sans:400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 12:50:09 GMT
date: Sat, 09 Dec 2023 12:50:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fast.wistia.com/assets/external/E-v1.js

151.101.130.132

200 OK

761 kB

URL GET HTTP/2
fast.wistia.com/assets/external/E-v1.js
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65474)
Size
761 kB (761267 bytes)
Hash
126858c9f3376ca1bc419aa2a2d0af28
51e06cde2e8cc415d06c63e144e6c36d2c95270d
78cf6679aa583fd97b9700d6dafa7e791d7861b72d173df807b5f8f27d246877

HTTP Headers

GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "2dfa35fa3c2d63da5bfe8edd5f3cb8df"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 12:50:07 GMT
age: 3201
x-served-by: cache-iad-kiad7000039-IAD, cache-bma1642-BMA
x-cache: HIT, HIT
x-cache-hits: 75, 9
x-timer: S1702126207.133368,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 129063
X-Firefox-Spdy: h2

c.lytics.io/static/pathfora.min.js

104.26.2.22

200 OK

105 kB

URL GET HTTP/2
c.lytics.io/static/pathfora.min.js
IP
104.26.2.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
105 kB (105002 bytes)
Hash
1dda5c62f6d686fe449a9d217388da4b
a2cfd95511bd1a0f8ae3275e44d309c7279c4a69
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b

HTTP Headers

GET /static/pathfora.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Cookie: seerid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:09 GMT
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 4
last-modified: Sat, 09 Dec 2023 12:50:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4nsaiJUegFGMrv06Mb2BbqQFdJp%2FDcbJLa4aTAkqEDlutAz4hC8%2B4MXMbMH4G94FZEqCKDkVmEvxSPQHtLr%2F0uqBiK48W0DW0EbiF1DuJGDod1f2oGsMskthaoz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d5f48be071c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js

104.26.2.22

200 OK

565 kB

URL GET HTTP/2
c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js
IP
104.26.2.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type

Size
565 kB (564712 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Cookie: seerid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:09 GMT
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 6449
last-modified: Sat, 09 Dec 2023 11:02:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFozatrm38sluq7%2BpmB6QmlaPfSzbhfRmjkdoD1KfvPyY0jCzUwHB13iO8GEOiCYzhwKdElqGQx%2FVbtVcYtC%2BDD0n0RKjNisFWGd1%2FGCdW3R8Su0e8L01uwUdKfz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d5f4bcfdf1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

verifiedwebpage.com/go?ehash=bf826571fdea1fe07895c6c76ad71e1e&product=34730&ar=55&cid=2412&lid=1610&slhash=445c805f45ca4564b57a14bf72f5d8a1&mtaid=mpmta&cid2=[s8]

188.114.97.1

302 Found

77 kB

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=bf826571fdea1fe07895c6c76ad71e1e&product=34730&ar=55&cid=2412&lid=1610&slhash=445c805f45ca4564b57a14bf72f5d8a1&mtaid=mpmta&cid2=[s8]
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
Fingerprint0D:F8:EF:F4:23:CD:FB:7E:DE:C7:29:3C:B4:F7:A4:CE:6A:FB:89:AB
ValiditySat, 14 Oct 2023 13:52:56 GMT - Fri, 12 Jan 2024 13:52:55 GMT

File type

Size
77 kB (77007 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go?ehash=bf826571fdea1fe07895c6c76ad71e1e&product=34730&ar=55&cid=2412&lid=1610&slhash=445c805f45ca4564b57a14bf72f5d8a1&mtaid=mpmta&cid2=[s8] HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 09 Dec 2023 12:50:05 GMT
content-type: text/html; charset=UTF-8
location: https://www.p3lstrk.com/2MGNK7T/FNH5DF/?sub1=3415202737506935453
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=c9918c314cebcf0093ae1dc81a9ac138; path=/
pixel_session_hash_34730=3415202737506935453; expires=Mon, 08-Jan-2024 12:50:04 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_34730=b33bcefcb7d09d722014d2151635912eae30fe73d0cfb1ef0e0c604cb27627f5; expires=Mon, 11-Dec-2023 12:50:04 GMT; Max-Age=172800
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SvlBUnnw3qCgSdLy4jzeOe8wM6VNUhxo1kVElvk%2FGmB8Cyud5JeOWaNBHhb2VRO8FZhQG374Vl1UmTcZqZWKUutfqEC7QiICRSYt2LYaqMfmoRsI2eEYFCyrUqT%2Bycu0HT0WJ%2Bq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d5f2aaad756b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

104.18.10.207

200 OK

160 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (65324)
Size
160 kB (160403 bytes)
Hash
3afe15e976734d9daac26310110c4594
4f14a09a606c99a11f8fda15564ef66f70402826
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

HTTP Headers

GET /bootstrap/4.5.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:07 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"3afe15e976734d9daac26310110c4594"
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 10/31/2023 18:50:52
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e253b5ad4f77c12f2826704c281cb283
cdn-cache: HIT
cf-cache-status: HIT
age: 1202961
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 832d5f3a5e831c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C

142.250.74.168

200 OK

335 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (40346)
Size
335 kB (335092 bytes)
Hash
d34ee1ba0e3b33f57c38f14a4d242fec
378bb598af1f17ae5e7b69fee2c0451baf97af31
a5027e64d4ae4ee0ae92b159ef96d85cb8184cd178a2a323b75e324ba49ddb84

HTTP Headers

GET /gtm.js?id=GTM-KTM4C7C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 12:50:07 GMT
expires: Sat, 09 Dec 2023 12:50:07 GMT
cache-control: private, max-age=900
last-modified: Sat, 09 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98354
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8/seg-1-v1-a1.ts

143.204.55.78

200 OK

1.6 MB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8/seg-1-v1-a1.ts
IP
143.204.55.78:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type

Size
1.6 MB (1630712 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /deliveries/43565402fec316214945c01451539a224e66578c.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: video/MP2T
content-length: 1630712
server: envoy
date: Thu, 07 Dec 2023 07:25:18 GMT
expires: Fri, 06 Dec 2024 07:25:18 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 43565402fec316214945c01451539a224e66578c-hls-segment
surrogate-key: 43565402fec316214945c01451539a224e66578c-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 392
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hFnMkJuqUihbPb_LKp5qgNwb-GzVDI1B8JwLmmib-x20OfCw5-wF6w==
age: 192291
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

c.lytics.io/static/pathfora.min.css

104.26.2.22

200 OK

21 kB

URL GET HTTP/2
c.lytics.io/static/pathfora.min.css
IP
104.26.2.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint34:D8:8F:EC:9C:A5:F6:04:B9:F1:A1:E1:CE:3D:D4:69:9A:65:B0:86
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20939), with no line terminators
Size
21 kB (20939 bytes)
Hash
eecb9ff4af0757a947f791bc35393abc
2d23a8718b63c1cd96a10674bdc92ca61682e85b
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685

HTTP Headers

GET /static/pathfora.min.css HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Cookie: seerid=85869cb5-a82a-4bf3-bb9e-ab52de35ed8d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 12:50:09 GMT
content-type: text/css; charset=utf-8
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 7145
last-modified: Sat, 09 Dec 2023 10:51:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O242A0qeu%2BFVDKvwdzeawEV%2B7emCqBNCo0RfiTm3PIRrAaPtrlrCv9z5UQztfkVbrZj26IEAWqRNoB6NiXEzn%2BiF2lxi2rcPTAxoH4ijtDuipPZMV3sPHIilGfhp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d5f4abf251c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

embed-ssl.wistia.com/deliveries/ef6d1743f95d45b58afe30918ade93ca.webp?image_crop_resized=1280x720

143.204.55.78

200 OK

37 kB

URL GET HTTP/2
embed-ssl.wistia.com/deliveries/ef6d1743f95d45b58afe30918ade93ca.webp?image_crop_resized=1280x720
IP
143.204.55.78:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Size
37 kB (37328 bytes)
Hash
37e6a726eba086ced408624a81db1572
d77ddf9094f93d6d9a62ba7cf2073fbc2093b784
bc057a4ddb102ddf9a6ca8495830fc21e9a68502568956e0c416348145f7e077

HTTP Headers

GET /deliveries/ef6d1743f95d45b58afe30918ade93ca.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
accept-ranges: none
access-control-request-method: *
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: ef6d1743f95d45b58afe30918ade93ca
etag: FeAz6PM7B5JMI3EKzOF3WTHC1xU=
last-modified: Wed, 08 Nov 2023 05:14:52 UTC
surrogate-key: ef6d1743f95d45b58afe30918ade93ca thumbnail-delivery
date: Fri, 08 Dec 2023 05:07:18 GMT
x-envoy-upstream-service-time: 350
server: envoy
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aROoF-nfnrkbv-fsuwBexbauk4gIojSSEaQ0LIuUyeOCADSqCRBRXw==
age: 114170
x-cdn: cloudfront
vary: Origin
X-Firefox-Spdy: h2

analytics.pmsrv.co/v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86

54.230.111.2

200 OK

3.0 kB

URL GET HTTP/2
analytics.pmsrv.co/v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86
IP
54.230.111.2:443
ASN
#16509 AMAZON-02

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerAmazon
Subjectpmsrv.co
Fingerprint75:6B:BA:1B:09:1C:F0:09:3F:A7:0A:8D:BC:E2:85:28:5E:AF:4F:47
ValiditySat, 16 Sep 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3099), with no line terminators
Size
3.0 kB (3016 bytes)
Hash
e67eeb0a5fde100a9a9b8218be6ff7b7
900455bf5702428b4260ae17a16226e8f730896a
1ac534d6bbb2bfc01317c298911ee45cd0199cadebe1b7d8cf43dd178ec2a49d

HTTP Headers

GET /v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86 HTTP/1.1
Host: analytics.pmsrv.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Sat, 09 Dec 2023 12:34:32 GMT
x-powered-by: Express
cache-control: private, no-cache, no-store, must-revalidate
expires: -1
pragma: no-cache
content-encoding: gzip
etag: W/"bc8-CwjlEyZMeJT2T4gdzys39D9fgms"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Giw1Wis7xf8Pt5JH0leuK2MkorXxOqYCuPM0EyA7YQNnFXyxTLJl8g==
age: 937
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609z8813057436&_p=1702126214607&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=968817907.1702126216&ul=en-us&sr=1280x1024&_s=1&sid=1702126216&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&dt=Manward%20Press&en=page_view&_fv=1&_nsi=1&_ss=1&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&tfd=5319

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609z8813057436&_p=1702126214607&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=968817907.1702126216&ul=en-us&sr=1280x1024&_s=1&sid=1702126216&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&dt=Manward%20Press&en=page_view&_fv=1&_nsi=1&_ss=1&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&tfd=5319
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.manwardpress.com/p/DARKTO99MWLLT2YRDSCBP/NMWLZB11/?s1=b121e554cdb544adb6ae0742b3377b54&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je3bt0v9106739609z8813057436&_p=1702126214607&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=968817907.1702126216&ul=en-us&sr=1280x1024&_s=1&sid=1702126216&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO99MWLLT2YRDSCBP%2FNMWLZB11%2F%3Fs1%3Db121e554cdb544adb6ae0742b3377b54%26h%3Dtrue&dt=Manward%20Press&en=page_view&_fv=1&_nsi=1&_ss=1&ep.promocode=NMWLZB11&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=8020%20Publishing&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO99%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&tfd=5319 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.manwardpress.com
DNT: 1
Connection: keep-alive
Referer: https://pro.manwardpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.manwardpress.com
date: Sat, 09 Dec 2023 12:50:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (53)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP