pro.manwardpress.com Open in urlscan Pro
192.135.136.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://events-c.mb.wealthyretirement.com/z/s80dt17t0pok04?uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&txnid=9d7d0a76-0607-471d-9194-0d8b2a8a...
Effective URL:
https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-5...
Submission: On July 30 via api (July 30th 2024, 2:01:09 am UTC) from BE — Scanned from CA

Summary HTTP 111 Redirects Behaviour Indicators

Summary

This website contacted 45 IPs in 2 countries across 32 domains to perform 111 HTTP transactions. The main IP is 192.135.136.168, located in United States and belongs to 14WEST-AS, US. The main domain is pro.manwardpress.com.
TLS certificate: Issued by R10 on June 26th 2024. Valid for: 3 months.

This is the only time pro.manwardpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.17.29.85 104.17.29.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	192.135.136.168 192.135.136.168	11372 (14WEST-AS) (14WEST-AS)
2	3.5.28.166 3.5.28.166	14618 (AMAZON-AES) (AMAZON-AES)
2	173.194.207.95 173.194.207.95	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.231.232.80 54.231.232.80	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
7	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1	18.238.80.116 18.238.80.116	16509 (AMAZON-02) (AMAZON-02)
6	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
3	173.194.204.94 173.194.204.94	15169 (GOOGLE) (GOOGLE)
1	3.5.19.110 3.5.19.110	14618 (AMAZON-AES) (AMAZON-AES)
1	13.226.34.31 13.226.34.31	16509 (AMAZON-02) (AMAZON-02)
4	108.138.128.48 108.138.128.48	16509 (AMAZON-02) (AMAZON-02)
3	173.194.204.100 173.194.204.100	15169 (GOOGLE) (GOOGLE)
3	13.107.21.237 13.107.21.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	108.138.106.124 108.138.106.124	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.87 18.164.96.87	16509 (AMAZON-02) (AMAZON-02)
2	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
3	172.217.222.154 172.217.222.154	15169 (GOOGLE) (GOOGLE)
3	172.217.197.94 172.217.197.94	15169 (GOOGLE) (GOOGLE)
3	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
2	69.147.65.251 69.147.65.251	14196 (YAHOO-CHA) (YAHOO-CHA)
1	108.139.47.120 108.139.47.120	16509 (AMAZON-02) (AMAZON-02)
2	13.35.93.4 13.35.93.4	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	146.75.80.157 146.75.80.157	54113 (FASTLY) (FASTLY)
2	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1 2	173.194.207.154 173.194.207.154	15169 (GOOGLE) (GOOGLE)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	54.88.71.74 54.88.71.74	14618 (AMAZON-AES) (AMAZON-AES)
12	157.240.229.35 157.240.229.35	32934 (FACEBOOK) (FACEBOOK)
1 2	173.194.204.147 173.194.204.147	15169 (GOOGLE) (GOOGLE)
1 2	3.234.202.148 3.234.202.148	14618 (AMAZON-AES) (AMAZON-AES)
11	104.26.2.22 104.26.2.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.144.246.130 34.144.246.130	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.67.73.236 172.67.73.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	18.238.80.53 18.238.80.53	16509 (AMAZON-02) (AMAZON-02)
1	13.225.63.120 13.225.63.120	16509 (AMAZON-02) (AMAZON-02)
1	142.251.174.207 142.251.174.207	15169 (GOOGLE) (GOOGLE)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
3	13.226.34.66 13.226.34.66	16509 (AMAZON-02) (AMAZON-02)
1	35.83.125.178 35.83.125.178	16509 (AMAZON-02) (AMAZON-02)
111	45

1 104.17.29.85 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

events-c.mb.wealthyretirement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.135.136.168 (United States) 1 redirects

ASN11372 (14WEST-AS, US)

pro.manwardpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.28.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

portrait-tracker.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.231.232.80 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.2.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.80.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-116.jfk52.r.cloudfront.net

cdn.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.204.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.19.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

portrait-tracker.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-31.ewr53.r.cloudfront.net

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.128.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-48.jfk50.r.cloudfront.net

dnzkifeab6.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.204.100 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.222.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.197.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.147.65.251 (United States)

ASN14196 (YAHOO-CHA, US)
PTR: e1-bmr.ycpi.cha.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-120.jfk50.r.cloudfront.net

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.93.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-4.jfk50.r.cloudfront.net

c.pmsrv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.80.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.207.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qk-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.71.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-71-74.compute-1.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.204.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qb-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.234.202.148 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-202-148.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.26.2.22 (None, )

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.144.246.130 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 130.246.144.34.bc.googleusercontent.com

analytics.pmsrv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.73.236 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.80.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-53.jfk52.r.cloudfront.net

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-120.ewr53.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.174.207 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f207.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.34.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-66.ewr53.r.cloudfront.net

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.83.125.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-125-178.us-west-2.compute.amazonaws.com

api.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	wistia.com fast.wistia.com — Cisco Umbrella Rank: 11346 embed-ssl.wistia.com — Cisco Umbrella Rank: 19472 pipedream.wistia.com — Cisco Umbrella Rank: 17584 distillery.wistia.com — Cisco Umbrella Rank: 17241 embed-cloudfront.wistia.com	2 MB
12	lytics.io c.lytics.io — Cisco Umbrella Rank: 19308	76 KB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	10 KB
11	amazonaws.com portrait-tracker.s3.amazonaws.com — Cisco Umbrella Rank: 856792 s3.amazonaws.com dnzkifeab6.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 865952	831 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	567 KB
5	manwardpress.com 1 redirects pro.manwardpress.com	40 KB
4	pmsrv.co c.pmsrv.co — Cisco Umbrella Rank: 131128 analytics.pmsrv.co — Cisco Umbrella Rank: 145613	5 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	2 KB
4	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	88 B
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4784 rp.liadm.com — Cisco Umbrella Rank: 1645	38 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	79 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 9677	191 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	65 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	22 KB
3	gstatic.com fonts.gstatic.com	73 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 storage.googleapis.com — Cisco Umbrella Rank: 492	5 KB
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 3241 alb.reddit.com — Cisco Umbrella Rank: 1969	761 B
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1561	13 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 1020	8 KB
2	getblueshift.com cdn.getblueshift.com — Cisco Umbrella Rank: 27544 api.getblueshift.com — Cisco Umbrella Rank: 21792	4 KB
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 7016	2 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 1123	408 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	3 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 2393	669 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	723 B
1	t.co t.co — Cisco Umbrella Rank: 979	376 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	5 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508	28 KB
1	wealthyretirement.com 1 redirects events-c.mb.wealthyretirement.com	2 KB
111	32

	Domain	Requested by
12	c.lytics.io	portrait-tracker.s3.amazonaws.com pro.manwardpress.com c.lytics.io
12	www.facebook.com	pro.manwardpress.com
7	fast.wistia.com	pro.manwardpress.com fast.wistia.com
6	www.googletagmanager.com	portrait-tracker.s3.amazonaws.com www.googletagmanager.com pro.manwardpress.com
5	pro.manwardpress.com	1 redirects pro.manwardpress.com portrait-tracker.s3.amazonaws.com
4	dnzkifeab6.execute-api.us-east-1.amazonaws.com	portrait-tracker.s3.amazonaws.com
4	s3.amazonaws.com	pro.manwardpress.com www.googletagmanager.com
3	embed-cloudfront.wistia.com	fast.wistia.com
3	pipedream.wistia.com	fast.wistia.com
3	connect.facebook.net	pro.manwardpress.com connect.facebook.net
3	www.google.ca	pro.manwardpress.com
3	bat.bing.com	pro.manwardpress.com bat.bing.com
3	www.google-analytics.com	www.googletagmanager.com pro.manwardpress.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	portrait-tracker.s3.amazonaws.com	pro.manwardpress.com portrait-tracker.s3.amazonaws.com
2	analytics.pmsrv.co	c.pmsrv.co
2	rp.liadm.com	1 redirects
2	www.google.com	1 redirects pro.manwardpress.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.redditstatic.com	pro.manwardpress.com www.redditstatic.com
2	c.pmsrv.co	pro.manwardpress.com
2	s.yimg.com	pro.manwardpress.com s.yimg.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	static.hotjar.com	pro.manwardpress.com
2	fonts.googleapis.com	pro.manwardpress.com
1	api.getblueshift.com	cdn.getblueshift.com
1	js.sentry-cdn.com	fast.wistia.com
1	storage.googleapis.com	c.lytics.io
1	distillery.wistia.com	fast.wistia.com
1	trc.taboola.com	pro.manwardpress.com
1	www.googleadservices.com	www.googletagmanager.com
1	sp.analytics.yahoo.com	pro.manwardpress.com
1	analytics.twitter.com	pro.manwardpress.com
1	t.co	pro.manwardpress.com
1	alb.reddit.com	pro.manwardpress.com
1	pixel-config.reddit.com	www.redditstatic.com
1	static.ads-twitter.com	pro.manwardpress.com
1	b-code.liadm.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	embed-ssl.wistia.com	pro.manwardpress.com
1	cdn.getblueshift.com	portrait-tracker.s3.amazonaws.com
1	code.jquery.com	pro.manwardpress.com
1	cdnjs.cloudflare.com	pro.manwardpress.com
1	stackpath.bootstrapcdn.com	pro.manwardpress.com
1	events-c.mb.wealthyretirement.com	1 redirects
111	46

This site contains no links.

Subject Issuer	Validity	Valid
ordertracking2.pubsvs.com R10	`2024-06-26` - `2024-09-24`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
*.getblueshift.com Amazon RSA 2048 M02	`2024-06-08` - `2025-07-06`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.wistia.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-28`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M03	`2024-01-08` - `2025-02-04`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google.ca WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-08` - `2024-08-28`	2 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
pmsrv.co Amazon RSA 2048 M02	`2023-09-16` - `2024-10-14`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
*.googleadservices.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
lytics.io WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-16` - `2024-12-31`	6 months	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-09`	a year	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
storage.googleapis.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Frame ID: 521E9DED5839CEF4DAE9538B8D7D759C
Requests: 106 HTTP requests in this frame

Frame: https://portrait-tracker.s3.amazonaws.com/index.html
Frame ID: 005953A1FD84CEF1C2FAE7B2D3DAA5F5
Requests: 1 HTTP requests in this frame

Frame: https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait
Frame ID: 8DFEA662F8BE4A89F289228CEB74527F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DD9763877BDB240E0D04107DF2A1F70B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Manward PressManward Press

Page URL History Show full URLs

https://events-c.mb.wealthyretirement.com/z/s80dt17t0pok04?uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&txnid=9d7d0a76-060... HTTP 307
https://pro.manwardpress.com/m/2344062?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-5... HTTP 301
https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

98 %
HTTPS

0 %
IPv6

32
Domains

46
Subdomains

45
IPs

2
Countries

4095 kB
Transfer

7749 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://events-c.mb.wealthyretirement.com/z/s80dt17t0pok04?uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&mid=c67e9270-1a49-4104-bdb6-3f39884240cb&utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_ek=2024-07-29T18:15:08Z&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A/B_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&bsft_mime_type=text&bsft_tv=5&bsft_lx=2)... HTTP 307
https://pro.manwardpress.com/m/2344062?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED HTTP 301
https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://rp.liadm.com/j?dtstmp=1722304864256&aid=a-03e6&se=e30&duid=eb701cbdb086--01j40nx7vxn52dxrveh483fx83&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&wpn=lc-bundle&cd=.manwardpress.com&c=PHRpdGxlPk1hbndhcmQgUHJlc3M8L3RpdGxlPjx0aXRsZT5NYW53YXJkIFByZXNzPC90aXRsZT48aDEgY2xhc3M9ImhlYWRsaW5lIj5BcnRpZmljaWFsIFNVUEVSIEludGVsbGlnZW5jZSAoQVNJKTwvaDE-PGgxPldBSVQhPC9oMT4 HTTP 302
https://rp.liadm.com/j?dtstmp=1722304864256&aid=a-03e6&se=e30&duid=eb701cbdb086--01j40nx7vxn52dxrveh483fx83&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&wpn=lc-bundle&cd=.manwardpress.com&c=PHRpdGxlPk1hbndhcmQgUHJlc3M8L3RpdGxlPjx0aXRsZT5NYW53YXJkIFByZXNzPC90aXRsZT48aDEgY2xhc3M9ImhlYWRsaW5lIj5BcnRpZmljaWFsIFNVUEVSIEludGVsbGlnZW5jZSAoQVNJKTwvaDE-PGgxPldBSVQhPC9oMT4&n3pc=true

Request Chain 68

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701391511/?random=1556508758&cv=11&fst=1722304864152&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9178943451z8832065994za201zb832065994&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&npa=0&pscdl=noapi&auid=1531053847.1722304864&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChEI8PuctQYQ_ICHgauMz4DbARIdAG__P4b6OfUJcEJBmzw4uk-ZfvFWYyK1mkegwnc&pscrd=IhMIj6GDzdXNhwMVIlNHAR0eAA0GMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOt8FaHR0cHM6Ly9wcm8ubWFud2FyZHByZXNzLmNvbS9wL0RBUktUTzEyOTJZUkRTTUxBL0VNV0w0N0NELz9ic2Z0X2FhaWQ9NzgyZmI0MGItNzU4NS00Y2IyLWIzNDItNWU2YmI2MTE0NTg5JmJzZnRfZWlkPTc5NDc1OWQ2LTU5ZTItNTg3Yi1hNWVkLTdiMGE5ZjAxZGNjNiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Ymx1ZXNoaWZ0JmJzZnRfY2xraWQ9MmNkZGU5OTMtZWNiMi00ZDYzLTk1NzItMDE2N2RmYzhmMmI0JmJzZnRfdWlkPTczODViMWNkLWI3OGUtNGRkYi05ZjUzLWEyMmNiOGNlMDcxOCZic2Z0X21pZD1jNjdlOTI3MC0xYTQ5LTQxMDQtYmRiNi0zZjM5ODg0MjQwY2ImYnNmdF90eG5pZD05ZDdkMGE3Ni0wNjA3LTQ3MWQtOTE5NC0wZDhiMmE4YWQxNjkmYnNmdF91dGlkPTczODViMWNkLWI3OGUtNGRkYi05ZjUzLWEyMmNiOGNlMDcxOC1XUkRFRCZic2Z0X21pbWVfdHlwZT10ZXh0JmJzZnRfZWs9MjAyNC0wNy0yOVQxOCUzQTE1JTNBMDhaJmJzZnRfbHg9MiUyOS4uLiZic2Z0X3R2PTUmcGs9YjUwOWUxNGM5YjQ2OTU5ZGViYzIxYmQ2NDJlYjNmMDAmdXRtX2NhbXBhaWduPTIwMjQwNzI5X1dSREVEX01XTF9EQVJLX0ElMkZCX01URF9TRUFTT05fVUxUUkFfR1JFRU4mdmlkMj1mMmFlMmMyNWU0ZGUzNmI2ODg1NDQyZjAzNmRlZjkyODcyMTMxYzA5NmNkZDI4Yjk5M2FjOTk3OGRlMDBmN2FlYmY3MTExMDM4YmU1NDA0NzcwODU4ZGVlZmQ4MzA3MTImbGlzdENvZGU9V1JERUQmaD10cnVl HTTP 302
https://www.google.com/pagead/1p-conversion/701391511/?random=1556508758&cv=11&fst=1722304864152&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9178943451z8832065994za201zb832065994&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&npa=0&pscdl=noapi&auid=1531053847.1722304864&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIj6GDzdXNhwMVIlNHAR0eAA0GMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOt8FaHR0cHM6Ly9wcm8ubWFud2FyZHByZXNzLmNvbS9wL0RBUktUTzEyOTJZUkRTTUxBL0VNV0w0N0NELz9ic2Z0X2FhaWQ9NzgyZmI0MGItNzU4NS00Y2IyLWIzNDItNWU2YmI2MTE0NTg5JmJzZnRfZWlkPTc5NDc1OWQ2LTU5ZTItNTg3Yi1hNWVkLTdiMGE5ZjAxZGNjNiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Ymx1ZXNoaWZ0JmJzZnRfY2xraWQ9MmNkZGU5OTMtZWNiMi00ZDYzLTk1NzItMDE2N2RmYzhmMmI0JmJzZnRfdWlkPTczODViMWNkLWI3OGUtNGRkYi05ZjUzLWEyMmNiOGNlMDcxOCZic2Z0X21pZD1jNjdlOTI3MC0xYTQ5LTQxMDQtYmRiNi0zZjM5ODg0MjQwY2ImYnNmdF90eG5pZD05ZDdkMGE3Ni0wNjA3LTQ3MWQtOTE5NC0wZDhiMmE4YWQxNjkmYnNmdF91dGlkPTczODViMWNkLWI3OGUtNGRkYi05ZjUzLWEyMmNiOGNlMDcxOC1XUkRFRCZic2Z0X21pbWVfdHlwZT10ZXh0JmJzZnRfZWs9MjAyNC0wNy0yOVQxOCUzQTE1JTNBMDhaJmJzZnRfbHg9MiUyOS4uLiZic2Z0X3R2PTUmcGs9YjUwOWUxNGM5YjQ2OTU5ZGViYzIxYmQ2NDJlYjNmMDAmdXRtX2NhbXBhaWduPTIwMjQwNzI5X1dSREVEX01XTF9EQVJLX0ElMkZCX01URF9TRUFTT05fVUxUUkFfR1JFRU4mdmlkMj1mMmFlMmMyNWU0ZGUzNmI2ODg1NDQyZjAzNmRlZjkyODcyMTMxYzA5NmNkZDI4Yjk5M2FjOTk3OGRlMDBmN2FlYmY3MTExMDM4YmU1NDA0NzcwODU4ZGVlZmQ4MzA3MTImbGlzdENvZGU9V1JERUQmaD10cnVl&is_vtc=1&cid=CAQSKQDaQooLgpC_bgb-1u_ZaEr_eRgw0fDeBdNuLdtMpytHqqtFJFlOkFnB&eitems=ChEI8PuctQYQ_ICHgauMz4DbARIdAG__P4ZNsXFwdA5gZMjz8mFtYkXClXKXlaMVryw&random=812454953 HTTP 302
https://www.google.ca/pagead/1p-conversion/701391511/?random=1556508758&cv=11&fst=1722304864152&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9178943451z8832065994za201zb832065994&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&npa=0&pscdl=noapi&auid=1531053847.1722304864&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIj6GDzdXNhwMVIlNHAR0eAA0GMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOt8FaHR0cHM6Ly9wcm8ubWFud2FyZHByZXNzLmNvbS9wL0RBUktUTzEyOTJZUkRTTUxBL0VNV0w0N0NELz9ic2Z0X2FhaWQ9NzgyZmI0MGItNzU4NS00Y2IyLWIzNDItNWU2YmI2MTE0NTg5JmJzZnRfZWlkPTc5NDc1OWQ2LTU5ZTItNTg3Yi1hNWVkLTdiMGE5ZjAxZGNjNiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Ymx1ZXNoaWZ0JmJzZnRfY2xraWQ9MmNkZGU5OTMtZWNiMi00ZDYzLTk1NzItMDE2N2RmYzhmMmI0JmJzZnRfdWlkPTczODViMWNkLWI3OGUtNGRkYi05ZjUzLWEyMmNiOGNlMDcxOCZic2Z0X21pZD1jNjdlOTI3MC0xYTQ5LTQxMDQtYmRiNi0zZjM5ODg0MjQwY2ImYnNmdF90eG5pZD05ZDdkMGE3Ni0wNjA3LTQ3MWQtOTE5NC0wZDhiMmE4YWQxNjkmYnNmdF91dGlkPTczODViMWNkLWI3OGUtNGRkYi05ZjUzLWEyMmNiOGNlMDcxOC1XUkRFRCZic2Z0X21pbWVfdHlwZT10ZXh0JmJzZnRfZWs9MjAyNC0wNy0yOVQxOCUzQTE1JTNBMDhaJmJzZnRfbHg9MiUyOS4uLiZic2Z0X3R2PTUmcGs9YjUwOWUxNGM5YjQ2OTU5ZGViYzIxYmQ2NDJlYjNmMDAmdXRtX2NhbXBhaWduPTIwMjQwNzI5X1dSREVEX01XTF9EQVJLX0ElMkZCX01URF9TRUFTT05fVUxUUkFfR1JFRU4mdmlkMj1mMmFlMmMyNWU0ZGUzNmI2ODg1NDQyZjAzNmRlZjkyODcyMTMxYzA5NmNkZDI4Yjk5M2FjOTk3OGRlMDBmN2FlYmY3MTExMDM4YmU1NDA0NzcwODU4ZGVlZmQ4MzA3MTImbGlzdENvZGU9V1JERUQmaD10cnVl&is_vtc=1&cid=CAQSKQDaQooLgpC_bgb-1u_ZaEr_eRgw0fDeBdNuLdtMpytHqqtFJFlOkFnB&eitems=ChEI8PuctQYQ_ICHgauMz4DbARIdAG__P4ZNsXFwdA5gZMjz8mFtYkXClXKXlaMVryw&random=812454953&ipr=y

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/
Redirect Chain

https://events-c.mb.wealthyretirement.com/z/s80dt17t0pok04?uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&mid=c67e9270-1a49-4104-bdb6-3f39884240cb&utid=7385b1cd...
https://pro.manwardpress.com/m/2344062?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d...
https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_cl...

79 KB
36 KB

148ms
148ms

Document
text/html

192.135.136.168
14WEST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.168 , United States, ASN11372 (14WEST-AS, US),

Reverse DNS

Software

Resource Hash

bbe88376a0d76a85616d21118d6d8193e9acb81c680f888de947cdfb0a81a385

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 36493
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Jul 2024 02:01:02 GMT
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding

Redirect headers

Cache-Control: private
Content-Length: 920
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Jul 2024 02:01:02 GMT
Location: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Strict-Transport-Security: max-age=63072000; includeSubDomains

GET
H/1.1 200
OK all.js Show response
portrait-tracker.s3.amazonaws.com/ 38 KB
38 KB 178ms
62ms Script
application/javascript 3.5.28.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/all.js
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.28.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 265deb8f5652d0b0c73ea7f0ba373f2888b3714d72eb082acebd696d823eb1c1

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 02:01:03 GMT
x-amz-version-id: PmfHIk78hs_Ksx6YKNhGhYgbWXmvm9bE
Last-Modified: Mon, 22 Jul 2024 18:07:17 GMT
Server: AmazonS3
x-amz-request-id: G3688ZGJ99HZ5DJS
ETag: "dd4b426911997ec6cf42e1edb428102d"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 38887
x-amz-id-2: NlqrlJDynFRaAED7UJ6a6KtfsyMlDgSa7QZKDnWLOUiheDcc+8b3bxMQG4jCl0r3pcLg8t6hwKBhiKS48pjUQmiUD9Kpj+NfGEjYQm0faEU=

GET
H/1.1 200
OK Common.js Show response
pro.manwardpress.com/p/Scripts/ 2 KB
1 KB 74ms
43ms Script
application/javascript 192.135.136.168
14WEST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.manwardpress.com/p/Scripts/Common.js

Requested by

Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.168 , United States, ASN11372 (14WEST-AS, US),

Reverse DNS

Software

Resource Hash

86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 02:01:02 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
ETag: "a37f814e34bed91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 1140

GET
H/1.1 200
OK HideContent.js Show response
pro.manwardpress.com/p/Scripts/ 724 B
857 B 118ms
43ms Script
application/javascript 192.135.136.168
14WEST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.manwardpress.com/p/Scripts/HideContent.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.168 , United States, ASN11372 (14WEST-AS, US),

Reverse DNS

Software

Resource Hash

809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 02:01:02 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
ETag: "bbcd814e34bed91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 466

GET
H2 200 css2
fonts.googleapis.com/ 46 KB
2 KB 197ms
93ms Stylesheet
text/css 173.194.207.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f95.1e100.net

Software

ESF /

Resource Hash

789b45b86a6101797872c6f0c04dff9e712d44a717af0584cdb2506ffd87d5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 02:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 02:01:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jul 2024 02:01:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
2 KB 164ms
60ms Stylesheet
text/css 173.194.207.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f95.1e100.net

Software

ESF /

Resource Hash

b92bf92042029aa55a2247b67dc1bc8ec5878e170e35b27814c995175fd4302c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 02:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 02:01:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jul 2024 02:01:02 GMT

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
28 KB 71ms
38ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Origin: https://pro.manwardpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1067
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7825381
cdn-cachedat: 03/18/2024 12:06:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"3afe15e976734d9daac26310110c4594"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: dc20bc23e7bb5f9d3bc895e80240c379
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8ab1c22fbccda21d-YYZ
cdn-requestpullsuccess: True

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/ 70 KB
5 KB 68ms
35ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/animate.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 460552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Thu, 07 May 2020 16:26:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb436a8-11848"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZl4lpFCXkZqEKHe%2B1B7aX75QUl0p%2FvncHUj23nxBUwrsPL3Eayx7IDQg9au36lnYBeIjKuSHd0HChUNpSMTV9wNJkKzxLQTjWdhTIpqwfwhFn5HHw1kSYgYsfcy0hrKAI7TEOAT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab1c22fbe5cab75-YYZ
expires: Sun, 20 Jul 2025 02:01:02 GMT

GET
H/1.1 200
OK styles-light.css
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/ 28 KB
28 KB 195ms
80ms Stylesheet
text/css 54.231.232.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles-light.css
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.232.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 76f1e74b479a581e026a28af840a4fc32122ac5980b82632623ae7fcc879cbd1

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 02:01:03 GMT
x-amz-version-id: Dfa1hRKb_TY07QbKej8bHnALqr8eiyCQ
Last-Modified: Thu, 08 Feb 2024 15:08:25 GMT
Server: AmazonS3
x-amz-request-id: G369XY675C9Z3V8V
ETag: "f5231267e73a75f99f0bc7980dd2af1e"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 28290
x-amz-id-2: OJAhf5RwL3qo2EgnxUKhBCWP+d6R5dgwCjgjCcFwuhR6pn9tB7TvjfbqG8xD7+Hm7HeoEjKEehs=

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 79ms
25ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Origin: https://pro.manwardpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1613006
x-cache: HIT, HIT
content-length: 30288
x-served-by: cache-lga13622-LGA, cache-yyz4560-YYZ
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1722304863.696444,VS0,VE0
etag: W/"28feccc0-1538f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 41, 19130

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 792 KB
134 KB 111ms
26ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

25b936bb552cacec6c67d608fc6b937affbbfa36f99b8551277e6d163f72e43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:02 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 619
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 137007
x-served-by: cache-iad-kjyo7100112-IAD, cache-yyz4528-YYZ
x-browser-version: 127
last-modified: Mon, 29 Jul 2024 15:49:52 GMT
server: AmazonS3
x-timer: S1722304863.966277,VS0,VE0
etag: "62f82fba6273c4e6527d84f923e20dd3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: d13aa49c86227e9f5fe259e43ebca34cba03147e
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29, 50

GET
H/1.1 200
OK asi-profit-and-protect-ipad.png
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/OF/ 227 KB
228 KB 153ms
66ms Image
image/png 54.231.232.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/OF/asi-profit-and-protect-ipad.png
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.232.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 66d056fc5eec74ee8809f641e63cd1fc2ce993807f56060fb54295aedbe93eb6

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 02:01:03 GMT
x-amz-version-id: UKHR_rSfd1Jp9XcsrMHwhadqLc4Geqsh
Last-Modified: Mon, 06 Nov 2023 17:17:43 GMT
Server: AmazonS3
x-amz-request-id: G36FHTMP0FQKX7SC
ETag: "346f2e0aa4ffdc608e5c78eb20e57035"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 232844
x-amz-id-2: EHjKWVaLDVeov/22jSyFVEueql+jWsHkoDwJjgBbpVXSUy3HPQY94ewqCxcshyPUJy8kbShGk7k=

GET
H/1.1 200
OK promo.js Show response
portrait-tracker.s3.amazonaws.com/ 25 KB
26 KB 148ms
59ms Script
application/javascript 3.5.28.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/promo.js
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.28.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b8045007a32445a83e59d46d1e8237fb3a7a4bd62d3cfdd943ca853ba86e2b2

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 02:01:03 GMT
x-amz-version-id: Ea8sPnxc0hvQZiplzrNDZ20cACmxzdAR
Last-Modified: Mon, 18 Mar 2024 16:37:29 GMT
Server: AmazonS3
x-amz-request-id: G365HV6AHHGDSNV7
ETag: "968945799d89c26299a62dc0339bde67"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 25710
x-amz-id-2: at7NRwFC5qlta0a3owOQHKaH+VFhWuoSWiHebu84y0AC2eqynmMeiCXYdSe5qV4uy+nNR3mLCc4d8fbwlsozmvzMmGNRFJHYZLP+a+ziRh4=

GET
H/1.1 200
OK blueshift.js Show response
cdn.getblueshift.com/ 7 KB
3 KB 184ms
98ms Script
application/javascript 18.238.80.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getblueshift.com/blueshift.js
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-116.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3686979a3c00af4661870439cf2c0909c51289b8b201d7efa8586d38e9b388bd

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 01:19:43 GMT
Content-Encoding: gzip
Via: 1.1 3235d194bb862aa113227c9680bce62c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK52-P5
Age: 2481
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2839
Last-Modified: Tue, 16 Jul 2024 05:13:29 GMT
Server: AmazonS3
ETag: "e3a3db7988c613839a650818f099fbad"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Accept-Ranges: bytes
X-Amz-Cf-Id: 757KI4nvq_bgG7xfyhNkMqe_byGdvJUbcwubRZuDvRNwqz4lrOkrpg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 364 KB
109 KB 171ms
68ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4e3bdca19d97e79df53f375b588ee49911a6682bf5673bbbc4dff4afd8571cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110874
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 00:16:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 02:01:03 GMT

GET
H2 200 nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
19 KB 228ms
123ms Font
font/woff2 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pro.manwardpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 17:35:32 GMT
x-content-type-options: nosniff
age: 462331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19388
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:53:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jul 2025 17:35:32 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 34 KB
34 KB 208ms
104ms Font
font/woff2 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pro.manwardpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 03:11:29 GMT
x-content-type-options: nosniff
age: 514174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34328
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jul 2025 03:11:29 GMT

GET
H2 200 nKKX-Go6G5tXcraQKwKAcA.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
20 KB 208ms
103ms Font
font/woff2 173.194.204.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKX-Go6G5tXcraQKwKAcA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f94.1e100.net

Software

sffe /

Resource Hash

864cc08aa6c75c74cf8488a6829c00117d583ddb54c0b39f96b4499ce3b4e9d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pro.manwardpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 23:38:18 GMT
x-content-type-options: nosniff
age: 440565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19916
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:54:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jul 2025 23:38:18 GMT

GET
H2 200 jupsr1090a.json Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 86ms
34ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/jupsr1090a.json

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2dd5dba8a1943628368ae291416da3b80f252b93ec6d02c51b5274cca2f4a3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 80002
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 51
content-length: 1668
x-request-id: 3149b8dc-e236-455e-8c7e-879ece3068f9
x-served-by: cache-iad-kjyo7100109-IAD, cache-yyz4552-YYZ
x-runtime: 0.049837
x-browser-version: 127
server: envoy
x-timer: S1722304863.241154,VS0,VE1
etag: W/"2dd5dba8a1943628368ae291416da3b8"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: lMUVh36eW_N7_VjHHS5f7ojx2CCvXvW1ixol_m7L7WsgPz4Gvq4c5Q==
x-cache-hits: 32, 0

GET
H/1.1 200
OK index.html
portrait-tracker.s3.amazonaws.com/ Frame 0059 0
0 169ms
83ms Document
text/html 3.5.19.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://portrait-tracker.s3.amazonaws.com/index.html
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.19.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Length: 2371
Content-Type: text/html
Date: Tue, 30 Jul 2024 02:01:04 GMT
ETag: "c029f674b13b082e9a03b16217c3f576"
Last-Modified: Wed, 03 Nov 2021 21:10:09 GMT
Server: AmazonS3
x-amz-id-2: r8KIUrXiyFC3/3RicRyiwthB6QfdI8unh3CGgp/I8QOjwvCES8Ju0jovaPO4bPiRki2FvtInJSdEN7Y0psboUA==
x-amz-request-id: VJXM3WYFBWJ083DV
x-amz-version-id: X1zblgbOV1d.Qkc55AyQidmgNGbabuW5

GET
H2 200 ef6d1743f95d45b58afe30918ade93ca.webp
embed-ssl.wistia.com/deliveries/ 36 KB
37 KB 188ms
47ms Image
image/webp 13.226.34.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/ef6d1743f95d45b58afe30918ade93ca.webp?image_crop_resized=1280x720
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-31.ewr53.r.cloudfront.net
Software: envoy /
Resource Hash: bc057a4ddb102ddf9a6ca8495830fc21e9a68502568956e0c416348145f7e077

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 15:39:59 GMT
access-control-request-method: *
via: 1.1 58138fe3ecbee18734b57632af81590a.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: EWR53-C2
age: 123664
edge-cache-tag: ef6d1743f95d45b58afe30918ade93ca
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 270
content-disposition: inline
surrogate-key: ef6d1743f95d45b58afe30918ade93ca thumbnail-delivery
last-modified: Wed, 08 Nov 2023 05:14:52 UTC
server: envoy
etag: FeAz6PM7B5JMI3EKzOF3WTHC1xU=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: wkZLR91pyIiWM4dLSd4dVBum0dI9CGNMWpEeKbNUlHHHVQDZ28KZQQ==

OPTIONS
H2 200 GetBlueshiftUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 199ms
112ms Preflight
application/json 108.138.128.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetBlueshiftUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-48.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pro.manwardpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Tue, 30 Jul 2024 02:01:03 GMT
via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
x-amz-apigw-id: btBm_FgIoAMErLw=
x-amz-cf-id: sVbf09kDIBxVt5yRGM0HGTXwiOZ7-5T2up89-rrUr5y_6yaU7b6Etw==
x-amz-cf-pop: JFK50-P4
x-amzn-requestid: eb9cbd06-adcb-4d6b-aa71-a49fdb6a20c3
x-cache: Miss from cloudfront

POST
H2 200 GetBlueshiftUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 8 KB
9 KB 347ms
345ms XHR
application/json 108.138.128.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetBlueshiftUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-48.jfk50.r.cloudfront.net
Software: /
Resource Hash: 48d88bf733095added29fb6682799ac2f0ffabe5e66f6cfe73e88468c724d260

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jul 2024 02:01:03 GMT
via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
x-amzn-trace-id: Root=1-66a8495f-18f02d5121eab414326b4792;Parent=415ea8eaf8a3306b;Sampled=0;lineage=1b8d1031:0
x-amzn-requestid: ced3215c-d577-49aa-b44f-632c4c7dc330
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: btBm_F1lIAMEqhQ=
content-length: 8541
x-amz-cf-id: KWLuoypRTQyQQe516ucJNMKLxduyitRlzWiqAbVquTNVlhFdzT56zA==

GET
H/1.1 200
OK EMWL47CD Show response
pro.manwardpress.com/p/effortattributes/extractEffortattributes/ 702 B
991 B 62ms
62ms XHR
application/json 192.135.136.168
14WEST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.manwardpress.com/p/effortattributes/extractEffortattributes/EMWL47CD

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.168 , United States, ASN11372 (14WEST-AS, US),

Reverse DNS

Software

Resource Hash

454fe3d6a7491066359ed831478843356388a37795b64332cab14caa64eedf7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Jul 2024 02:01:03 GMT
Cache-Control: private
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Length: 702
Content-Type: application/json; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
104 KB 61ms
60ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d1820d86bf2b855eb2e3c9ca6b4380a7bf0176e212fbd7cf194f2cb85632d0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jul 2024 02:01:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 156ms
51ms Script
text/javascript 173.194.204.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jul 2024 00:22:32 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5911
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Jul 2024 02:22:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 319 KB
93 KB 182ms
182ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

dbaba64ca2f7e853bf61afcd776e02e1fe12584c9b89c431c98c9ebcbda951f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95283
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 00:16:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 02:01:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 241 KB
86 KB 180ms
180ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

8821e58177f6c45a0f2906ed5d3efdc244ed566d7bf4df8fa849427b474bc698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88167
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 00:16:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 02:01:03 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 306ms
58ms Script
application/javascript 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 30 Jul 2024 02:01:03 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3B45EABA6AB46D6948C7C9F6BD4C47B Ref B: YTO01EDGE0810 Ref C: 2024-07-30T02:01:03Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H/1.1 200
OK lytics-styles.css
s3.amazonaws.com/assets.oxfordclub.com/css/global/ 453 KB
453 KB 70ms
69ms Stylesheet
text/css 54.231.232.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.232.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fb5973bab3d2f9b273214c50bd9e04c484c6d1bfa3c66f3cb6dab2d9df4b8f5b

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 02:01:04 GMT
x-amz-version-id: A94jlIGWzy84f6DBQZoR7rud9Y4p1cL3
Last-Modified: Mon, 29 Jul 2024 18:05:24 GMT
Server: AmazonS3
x-amz-request-id: VJXZYGT1G2V1WH6K
ETag: "d5de28856a76454e8d6aaee29ca2419f"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 463566
x-amz-id-2: tILfVsV0gVy4FFUz/m9vG99Fwz+j7VEe+3CPgjy+M5IM03vEOOC/qZvvLCdMRgteAITYm56oaG0=

GET
H2 200 hotjar-925909.js Show response
static.hotjar.com/c/ 11 KB
5 KB 125ms
41ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-925909.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

4e886f0bfa032b6abb1a7411c9be27ccf1c0a604d73f4a678b3cd2848fcfd50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:00:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 49
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/00649c1c5578a2f5ece2cc4b6f2ac74e
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: UZJb46tK-XcXIOgTI6ThPH3CM8wWv4moIZTdovIaxi3oNijzZ-DMFg==

GET
H2 200 modules.6c69b5997f314810cfe8.js Show response
script.hotjar.com/ 223 KB
56 KB 168ms
84ms Script
application/javascript 18.164.96.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6c69b5997f314810cfe8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-925909.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-87.jfk50.r.cloudfront.net

Software

Resource Hash

228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3b0649a8bee506c1d7498462d39e6c44.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 577196
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56293
last-modified: Tue, 23 Jul 2024 09:40:30 GMT
etag: "30c513084f4759247a82ab90e6ffe4cb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 1pMbQ9pKJN6CHNMNJ_xBlmrfhmvQOdOq3fcnnjZ-lwUoI6p8oO69xA==

POST
H2 204 collect
analytics.google.com/g/ 0
0 126ms
49ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je47t0v9106739609z8813057436za200zb813057436&_p=1722304862857&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=239924812.1722304864&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722304863&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&dt=Manward%20Press&en=page_view&_fv=1&_nsi=1&_ss=1&ep.promocode=EMWL47CD&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=E%20-%20Internal%20Email&ep.placement_name=Dedicated&ep.acquisition_method=UI%20-%20Web%2FEmail%20Promo%20Internal&ep.list_name=WRDED&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkAltLPTO199AltLTAltFunnel2%20(Video)&ep.iris_page_1=DarkAltLPTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&tfd=1922
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pro.manwardpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 157ms
51ms Ping
text/plain 172.217.222.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BBMPM3EJHQ&cid=239924812.1722304864&gtm=45je47t0v9106739609z8813057436za200zb813057436&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.222.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qi-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pro.manwardpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 543ms
487ms Image
image/gif 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BBMPM3EJHQ&cid=239924812.1722304864&gtm=45je47t0v9106739609z8813057436za200zb813057436&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753&tag_exp=95250753&z=1480584314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 102ms
51ms XHR
text/plain 172.217.222.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-148998105-6&cid=b2a0626e-50c2-40c8-ab3f-acaa67697cd1&jid=1112428632&gjid=619673190&_gid=1003624494.1722304864&_u=YKAAgAABAAAAAEAAIE~&z=225412568

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jul 2024 02:01:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pro.manwardpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 52ms
50ms Image
image/gif 173.194.204.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1435702868&t=pageview&_s=1&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&ul=en-ca&de=UTF-8&dt=Manward%20Press&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YKAAgAABAAAAAAAAIE~&jid=1112428632&gjid=619673190&cid=b2a0626e-50c2-40c8-ab3f-acaa67697cd1&tid=UA-148998105-6&_gid=1003624494.1722304864&gtm=45He47t0n81KTM4C7Cv813057436za200&cd1=EMWL47CD&cd2=1722304862855&cd3=large&cd5=b2a0626e-50c2-40c8-ab3f-acaa67697cd1&cd6=_2mu77t39eb2&cd7=MWL%20Dark&cd8=E%20-%20Internal%20Email&cd9=Dedicated&cd10=UI%20-%20Web%2FEmail%20Promo%20Internal&cd11=WRDED&cd12=Subscription&cd13=promo%20page&cd14=DarkAltLPTO199AltLTAltFunnel2%20(Video)&cd16=DarkAltLPTO49%20(Video)&cd17=video&cd18=Dedicated&cd19=MWL&cd20=FrontEnd&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&z=1799539684

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 12:20:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49254
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 238 KB
84 KB 62ms
62ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-665056240&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

347e2dcf6758c47ae0d79812e7e6717a6ecab078a8d0c7e9e0acc53d1ed60771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86424
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 00:16:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 02:01:03 GMT

GET
H2 200 hotjar-925834.js Show response
static.hotjar.com/c/ 11 KB
5 KB 57ms
57ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-925834.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

0ce7f12375d3468057558db1d985db610631e4712329dc5301bb00de0859c5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 30 Jul 2024 02:01:03 GMT
via: 1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 10
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/bc1eb855edaab340e56dd606edcc8612
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 5K0agetKQf2cxxnSnTE1-1pwVpgUm3-SomII4aAj9qkzNX1wm1IjKg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 130ms
44ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 02:01:03 GMT
document-policy: force-load-at-top
x-fb-server-load: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1316, tbw=2768, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: l+sHx1NrV4Jku0bmWaN8VDogYLrhPOG5m8sbiHPlnOk/SNTLPAqaj2BfagqMwrc37ul3adDu2/SPstrs9F6cIQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
7 KB 120ms
37ms Script
application/javascript 69.147.65.251
YAHOO-CHA

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.147.65.251 , United States, ASN14196 (YAHOO-CHA, US),

Reverse DNS

e1-bmr.ycpi.cha.yahoo.com

Software

ATS /

Resource Hash

6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Tue, 30 Jul 2024 01:50:23 GMT
x-amz-version-id: VxrPrcbofk65n9ysSCXrclM5xFIYS2A5
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 2JYVMRH2J7NKJNXK
age: 641
x-amz-server-side-encryption: AES256
content-length: 6672
x-amz-id-2: IAcMwVX0jDyDIZ3Ev98SM4HYEf5hZ8/GjgTc2kBHL6lpb0E839wr1KE6kGQzfEBMgJpNtPRHjytD9tifeOHNaxCdhhp7X9bLQxC/0l6iP3Q=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 15 Aug 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 10 Jul 2024 13:59:59 GMT
server: ATS
etag: "b4dc8f0803272db7e9c028b882573ba1-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 a-03e6.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 175ms
39ms Script
application/javascript 108.139.47.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-03e6.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-120.jfk50.r.cloudfront.net
Software: /
Resource Hash: db7084473b5620188c4839453b5628a982526ce58d91ed8d0ff3fb5aef513310

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 14:29:59 GMT
content-encoding: gzip
via: 1.1 5b4b6c6517b988a4ff2c794e5583ee02.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 41464
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: 3O7BhBKvPcnRTkjs1313lyQ8pCvBAuJEN7dx3FOU-t50VWYOnG1U4Q==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 78ms
78ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-701391511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7738c6bb791826a771add3ca3f6d7cb68502906a8342b7955b43dd84e8cd7ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92964
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 00:16:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 02:01:03 GMT

GET
H2 200 analytics.js Show response
c.pmsrv.co/v1/ 10 KB
3 KB 480ms
40ms Script
text/javascript 13.35.93.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-4.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 4f2d67f554fdc058d41f8b62af5f31f2794c4253647b3e327c8dfc7cc7ed436b

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 00:03:41 GMT
content-encoding: br
via: 1.1 c456cd1dcda544d97e59ee05afbea4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 7043
x-powered-by: Express
etag: W/"260a-0ti1LKcOFAjKF+aS9gUUhwQqEFE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
x-amz-cf-id: aOrXhbYP1udtFcjT2bLijrRGFqqjdnkT-zYYS9_b2sakWMAafRiVfA==
expires: -1

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 123ms
26ms Script
application/javascript 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:03 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 158ms
39ms Script
application/javascript 146.75.80.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.80.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000023-IAD, cache-chi-klot8100044-CHI

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 51ms
51ms Script
text/javascript 173.194.204.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f100.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 01:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Jul 2024 02:09:35 GMT

GET
H2 200 15322609.js Show response
bat.bing.com/p/action/ 334 B
406 B 59ms
59ms Script
application/javascript 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/15322609.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 30 Jul 2024 02:01:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 13EAE2D35C6840A69069F87A1EA81C5E Ref B: YTO01EDGE0810 Ref C: 2024-07-30T02:01:03Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 200 405446.json Show response
s.yimg.com/wi/config/ 2 B
484 B 113ms
37ms XHR
application/json 69.147.65.251
YAHOO-CHA

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/405446.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.147.65.251 , United States, ASN14196 (YAHOO-CHA, US),

Reverse DNS

e1-bmr.ycpi.cha.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Tue, 30 Jul 2024 01:19:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: KAEAQYD4YPNS74HT
age: 2523
content-length: 2
x-amz-id-2: H1QS2896OnOsPXfOg2parWYAnlR6UywbrzywCfGhgrwNqiN+pkkw0axM/SjhHKQqPRiYQk5X8PsMzdrU8QfEr6UR1Moy9LQf
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

OPTIONS
H2 200 GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 0
0 50ms
49ms Preflight
application/json 108.138.128.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-48.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pro.manwardpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 3
content-type: application/json
date: Tue, 30 Jul 2024 02:01:04 GMT
via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
x-amz-apigw-id: btBnDF-woAMEdIQ=
x-amz-cf-id: gn_StPPlWEKcPPr-wVlwfjW1mhVut5Ob-gm7mdiIt-ZsWBttHDg_lA==
x-amz-cf-pop: JFK50-P4
x-amzn-requestid: c64f4e7d-f0a9-417a-8bc8-3e525a30fa69
x-cache: Miss from cloudfront

POST
H2 200 GetLyticsUserData Show response
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 47 KB
48 KB 230ms
229ms XHR
application/json 108.138.128.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Requested by: Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-48.jfk50.r.cloudfront.net
Software: /
Resource Hash: 8a6ca1e9c6851c9380cdd6c5d6e374570986dc46c7cc80ccf371f8a3a89947da

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
x-amzn-trace-id: Root=1-66a84960-1b271a5b77118bcb2bcdb569;Parent=3f1a3340abb644bb;Sampled=0;lineage=17be0e8a:0
x-amzn-requestid: 8092e2fd-ebd3-45ee-b72f-4feb07856673
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: btBnDGjiIAMEeYw=
content-length: 48438
x-amz-cf-id: J2V0dn9uN70m4m_MhycE7FQcRaLJEuwyhEdquSaQ8k61Umi66D_PCg==

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_ej6rqnb0/ 3 B
124 B 148ms
49ms XHR
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_ej6rqnb0/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_ej6rqnb0_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 89ms
36ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_ej6rqnb0_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 124ms
26ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1722304864010&id=t2_ej6rqnb0&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=16560459-38a9-4571-8ffe-7318af291a93&aaid=0000000000000000000000000000000000000000000000000000000000000001&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/665056240/ 4 KB
2 KB 162ms
61ms Script
text/javascript 173.194.207.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/665056240/?random=1722304864025&cv=11&fst=1722304864025&bg=ffffff&guid=ON&async=1&gtm=45be47t0za201&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk&label=H5lgCLKD4sgBEPDnj70C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&npa=0&pscdl=noapi&auid=1531053847.1722304864&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-665056240&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.207.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f154.1e100.net

Software

cafe /

Resource Hash

35da92a11fcd1a050eec27305efae18b011b3f9cfb2c0d84794b88d1ce7b4abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1713
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
358 B 58ms
57ms Image
text/plain 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=15322609&Ver=2&mid=26becb8d-8148-4e6c-b599-12c1ca50e1ff&sid=93aa61204e1711efa08a3dc86d7bbd70&vid=93aa79204e1711ef9e6d8facad0fee87&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Manward%20Press&p=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&r=&lt=1063&evt=pageLoad&sv=1&cdb=AQAQ&rn=480668

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jul 2024 02:01:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CB3B2C45D1124AC685EB24C6520D1C2B Ref B: YTO01EDGE0810 Ref C: 2024-07-30T02:01:04Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 272ms
145ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b09af0a8-4590-4d95-a222-9097e51aa084&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3ce8263b-2863-44f3-b939-6e0685f3f234&tw_document_href=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&tw_iframe_status=0&txn_id=omubx&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 81
date: Tue, 30 Jul 2024 02:01:04 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 931ff12b8387334b
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 64e0981182710a9a674c714c57177732c441a4dbe5f0ee8325e4d32b882e3b5d
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 203ms
67ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b09af0a8-4590-4d95-a222-9097e51aa084&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3ce8263b-2863-44f3-b939-6e0685f3f234&tw_document_href=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&tw_iframe_status=0&txn_id=omubx&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Tue, 30 Jul 2024 02:01:03 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: dc42b3c721eff1f9
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 7015c4a5dff947ab667bdbe4650655fdbc5e0d3c036188ff5e617cefa5e4555a
content-length: 43

GET
H2 200 2144695142494790 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 45ms
45ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2144695142494790?v=2.9.162&r=stable&domain=pro.manwardpress.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

db53f5f275cb9892bf45b30a488646ba35e89ef2327586a482e1f289699d19b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 02:01:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12226
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=63, mss=1316, tbw=64172, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: THDatVRCUzKJDqy6cbPmAkIw8Inl99A2b6llxiDWqqVMYl26Z5IOL8xuq5hm+LCt4H5PQXgCYFgIJwOub3j2Zw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
669 B 142ms
48ms Image
image/gif 54.88.71.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2030%20Jul%202024%2002%3A01%3A04%20GMT&n=7d&b=Manward%20Press&.yp=405446&f=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&enc=UTF-8&yv=1.16.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.88.71.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-71-74.compute-1.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:04 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.121
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Jul 2024 02:01:04 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/701391511/ 4 KB
3 KB 119ms
65ms Script
text/javascript 172.217.222.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/701391511/?random=1722304864152&cv=11&fst=1722304864152&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9178943451z8832065994za201zb832065994&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1531053847.1722304864&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-701391511&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f154.1e100.net

Software

cafe /

Resource Hash

9e8068cccb5c366e0b6316ce83e926ddd60e420954a61f7931cc7fcb467cc841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2552
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2275199989273587 Show response
connect.facebook.net/signals/config/ 34 KB
7 KB 44ms
43ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2275199989273587?v=2.9.162&r=stable&domain=pro.manwardpress.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C223%2C157%2C113%2C129%2C117%2C146

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

86ede111b40921a43d3d77c0d5d21a19b747189bed9074a857bd6c77126cd3c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 02:01:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6943
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4345, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: ftc7OPv7FtRfuB95/+IwyjbmNVpHOrypbPKKhQdnkQN+816vvkLSxaCmpO4uwf/jNPR5Mc6/112QdU1KvZpFJQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 133ms
44ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2144695142494790&ev=PageView&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&rl=&if=false&ts=1722304864192&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722304864190.754392664777576085&ler=empty&cdl=API_unavailable&it=1722304864085&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2843, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:01:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 193ms
104ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2144695142494790&ev=PageView&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&rl=&if=false&ts=1722304864192&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722304864190.754392664777576085&ler=empty&cdl=API_unavailable&it=1722304864085&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 30 Jul 2024 02:01:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 47
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397243065010840531", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=16, mss=1316, tbw=3286, tp=-1, tpl=-1, uplat=58, ullat=0
pragma: no-cache
x-fb-debug: TCiEqDn7v1LSasOy8hpVW8fZDHtxCCzWtO4y5zmS9pc2MS/YWLkalNPI9FxHHnzxAk9fua4zZdZ7MZM5qRZyVQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397243065010840531"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/665056240/ 42 B
64 B 162ms
57ms Image
image/gif 173.194.204.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/665056240/?random=1722304864025&cv=11&fst=1722304800000&bg=ffffff&guid=ON&async=1&gtm=45be47t0za201&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk&label=H5lgCLKD4sgBEPDnj70C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&npa=0&pscdl=noapi&auid=1531053847.1722304864&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLP9BTiG7j_JlTcAADNG9e4uL4sljs-w&random=4167686232&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/665056240/ 42 B
64 B 59ms
58ms Image
image/gif 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/665056240/?random=1722304864025&cv=11&fst=1722304800000&bg=ffffff&guid=ON&async=1&gtm=45be47t0za201&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk&label=H5lgCLKD4sgBEPDnj70C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&npa=0&pscdl=noapi&auid=1531053847.1722304864&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLP9BTiG7j_JlTcAADNG9e4uL4sljs-w&random=4167686232&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 75ms
45ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2275199989273587&ev=PageView&dl=https%3A%2F%2Fpro.manwardpress.com&rl=&if=false&ts=1722304864249&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1722304864190.754392664777576085&ler=empty&cdl=API_unavailable&pm=1&hrl=71a3f5&it=1722304864085&coo=false&cs_cc=1&cas=8166847433345392%2C2335543143241576&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pro.manwardpress.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=3130, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:01:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 156ms
128ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2275199989273587&ev=PageView&dl=https%3A%2F%2Fpro.manwardpress.com&rl=&if=false&ts=1722304864249&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1722304864190.754392664777576085&ler=empty&cdl=API_unavailable&pm=1&hrl=71a3f5&it=1722304864085&coo=false&cs_cc=1&cas=8166847433345392%2C2335543143241576&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8da4f3ed1237eadb","source_keys":["1","2"]},{"key_piece":"0x0be99a65086e6ad0","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["24:7478079025558867","24:2481330741967331","24:2783562498405456","24:2851967058227634","7830:7478079025558867","7830:2481330741967331","7830:2783562498405456","7830:2851967058227634","10853:7478079025558867","10853:2481330741967331","10853:2783562498405456","10853:2851967058227634","41:7478079025558867","41:2481330741967331","41:2783562498405456","41:2851967058227634","8046:7478079025558867","8046:2481330741967331","8046:2783562498405456","8046:2851967058227634"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 30 Jul 2024 02:01:04 GMT
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397243066704383679", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=16, mss=1316, tbw=6577, tp=-1, tpl=-1, uplat=84, ullat=0
pragma: no-cache
x-fb-debug: AVxg5XHabsQn2MfN9aO1aMCdunuoxbB/h9qmxuq5MS5eOvlRRl4KJzwtWfokKOko+JFhVEepzhDD4xbqYNmC9w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397243066704383679"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

j Show response
rp.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1722304864256&aid=a-03e6&se=e30&duid=eb701cbdb086--01j40nx7vxn52dxrveh483fx83&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3F...
https://rp.liadm.com/j?dtstmp=1722304864256&aid=a-03e6&se=e30&duid=eb701cbdb086--01j40nx7vxn52dxrveh483fx83&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3F...

13 B
363 B

57ms
56ms

XHR
application/json

3.234.202.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp.liadm.com/j?dtstmp=1722304864256&aid=a-03e6&se=e30&duid=eb701cbdb086--01j40nx7vxn52dxrveh483fx83&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&wpn=lc-bundle&cd=.manwardpress.com&c=PHRpdGxlPk1hbndhcmQgUHJlc3M8L3RpdGxlPjx0aXRsZT5NYW53YXJkIFByZXNzPC90aXRsZT48aDEgY2xhc3M9ImhlYWRsaW5lIj5BcnRpZmljaWFsIFNVUEVSIEludGVsbGlnZW5jZSAoQVNJKTwvaDE-PGgxPldBSVQhPC9oMT4&n3pc=true
Protocol: H2
Server: 3.234.202.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-202-148.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
x-pixel-event-id: 1c05fe60-6426-466c-a5a7-880645845a2c
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://pro.manwardpress.com
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: /j?dtstmp=1722304864256&aid=a-03e6&se=e30&duid=eb701cbdb086--01j40nx7vxn52dxrveh483fx83&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&wpn=lc-bundle&cd=.manwardpress.com&c=PHRpdGxlPk1hbndhcmQgUHJlc3M8L3RpdGxlPjx0aXRsZT5NYW53YXJkIFByZXNzPC90aXRsZT48aDEgY2xhc3M9ImhlYWRsaW5lIj5BcnRpZmljaWFsIFNVUEVSIEludGVsbGlnZW5jZSAoQVNJKTwvaDE-PGgxPldBSVQhPC9oMT4&n3pc=true
access-control-allow-origin: https://pro.manwardpress.com
date: Tue, 30 Jul 2024 02:01:05 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H3

200

/
www.google.ca/pagead/1p-conversion/701391511/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701391511/?random=1556508758&cv=11&fst=1722304864152&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9178943451z8832065994za201zb832065994&gc...
https://www.google.com/pagead/1p-conversion/701391511/?random=1556508758&cv=11&fst=1722304864152&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9178943451z8832065994za201zb832065994&gcd=13l3l3l3l1&dma=0&ta...
https://www.google.ca/pagead/1p-conversion/701391511/?random=1556508758&cv=11&fst=1722304864152&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9178943451z8832065994za201zb832065994&gcd=13l3l3l3l1&dma=0&tag...

42 B
64 B

60ms
60ms

Image
image/gif

172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/701391511/?random=1556508758&cv=11&fst=1722304864152&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9178943451z8832065994za201zb832065994&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&npa=0&pscdl=noapi&auid=1531053847.1722304864&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIj6GDzdXNhwMVIlNHAR0eAA0GMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOt8FaHR0cHM6Ly9wcm8ubWFud2FyZHByZXNzLmNvbS9wL0RBUktUTzEyOTJZUkRTTUxBL0VNV0w0N0NELz9ic2Z0X2FhaWQ9NzgyZmI0MGItNzU4NS00Y2IyLWIzNDItNWU2YmI2MTE0NTg5JmJzZnRfZWlkPTc5NDc1OWQ2LTU5ZTItNTg3Yi1hNWVkLTdiMGE5ZjAxZGNjNiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Ymx1ZXNoaWZ0JmJzZnRfY2xraWQ9MmNkZGU5OTMtZWNiMi00ZDYzLTk1NzItMDE2N2RmYzhmMmI0JmJzZnRfdWlkPTczODViMWNkLWI3OGUtNGRkYi05ZjUzLWEyMmNiOGNlMDcxOCZic2Z0X21pZD1jNjdlOTI3MC0xYTQ5LTQxMDQtYmRiNi0zZjM5ODg0MjQwY2ImYnNmdF90eG5pZD05ZDdkMGE3Ni0wNjA3LTQ3MWQtOTE5NC0wZDhiMmE4YWQxNjkmYnNmdF91dGlkPTczODViMWNkLWI3OGUtNGRkYi05ZjUzLWEyMmNiOGNlMDcxOC1XUkRFRCZic2Z0X21pbWVfdHlwZT10ZXh0JmJzZnRfZWs9MjAyNC0wNy0yOVQxOCUzQTE1JTNBMDhaJmJzZnRfbHg9MiUyOS4uLiZic2Z0X3R2PTUmcGs9YjUwOWUxNGM5YjQ2OTU5ZGViYzIxYmQ2NDJlYjNmMDAmdXRtX2NhbXBhaWduPTIwMjQwNzI5X1dSREVEX01XTF9EQVJLX0ElMkZCX01URF9TRUFTT05fVUxUUkFfR1JFRU4mdmlkMj1mMmFlMmMyNWU0ZGUzNmI2ODg1NDQyZjAzNmRlZjkyODcyMTMxYzA5NmNkZDI4Yjk5M2FjOTk3OGRlMDBmN2FlYmY3MTExMDM4YmU1NDA0NzcwODU4ZGVlZmQ4MzA3MTImbGlzdENvZGU9V1JERUQmaD10cnVl&is_vtc=1&cid=CAQSKQDaQooLgpC_bgb-1u_ZaEr_eRgw0fDeBdNuLdtMpytHqqtFJFlOkFnB&eitems=ChEI8PuctQYQ_ICHgauMz4DbARIdAG__P4ZNsXFwdA5gZMjz8mFtYkXClXKXlaMVryw&random=812454953&ipr=y

Requested by

Protocol

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/701391511/?random=1556508758&cv=11&fst=1722304864152&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9178943451z8832065994za201zb832065994&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&npa=0&pscdl=noapi&auid=1531053847.1722304864&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIj6GDzdXNhwMVIlNHAR0eAA0GMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOt8FaHR0cHM6Ly9wcm8ubWFud2FyZHByZXNzLmNvbS9wL0RBUktUTzEyOTJZUkRTTUxBL0VNV0w0N0NELz9ic2Z0X2FhaWQ9NzgyZmI0MGItNzU4NS00Y2IyLWIzNDItNWU2YmI2MTE0NTg5JmJzZnRfZWlkPTc5NDc1OWQ2LTU5ZTItNTg3Yi1hNWVkLTdiMGE5ZjAxZGNjNiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9Ymx1ZXNoaWZ0JmJzZnRfY2xraWQ9MmNkZGU5OTMtZWNiMi00ZDYzLTk1NzItMDE2N2RmYzhmMmI0JmJzZnRfdWlkPTczODViMWNkLWI3OGUtNGRkYi05ZjUzLWEyMmNiOGNlMDcxOCZic2Z0X21pZD1jNjdlOTI3MC0xYTQ5LTQxMDQtYmRiNi0zZjM5ODg0MjQwY2ImYnNmdF90eG5pZD05ZDdkMGE3Ni0wNjA3LTQ3MWQtOTE5NC0wZDhiMmE4YWQxNjkmYnNmdF91dGlkPTczODViMWNkLWI3OGUtNGRkYi05ZjUzLWEyMmNiOGNlMDcxOC1XUkRFRCZic2Z0X21pbWVfdHlwZT10ZXh0JmJzZnRfZWs9MjAyNC0wNy0yOVQxOCUzQTE1JTNBMDhaJmJzZnRfbHg9MiUyOS4uLiZic2Z0X3R2PTUmcGs9YjUwOWUxNGM5YjQ2OTU5ZGViYzIxYmQ2NDJlYjNmMDAmdXRtX2NhbXBhaWduPTIwMjQwNzI5X1dSREVEX01XTF9EQVJLX0ElMkZCX01URF9TRUFTT05fVUxUUkFfR1JFRU4mdmlkMj1mMmFlMmMyNWU0ZGUzNmI2ODg1NDQyZjAzNmRlZjkyODcyMTMxYzA5NmNkZDI4Yjk5M2FjOTk3OGRlMDBmN2FlYmY3MTExMDM4YmU1NDA0NzcwODU4ZGVlZmQ4MzA3MTImbGlzdENvZGU9V1JERUQmaD10cnVl&is_vtc=1&cid=CAQSKQDaQooLgpC_bgb-1u_ZaEr_eRgw0fDeBdNuLdtMpytHqqtFJFlOkFnB&eitems=ChEI8PuctQYQ_ICHgauMz4DbARIdAG__P4ZNsXFwdA5gZMjz8mFtYkXClXKXlaMVryw&random=812454953&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/ 68 KB
23 KB 103ms
39ms Script
application/javascript 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Requested by

Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b84647256daa900e5c30a9d2ce23df4ce10661b09173492210bf5448296fca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4847
last-modified: Tue, 30 Jul 2024 00:40:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFKyEE0KAPqxKo1MZc8T0%2FqSIH%2B4WW8FBN4DFBEAvQLfbov4MkkEdtqsF%2FMXOgF%2Bzs4HN%2BlEnD9xVH9X4JSUQgTsuR4HDc%2BVyynBIEO8RTlfrL%2BD5ZoU%2FJZ%2BPxQ6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: 54dab13256f2b57ee6a29369203ebc28
cf-ray: 8ab1c23a6995ac2d-YYZ

GET
H2 200 tracking.js Show response
analytics.pmsrv.co/v1/ 3 KB
1 KB 160ms
60ms Script
text/javascript 34.144.246.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pmsrv.co/v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86
Requested by: Host: c.pmsrv.co
URL: https://c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.144.246.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 130.246.144.34.bc.googleusercontent.com
Software: istio-envoy / Express
Resource Hash: 31969a9254d2e57b3a58d33f19c2247cc20e4cd982e79eb8d2eb05f5f94682a3

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:04 GMT
content-encoding: gzip
via: 1.1 google
server: istio-envoy
x-powered-by: Express
etag: W/"bc8-CwjlEyZMeJT2T4gdzys39D9fgms"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2 204 acvr3
c.pmsrv.co/v2/ 0
333 B 125ms
125ms Image
text/plain 13.35.93.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.pmsrv.co/v2/acvr3?a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=page-land&weight=0&dnt=false&_ible=1&ej=%7B%22dnt%22%3Afalse%7D&ord=4897813871736223&sid=e013c6b0-1efc-46f4-b8e9-2192d63c7af7&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&_ii=0&ppg=&_tk=%7B%22m%22%3A%22email%22%2C%22s%22%3A%22blueshift%22%2C%22cm%22%3A%2220240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%22%7D
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-4.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:04 GMT
via: 1.1 c456cd1dcda544d97e59ee05afbea4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-powered-by: Express
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
x-amz-cf-id: JfEgLR4OVbSRSslJhXfgPoaZf8DMcE_9WOZVFV2gwLA2TgAwO1sCHA==
expires: -1

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
562 B 64ms
63ms Image
image/gif 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?gtm.start=1722304862857&event=gtm.js&gtm.uniqueEventId=1&_ts=1722304864442&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&_ga=GA1.1.239924812.1722304864&_v=3.0.36&_uid=e1441be7-58e6-4d74-b656-920b1a6a9380&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WrZtauvAJXsAUcr8yz2%2FgPJu9DupQEzZoWZzZPDrG2yyhDLLobwId2FSXZid0DWu6DtAyTOWKIot4%2FkN3OPWiJwSnylz83iMgwNzCy4KjV3NiBwkJadR36LYJyRI"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 5bda03da6d3bf881a073bd6f7a337150
cf-ray: 8ab1c23aea29ac2d-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
321 B 76ms
74ms Image
image/gif 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?gtm.start=1722304863525&event=gtm.js&gtm.uniqueEventId=10&_ts=1722304864442&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&_ga=GA1.1.239924812.1722304864&_v=3.0.36&_uid=e1441be7-58e6-4d74-b656-920b1a6a9380&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IEhTQfgAHKsNlvLm9PfLLIT5013hRON4hDs5vIFZcZLsAyhf6xcSiVRc3ZOzXSCUGHVyxz8tZjBd9WjY6xW1u033Aa6nh4gotj5xaxU7NK8i7PwAgQ0MDPhbn1w5"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 30ef43c8b40ac0c19654055702a7a52b
cf-ray: 8ab1c23aea2dac2d-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
321 B 75ms
74ms Image
image/gif 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?gtm.start=1722304863525&event=gtm.js&gtm.uniqueEventId=11&_ts=1722304864442&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&_ga=GA1.1.239924812.1722304864&_v=3.0.36&_uid=e1441be7-58e6-4d74-b656-920b1a6a9380&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kr481P671DwPKtKQZjRTrfVfqLFt8KSfS9Yd1sTpKwQO9x9q2hafJr16BXNjlnYetXqve5lbF1pTFhK6ptAIv75XLUcZZF1MSPjMNn6JBydeilgheKMp2LvKNt7X"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 9b931cc7291c2b9c6dd4bcfce0347e2c
cf-ray: 8ab1c23aea30ac2d-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
326 B 65ms
64ms Image
image/gif 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?event=gtm.scrollDepth&gtm.scrollThreshold=90&gtm.scrollUnits=percent&gtm.scrollDirection=vertical&gtm.triggers=15&gtm.uniqueEventId=17&_ts=1722304864442&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&_ga=GA1.1.239924812.1722304864&_v=3.0.36&_uid=e1441be7-58e6-4d74-b656-920b1a6a9380&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4GwkStw7TTkzXm9Ch3Yfa01Z95gx8o2Hl%2FWIDdhfGOHvp82fl%2FPB3RVKJDu13ywXfIv5h2fRF6DlOO0DJW96e62ZyJ0kbYD78Awuw0WqHIShndfw8%2FGSjKiQLZXS"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: a80fe373b37e6f1a6a213852c74af1e5
cf-ray: 8ab1c23aea32ac2d-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
329 B 65ms
64ms Image
image/gif 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?event=gtm.triggerGroup&gtm.triggers=13057436_313%2C13057436_426&gtm.uniqueEventId=19&_ts=1722304864442&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&_ga=GA1.1.239924812.1722304864&_v=3.0.36&_uid=e1441be7-58e6-4d74-b656-920b1a6a9380&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4cGhD%2BNxSGah6OCyFTq4so0iDuLG3xX8yCH5FfZL8XbRVVL6A2Mul%2FjPE4UTyeInPPjWsB72fM%2Bhkw5QMoOouXaNMDs91Vf6X0bPSIr78TiHglQYYkUwBt38x%2FJ"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 7bfe7d52e62db98da93eab7038e1d472
cf-ray: 8ab1c23aea35ac2d-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H2 200 portrait
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/ Frame 8DFE 0
0 185ms
134ms Document
text/html 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://pro.manwardpress.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ab1c23b3a0aab0c-YYZ
content-encoding: br
content-type: text/html
date: Tue, 30 Jul 2024 02:01:04 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FvguNYk80N8c2qp1swv%2BubjSDtM7BnTbL6PM0rxFVWdhywY2tigbDiIDzAwgOMl3UxGA9quo5XW6L1zOCbTa1bdr5Go%2B0M4jRzjJXOQxSpulAY1LdbPrWypGP2u"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000;
via: 1.1 google
x-lytics-trace: fe9d1bf9787ae94e3468a5c132effc2f

GET
H2 200 e1441be7-58e6-4d74-b656-920b1a6a9380 Show response
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/ 83 KB
13 KB 137ms
137ms Script
application/json 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/e1441be7-58e6-4d74-b656-920b1a6a9380?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22e1441be7-58e6-4d74-b656-920b1a6a9380%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_source%22%3A%22blueshift%22%2C%22utm_campaign%22%3A%2220240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A-7%2C%22_ul%22%3A%22en-CA%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue%22%2C%22_ga%22%3A%22GA1.1.239924812.1722304864%22%2C%22_v%22%3A%223.0.36%22%7D&ts=1722304864538&callback=u_930671677266659500

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ece17463b15b1730cf4960c02f027ec0e0533777e1ee87bf59c4e81a9e2788

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09ccmSY0Ao1FYM3DDSYwY2KJgrvTBEFsi6JxdUDAeIS14KUvn8pxMjcm6uXsvfa7Zzf4TMILwn24UtdKAf2xws4xRZ65ccTxEVcj9TWB%2F4PbsYOvABUbGyxw4FG4"}],"group":"cf-nel","max_age":604800}
x-lytics-trace: b53f0791931c624bac32434af67c88cf
cf-ray: 8ab1c23b7b17ac2d-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 35 B
322 B 67ms
67ms Image
image/gif 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?utm_medium=email&utm_source=blueshift&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&_sesstart=1&_tz=-7&_ul=en-CA&_sz=1600x1200&_ts=1722304864536&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&_ga=GA1.1.239924812.1722304864&_uid=e1441be7-58e6-4d74-b656-920b1a6a9380&_v=3.0.36

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:04 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znELUCGloG4RNSae98fb1h0T2mbtNEG%2FcdRjO9rYD6yHwTMVLKwEqAPGP4uAexhxk4PmKsLKvsAd8SLRzor2%2B9F3nj2qCcPb8X9i2FfuyAOaxV5phK6r6SpkcHll"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 2bd58a7abe214a891af4676ee16d4072
cf-ray: 8ab1c23b7b1bac2d-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
408 B 101ms
43ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3De1441be7-58e6-4d74-b656-920b1a6a9380%26account_id%3D9c32784e3cc4888a693a7988ad64c63d
Requested by: Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms: 18
date: Tue, 30 Jul 2024 02:01:04 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 16823
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-yyz4556-YYZ
pragma: no-cache
server: nginx
x-timer: S1722304865.752747,VS0,VE18
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 47ms
44ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2144695142494790&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&rl=&if=false&ts=1722304864686&cd[external_id]=e1441be7-58e6-4d74-b656-920b1a6a9380&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4126&fbp=fb.1.1722304864190.754392664777576085&ler=empty&cdl=API_unavailable&it=1722304864085&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=10, mss=1316, tbw=8231, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:01:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 127ms
125ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9118286742b4c0a5","source_keys":["1","2"]},{"key_piece":"0xaa6b3ced5b73ed88","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["23:4148900985201003","23:4242756012438657","7811:4148900985201003","7811:4242756012438657","10193:4148900985201003","10193:4242756012438657","10853:4148900985201003","10853:4242756012438657","40:4148900985201003","40:4242756012438657","8050:4148900985201003","8050:4242756012438657"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 30 Jul 2024 02:01:04 GMT
x-fb-server-load: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397243066593345849", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=10, mss=1316, tbw=8533, tp=-1, tpl=-1, uplat=82, ullat=0
pragma: no-cache
x-fb-debug: jtKlONb7/8mE+oCiYq8RDSizzMz3DfWMIhx6hluqI2FSxcU+VBfRgltr/XOztJiF+xwpR/O7ytROSn9nLHUyzg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397243066593345849"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 47ms
45ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2275199989273587&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.manwardpress.com&rl=&if=false&ts=1722304864688&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4124&fbp=fb.1.1722304864190.754392664777576085&ler=empty&cdl=API_unavailable&pm=1&hrl=dab672&it=1722304864085&coo=false&cs_cc=1&cas=2335543143241576&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pro.manwardpress.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=10, mss=1316, tbw=8346, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:01:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
850 B 131ms
129ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2275199989273587&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.manwardpress.com&rl=&if=false&ts=1722304864688&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4124&fbp=fb.1.1722304864190.754392664777576085&ler=empty&cdl=API_unavailable&pm=1&hrl=dab672&it=1722304864085&coo=false&cs_cc=1&cas=2335543143241576&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 30 Jul 2024 02:01:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 38
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397243066592782027", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=10, mss=1316, tbw=11500, tp=-1, tpl=-1, uplat=85, ullat=0
pragma: no-cache
x-fb-debug: ywpKwLAERdBp2XFYQjfwilJsQ1Ufj691rMw5PXqsYKqdrgCaJhBscbszx0t5/a4K2haiS3vvLEOIUXcp1oPdbg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397243066592782027"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
854 B 136ms
135ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2144695142494790&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&rl=&if=false&ts=1722304864690&cd[suppression_active_subscribers_investme]=true&cd[wrp_video_modal]=true&cd[exclude_active_on_prhealth]=true&cd[libwealt_modal_target]=true&cd[wealthre_modal_target]=true&cd[proftrnd_lytics_modal]=true&cd[786_webinar_libwealt_modal_target]=true&cd[suppore]=true&cd[suppbrk]=true&cd[omt_launch_webinar_modal]=true&cd[suppress_tot_tot_lifetime_oxccc_tot19hot_and_mlb]=true&cd[suppress_oxc_owa_owa20hot]=true&cd[no_oxf_oxf19hot_agb_oxccc_oxcdc]=true&cd[exclude_active_pes_oxc]=true&cd[exclude_active_on_nmt_oxc]=true&cd[exclude_active_on_786hot20_oxc_786_agb]=true&cd[exclude_active_on_totwealt_oxc_mlb]=true&cd[exclude_active_ett_mab_oxc]=true&cd[exclude_active_on_mal_agb_oxc]=true&cd[exclude_active_on_oxc_786_agb_duplicate]=true&cd[tradeday_nonsubscribers]=true&cd[suppress_]=true&cd[suppress_cbp20hot_cbp_agb_oxc]=true&cd[suppress_all_osa20hot_active_osa_buyers_and_oxc_duplicate]=true&cd[suppress_325war_active]=true&cd[786_ipo_suppression]=true&cd[suppress_war_wax_woh]=true&cd[suppress_active_tbl21hot_tbl_mab_oxc]=true&cd[ly_unknown_email]=true&cd[suppress_ore_orl_mab_oxc]=true&cd[exclude_active_on_mwl]=true&cd[exclude_active_on_omt_agb_oxc]=true&cd[suppress_oxc]=true&cd[suppress_active_on_cbp_cbx_asb_asx_mxb]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[suppress_active_on_nmt_mlb_and_oxc]=true&cd[suppress_war_wax]=true&cd[suppress_active_on_oxf_oxcdc_agb_and_oxccc]=true&cd[suppress_active_on_brk_oxc_dc_mlb_and_oxc_cc]=true&cd[suppress_active_on_mwl_asb_and_mxb]=true&cd[suppress_active_on_mwl_asb_mxb_and_oxc_cc]=true&cd[suppress_active_on_ata_and_oxc]=true&cd[suppress_active_on_mwl_mwx_or_if_known_email]=true&cd[suppress_mtd_mtx_asb_asx_mxb]=true&cd[suppress_war_wax_woh_and_wohtrial]=true&cd[exclude_active_on_wnm]=true&cd[suppress_oxf_oxl_agb_oxc_dc_and_oxc_cc]=true&cd[tot_fifty_0123]=true&cd[suppress_cbp_asb_mxb]=true&cd[suppress_299s23lv_buyers_or_oxc_active]=true&cd[suppress_299s23lv_buyers]=true&cd[suppress_299s23lv_buyers_dv]=true&cd[suppress_mlb_and_oxc_active]=true&cd[all_except_wealthre_suppressed]=true&cd[all]=true&cd[rbf_mxb_suppressed_]=true&cd[suppress_dpl_hotlist_suppress_dpl_subs]=true&cd[orc_experience_97e2f2ea1ff28a1db5a5d226d4d35dc5_decision]=true&cd[orc_experience_ec46afc33ebb8902300228aad63baea2_decision]=true&cd[orc_experience_c594066e4a73ebc890931229a1c97611_decision]=true&cd[orc_experience_7ae5efe8bba0fa7a33c21326b8db0758_decision]=true&cd[orc_experience_274930a410229dff3c0869dd5c9d5545_decision]=true&cd[orc_experience_31ba84a13887e6d8515276e97f31a84e_decision]=true&cd[orc_experience_4fbd970d62a9c0a700ce20e57837a412_decision]=true&cd[orc_experience_bb53ff30364af235a354dffae8fbef2c_decision]=true&cd[orc_experience_b51aa24e2059ccb207a29be07914079c_decision]=true&cd[orc_experience_57dd6382546d6ee60c56af264047cf27_decision]=true&cd[orc_experience_0d43044150ad966afe7e2f37fae75f1f_decision]=true&cd[orc_experience_fbb1042f654bea32157897dc77b93371_decision]=true&cd[orc_experience_28727308f4a1e7921a81180c7a4887b0_decision]=true&cd[orc_experience_cee5d767a8126200f6f00c967a06c933_decision]=true&cd[orc_experience_574398b8cc1bfccd9d9075d366961a24_decision]=true&cd[orc_experience_658470c9c357ab5b65925c31cef4cb9d_decision]=true&cd[orc_experience_764f3fcd872129e61cc81bde726af0cb_decision]=true&cd[orc_experience_89c9bc423bc2c09a1e727dc0c39420fb_decision]=true&cd[orc_experience_c0354e88aec23f66740738829bdb4d85_decision]=true&cd[orc_experience_039dff1b122103fd2efc1f38a2f90f02_decision]=true&cd[orc_experience_476eeeac190f7c3bc9aa83a00c5b60cc_decision]=true&cd[orc_experience_f8290a990220111057cb44939e14044d_decision]=true&cd[orc_experience_4ac0348d7c9f78738c719d3ca364aeac_decision]=true&cd[orc_experience_40d2acddf975d95d3669d6875a02de1d_decision]=true&cd[orc_experience_54ba40328606eca379e0257e735966c5_decision]=true&cd[orc_experience_b31d441abd55fb5e869273b752703c52_decision]=true&cd[orc_experience_43224cbec233e28646921beaa4270168_decision]=true&cd[orc_experience_773a8e0397d83fb205cde84c850217b4_decision]=true&cd[orc_experience_570a1dc9e3169262d52e090116fcc189_decision]=true&cd[orc_experience_cfe22eb7c324cdb4c2ec593c993a69aa_decision]=true&cd[orc_experience_53f3081d74832a181887cc9b7e944f95_decision]=true&cd[orc_experience_90daef94fc6c805ef319ce463ddfc6b1_decision]=true&cd[orc_experience_59045656fae6b70f8c168c1153cd2362_decision]=true&cd[orc_experience_db1cf70b782b3cfc95d7637749c89713_decision]=true&cd[orc_experience_20c7723bd092fd89a0cd66dbb1c3bb1a_decision]=true&cd[orc_experience_4e7a6bbab046b3883cbc178a27a9e94d_decision]=true&sw=1600&sh=1200&v=2.9.162&r=stable&ec=2&o=4126&fbp=fb.1.1722304864190.754392664777576085&ler=empty&cdl=API_unavailable&it=1722304864085&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 30 Jul 2024 02:01:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397243065964429234", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=10, mss=1316, tbw=12372, tp=-1, tpl=-1, uplat=90, ullat=0
pragma: no-cache
x-fb-debug: HWxKAtruRkdbsOgQ5mu1DBgymQj/rxfSPeVgxRFPYywvmw7ILWRSe/bZEoAXA8PR4Zr6mhYtyCNe+/vylw/Wxw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397243065964429234"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 47ms
46ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2275199989273587&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.manwardpress.com&rl=&if=false&ts=1722304864703&sw=1600&sh=1200&v=2.9.162&r=stable&ec=2&o=4124&fbp=fb.1.1722304864190.754392664777576085&ler=empty&cdl=API_unavailable&pm=1&hrl=dab672&it=1722304864085&coo=false&cs_cc=1&cas=2335543143241576&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pro.manwardpress.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=10, mss=1316, tbw=8346, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 02:01:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
2 KB 129ms
128ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2275199989273587&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.manwardpress.com&rl=&if=false&ts=1722304864703&sw=1600&sh=1200&v=2.9.162&r=stable&ec=2&o=4124&fbp=fb.1.1722304864190.754392664777576085&ler=empty&cdl=API_unavailable&pm=1&hrl=dab672&it=1722304864085&coo=false&cs_cc=1&cas=2335543143241576&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pro.manwardpress.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x598e92dd670aa8d8","source_keys":["1","2"]},{"key_piece":"0xacbe859b8a05d319","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["23:7478079025558867","23:2481330741967331","23:2783562498405456","23:2851967058227634","7811:7478079025558867","7811:2481330741967331","7811:2783562498405456","7811:2851967058227634","10193:7478079025558867","10193:2481330741967331","10193:2783562498405456","10193:2851967058227634","10853:7478079025558867","10853:2481330741967331","10853:2783562498405456","10853:2851967058227634","40:7478079025558867","40:2481330741967331","40:2783562498405456","40:2851967058227634","8050:7478079025558867","8050:2481330741967331","8050:2783562498405456","8050:2851967058227634"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 30 Jul 2024 02:01:04 GMT
x-fb-server-load: 25
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397243064637386006", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=10, mss=1316, tbw=9879, tp=-1, tpl=-1, uplat=84, ullat=0
pragma: no-cache
x-fb-debug: byexUPs4uf1ToanMRkYDy2z88PdwBcmzoYS+hfw0/hEyDWExP2mv0IC+rW5tsgfGo4g8ImxecsEqXFMaQWY51w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397243064637386006"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame DD97 0
0 458ms
124ms Document
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://pro.manwardpress.com
Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://pro.manwardpress.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jul 2024 02:01:05 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2761, tp=-1, tpl=-1, uplat=81, ullat=81

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 81 KB
22 KB 25ms
25ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1ae37538ceacf2b3b1bac1208621fbd98393d4f3a402931ce7ffda5cb73245dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pro.manwardpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 720
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21819
x-served-by: cache-iad-kiad7000062-IAD, cache-yyz4552-YYZ
x-browser-version: 127
last-modified: Mon, 29 Jul 2024 15:49:53 GMT
server: AmazonS3
x-timer: S1722304865.193488,VS0,VE0
etag: "66d2391bf93be270dc0b6ebe090be9cb"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: d13aa49c86227e9f5fe259e43ebca34cba03147e
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14, 28

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 510 KB
125 KB 29ms
28ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

827d9260911830f9fc5f799abc6b84f5b7d116101ac969a55a3271e46a914a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pro.manwardpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 620
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 127761
x-served-by: cache-iad-kcgs7200053-IAD, cache-yyz4552-YYZ
x-browser-version: 127
last-modified: Mon, 29 Jul 2024 15:49:52 GMT
server: AmazonS3
x-timer: S1722304865.196120,VS0,VE0
etag: "2f775b894830b4770275e4a7ef486fd5"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: d13aa49c86227e9f5fe259e43ebca34cba03147e
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24, 16

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
331 B 137ms
46ms Fetch
text/plain 18.238.80.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-53.jfk52.r.cloudfront.net
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 0
content-length: 2
x-amz-cf-id: zyUWpGqlWzOX0xOesTEHiBOKAgj_QjkytbTksnbzJ6jceZQE01hbHQ==

POST
H2 204 x
distillery.wistia.com/ 0
0 135ms
48ms Fetch 13.225.63.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-120.ewr53.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
via: 1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
x-amz-cf-id: F9fYpjDVkPy6DkiUhrrrKkDgaJjkYraJM10yotXsWGJL7U1iYQS5cw==

GET
H/1.1 200
OK favicon.png
s3.amazonaws.com/assets.manwardpress.com/ 524 B
904 B 60ms
60ms Other
image/png 54.231.232.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.manwardpress.com/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.232.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1517ed0281ec8256ac007c3de7c96cec87188715989358baf4eb52fb660876c5

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 02:01:06 GMT
x-amz-version-id: null
Last-Modified: Fri, 26 Mar 2021 14:07:46 GMT
Server: AmazonS3
x-amz-request-id: P3W4WZRSDSMZF07G
ETag: "ecc1bd1d1cbccff2b4d8d68e630dfc10"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 524
x-amz-id-2: xoo/GBPAu1BcovXEh3ecs9pDNRRnTCJpLjb8fnLzQxfpSpbtCvE7tFvtk+aymPeAp6kbk9OqHgc=

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 39ms
38ms Script
text/javascript 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 30 Jul 2024 00:35:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5158
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vu2R4plejuqqk88veUTk8PUPhSs%2BTDoxT3PsqpxWgW5vvgJna1NuHyq0IuTWpIvMvHXlAYc%2BMEhR%2FwpNo7vPOSv4Aki3vjMvY7YNsHQFapcziglkzOonlNrRJy8w"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8ab1c23f8fa5ac2d-YYZ

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 37ms
37ms Stylesheet
text/css 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 30 Jul 2024 01:01:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3595
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F0GbRCVlYFcr3JRJqF%2FeOdu2tiQVWEiW4g%2FxXzCHl0DudVBTAbs03cfdUGc3vnj1icyelcyWd2UjccvWZy7nZnu7eVn2Z2nieklct2qOZkvOWGNNr0%2FAt9R61l4D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8ab1c23fdff3ac2d-YYZ

GET
H2 200 lytics_overrides.min.css
storage.googleapis.com/lioservices/2470-oxford-club/ 602 B
1 KB 184ms
82ms Stylesheet
text/css 142.251.174.207
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.174.207 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: qc-in-f207.1e100.net
Software: UploadServer /
Resource Hash: 0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
age: 0
x-guploader-uploadid: AHxI1nMIiwLaAk1SwaxIO36J5ErcGnnVs_WLKx1uFLqhlfQ-njDWWpPz9rNpnCC254x4EuBZcoc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602
last-modified: Thu, 04 Oct 2018 21:47:26 GMT
server: UploadServer
etag: "9df2d5ae6031369aa6e0f3685608cd8c"
x-goog-generation: 1538689646128559
x-goog-hash: crc32c=VZEimQ==, md5=nfLVrmAxNpqm4PNoVgjNjA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 602
accept-ranges: bytes
content-type: text/css
expires: Tue, 30 Jul 2024 03:01:05 GMT

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 26ms
25ms Image
image/gif 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Origin: https://pro.manwardpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1286
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kcgs7200077-IAD, cache-yyz4552-YYZ
x-browser-version: 127
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1722304865.326778,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6564449, 56

GET
H2 200 jupsr1090a.m3u8 Show response
fast.wistia.com/embed/medias/ 943 B
1 KB 30ms
29ms XHR
application/x-mpegurl 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/jupsr1090a.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6c22225f1e71845451b6d2dc031d7b51912bf6966d2e6fbcd3cc203b065e14ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
via: 1.1 fbc610cefe909c4febc0d681ddbb9a44.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 11751
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 38
content-length: 943
x-request-id: 56b4973d-2ff1-4778-b0be-fcfc5ce231c9
x-served-by: cache-iad-kcgs7200065-IAD, cache-yyz4552-YYZ
x-runtime: 0.036499
x-browser-version: 127
server: envoy
x-timer: S1722304865.335636,VS0,VE2
etag: W/"6c22225f1e71845451b6d2dc031d7b51"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: lXrFqnKsOVeEbXHNpYe-pv3VYqwdyzRhWzwpSwUJ2i6v7CHjDvZaQA==
x-cache-hits: 6581, 0

GET
H2 200 a3591ba5e949a37083cc6f5a4191e903.min.js Show response
js.sentry-cdn.com/ 3 KB
2 KB 84ms
25ms Script
text/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2d9e600cc97a563d568d616671db47dac1576938a377d50e92c3d0d250e14ba3

Security Headers

Name	Value
Content-Security-Policy	font-src * data:; media-src ; object-src 'none'; frame-ancestors 'self' .sentry.io; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; img-src * blob: data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; style-src * 'unsafe-inline'; worker-src blob:; base-uri 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; default-src 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=5f2432b9a22a7a0b5f14c74a65eb9c5cde193a36
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
Origin: https://pro.manwardpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: font-src * data:; media-src *; object-src 'none'; frame-ancestors 'self' *.sentry.io; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; img-src * blob: data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; style-src * 'unsafe-inline'; worker-src blob:; base-uri 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; default-src 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=5f2432b9a22a7a0b5f14c74a65eb9c5cde193a36
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jul 2024 02:01:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 14
x-envoy-upstream-service-time: 25
content-length: 1299
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-9f86f5b4-ckg2n, cache-chi-klot8100079-CHI, cache-yyz4575-YYZ
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 43565402fec316214945c01451539a224e66578c.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 114 KB
114 KB 125ms
45ms XHR
application/vnd.apple.mpegurl 13.226.34.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-66.ewr53.r.cloudfront.net
Software: envoy /
Resource Hash: c25eb3ecb480bbb23e31adf523d92baecef5eb47e12e78dc95c1833cfd9647ff

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 16:25:53 GMT
via: 1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: EWR53-C2
age: 293712
edge-cache-tag: 43565402fec316214945c01451539a224e66578c-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 178
content-length: 116419
surrogate-key: 43565402fec316214945c01451539a224e66578c-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: vG5IsiFIY8lFYOke2Y9ctUN-H6xFQOPP3eKMdMW6cY5XvdqKlidnpQ==
expires: Sat, 26 Jul 2025 16:25:53 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/ 166 KB
12 KB 38ms
38ms Script
application/javascript 104.26.2.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cadb7bf939ed2bfd7e41deb8df8c415d24f007f0e4432f152a0cbef35a2968a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7020
last-modified: Tue, 30 Jul 2024 00:04:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=boxKb8%2BBGrz0fU7PjhfiyGWcOOG4%2FzHdzAfJktj%2FwJTbhnWmYO7QlqOzOP9IpE7zkpiwyqzJXpsDcDwaREFXKN42h%2BGuw0M16b2vyBuldjbQCHLb3Qj%2FRl5khLvD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: 5550991592036c2e7878e8dfd2c93034
cf-ray: 8ab1c2410909ac2d-YYZ

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8/ 2 MB
2 MB 47ms
46ms XHR
video/mp2t 13.226.34.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/43565402fec316214945c01451539a224e66578c.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-66.ewr53.r.cloudfront.net
Software: envoy /
Resource Hash: e50bbdde3a7c0f8c04016edbde607f80c38871fc0474f1a8b0c8c90bd231c0a8

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 15:40:00 GMT
via: 1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: EWR53-C2
age: 123665
edge-cache-tag: 43565402fec316214945c01451539a224e66578c-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 114
content-length: 1630712
surrogate-key: 43565402fec316214945c01451539a224e66578c-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iu6YcMQHCYzT8Sx0QkVnmYP6ru_sjOugmfEpFyyxIaLiGB0H284fYw==
expires: Mon, 28 Jul 2025 15:40:00 GMT

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
329 B 46ms
45ms Fetch
text/plain 18.238.80.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-53.jfk52.r.cloudfront.net
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Jul 2024 02:01:05 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 0
content-length: 2
x-amz-cf-id: z01YcgjQf3CXclTmlR9oQcZAt5UC5Y4xwEUoJcK0-yx49O6FNz1R5g==

GET
H2 200 18590de2085b7ce8ac5729ff0cc972e004fb2734.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 114 KB
114 KB 41ms
40ms XHR
application/vnd.apple.mpegurl 13.226.34.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/18590de2085b7ce8ac5729ff0cc972e004fb2734.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-66.ewr53.r.cloudfront.net
Software: envoy /
Resource Hash: 63068b8cb05fa55f4f7be7887ab1b85613207f119bb4d5da07efc3f4141dcdb9

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 12:51:01 GMT
via: 1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: EWR53-C2
age: 220204
edge-cache-tag: 18590de2085b7ce8ac5729ff0cc972e004fb2734-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 136
content-length: 116419
surrogate-key: 18590de2085b7ce8ac5729ff0cc972e004fb2734-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 16YWW5SPsVuMZHRK-q8efzBsigM85sr6NHCDv3g5bb_Py_G95kRLsA==
expires: Sun, 27 Jul 2025 12:51:01 GMT

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
233 B 330ms
105ms XHR
image/gif 35.83.125.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1722304866&e=pageload&r=&z=581747&x=5475fa15fca6698857e67e2705849cfa&k=784509d5-7cb2-cee5-a69a-140ca7b797d2&u=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue
Requested by: Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.83.125.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-125-178.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://pro.manwardpress.com
date: Tue, 30 Jul 2024 02:01:06 GMT
access-control-expose-headers: etag
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/gif

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 48 KB
12 KB 26ms
25ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed2bc704e3fc26b8ee33210578b918016eab1d881e7db60e44e4afbbeeb5b2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pro.manwardpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:01:06 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 622
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 12251
x-served-by: cache-iad-kiad7000125-IAD, cache-yyz4552-YYZ
x-browser-version: 127
last-modified: Mon, 29 Jul 2024 15:49:52 GMT
server: AmazonS3
x-timer: S1722304866.205330,VS0,VE0
etag: "c71c49acde6f4cac3c778ccc6f496292"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: d13aa49c86227e9f5fe259e43ebca34cba03147e
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8, 16

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
328 B 48ms
47ms Fetch
text/plain 18.238.80.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/allIntegrations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-53.jfk52.r.cloudfront.net
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Jul 2024 02:01:06 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 0
content-length: 2
x-amz-cf-id: 3H3mtXtFi_B8J4_bB7uHzjkm6YxK5mOuiJcaeBSKIadt7wWzLVc1rQ==

POST
H2 204 collect
analytics.google.com/g/ 0
0 50ms
49ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je47t0v9106739609za200zb813057436&_p=1722304862857&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=239924812.1722304864&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722304863&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&dt=Manward%20Press&en=scroll&ep.promocode=EMWL47CD&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=E%20-%20Internal%20Email&ep.placement_name=Dedicated&ep.acquisition_method=UI%20-%20Web%2FEmail%20Promo%20Internal&ep.list_name=WRDED&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkAltLPTO199AltLTAltFunnel2%20(Video)&ep.iris_page_1=DarkAltLPTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&epn.percent_scrolled=90&_et=24&tfd=6950
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pro.manwardpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 track
analytics.pmsrv.co/v2/ 0
50 B 59ms
58ms Image
text/plain 34.144.246.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.pmsrv.co/v2/track?&a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=s004&weight=0&_ible=1&sid=e013c6b0-1efc-46f4-b8e9-2192d63c7af7&ord=151348175721077.72&_ii=0&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO1292YRDSMLA%2FEMWL47CD%2F%3Fbsft_aaid%3D782fb40b-7585-4cb2-b342-5e6bb6114589%26bsft_eid%3D794759d6-59e2-587b-a5ed-7b0a9f01dcc6%26utm_medium%3Demail%26utm_source%3Dblueshift%26bsft_clkid%3D2cdde993-ecb2-4d63-9572-0167dfc8f2b4%26bsft_uid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718%26bsft_mid%3Dc67e9270-1a49-4104-bdb6-3f39884240cb%26bsft_txnid%3D9d7d0a76-0607-471d-9194-0d8b2a8ad169%26bsft_utid%3D7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED%26bsft_mime_type%3Dtext%26bsft_ek%3D2024-07-29T18%253A15%253A08Z%26bsft_lx%3D2%2529...%26bsft_tv%3D5%26pk%3Db509e14c9b46959debc21bd642eb3f00%26utm_campaign%3D20240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%26vid2%3Df2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712%26listCode%3DWRDED%26h%3Dtrue&ppg=&_tk=%7B%22m%22%3A%22email%22%2C%22s%22%3A%22blueshift%22%2C%22cm%22%3A%2220240729_WRDED_MWL_DARK_A%252FB_MTD_SEASON_ULTRA_GREEN%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.144.246.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 130.246.144.34.bc.googleusercontent.com
Software: istio-envoy / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid=782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 02:01:09 GMT
via: 1.1 google
server: istio-envoy
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD	1970-01-21 07:10:40	Name: https://pro.manwardpress.com/p/DARKTO1292YRDSMLA/EMWL47CD/?bsft_aaid Value: 782fb40b-7585-4cb2-b342-5e6bb6114589&bsft_eid=794759d6-59e2-587b-a5ed-7b0a9f01dcc6&utm_medium=email&utm_source=blueshift&bsft_clkid=2cdde993-ecb2-4d63-9572-0167dfc8f2b4&bsft_uid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718&bsft_mid=c67e9270-1a49-4104-bdb6-3f39884240cb&bsft_txnid=9d7d0a76-0607-471d-9194-0d8b2a8ad169&bsft_utid=7385b1cd-b78e-4ddb-9f53-a22cb8ce0718-WRDED&bsft_mime_type=text&bsft_ek=2024-07-29T18%3A15%3A08Z&bsft_lx=2%29...&bsft_tv=5&pk=b509e14c9b46959debc21bd642eb3f00&utm_campaign=20240729_WRDED_MWL_DARK_A%2FB_MTD_SEASON_ULTRA_GREEN&vid2=f2ae2c25e4de36b6885442f036def92872131c096cdd28b993ac9978de00f7aebf7111038be5404770858deefd830712&listCode=WRDED&h=true=visited
.liadm.com/j	1970-01-21 08:01:04	Name: lidid Value: e7d57580-5447-4b81-8c6f-1a7ed97ac000
.events-c.mb.wealthyretirement.com/	1970-01-20 22:25:06	Name: __cf_bm Value: kOrrpo2cCEZEBTPZzaUD91XxU4wkq24ASJysjYwOAEk-1722304862-1.0.1.1-vZMoTi7pdPtORwYaSK9d3yB.3p3Sq9Tv3n_l8jN.ac1HsQDwahJN0.pTOD7vgo8FY6vRpwB.3AHlvUSc5Bno4g
pro.manwardpress.com/	1970-01-20 22:53:52	Name: 2344062 Value: 2783136
pro.manwardpress.com/	1969-12-31 23:59:59	Name: BIGipServerIRIS_PROD_HTTPS_POOL Value: 1476460554.47873.0000
pro.manwardpress.com/	1970-01-21 08:01:04	Name: EMWL47CD Value:
.manwardpress.com/	1970-01-21 08:01:04	Name: _ga Value: GA1.1.239924812.1722304864
.manwardpress.com/	1970-01-21 08:01:04	Name: _ga_BBMPM3EJHQ Value: GS1.1.1722304863.1.0.1722304863.60.0.0
.manwardpress.com/	1970-01-21 00:34:40	Name: _gcl_au Value: 1.1.1531053847.1722304864
.manwardpress.com/	1970-01-21 07:10:40	Name: _hjSessionUser_925909 Value: eyJpZCI6ImM4MWJhNWE0LTRjNTAtNTljZS05ZWVlLWIyMGMwZTYyNzBjYiIsImNyZWF0ZWQiOjE3MjIzMDQ4NjM5MzQsImV4aXN0aW5nIjpmYWxzZX0=
.manwardpress.com/	1970-01-20 22:25:06	Name: _hjSession_925909 Value: eyJpZCI6IjZjMWJjNjI5LWYzOGItNGQ3Ny05ZjMyLTRmNjhiOTFhNDFlMCIsImMiOjE3MjIzMDQ4NjM5MzQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.manwardpress.com/	1970-01-21 00:34:40	Name: _rdt_uuid Value: 1722304864009.16560459-38a9-4571-8ffe-7318af291a93
.manwardpress.com/	1970-01-20 22:26:31	Name: _uetsid Value: 93aa61204e1711efa08a3dc86d7bbd70
.manwardpress.com/	1970-01-21 07:46:40	Name: _uetvid Value: 93aa79204e1711ef9e6d8facad0fee87
.bing.com/	1970-01-21 07:46:40	Name: MUID Value: 1412860DD83F61F22C1092C1D915609B
.bat.bing.com/	1970-01-20 22:35:09	Name: MR Value: 0
.manwardpress.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .manwardpress.com
.manwardpress.com/	1970-01-21 08:01:04	Name: _lc2_fpi Value: eb701cbdb086--01j40nx7vxn52dxrveh483fx83
.manwardpress.com/	1970-01-21 08:01:04	Name: _lc2_fpi_meta Value: {%22w%22:1722304864125}
.manwardpress.com/	1970-01-21 00:34:40	Name: _fbp Value: fb.1.1722304864190.754392664777576085
.yahoo.com/	1970-01-21 07:11:02	Name: A3 Value: d=AQABBGBJqGYCED9-kkSf07-QbZXjlBxhI4IFEgEBAQGaqWayZiXaxyMA_eMAAA&S=AQAAAtj2l5148mgzB9vuPnwjc4c
.twitter.com/	1970-01-21 08:01:04	Name: guest_id_marketing Value: v1%3A172230486422321883
.twitter.com/	1970-01-21 08:01:04	Name: guest_id_ads Value: v1%3A172230486422321883
.twitter.com/	1970-01-21 08:01:04	Name: personalization_id Value: "v1_kc7+K08OSnjfcZBVaalIjQ=="
.twitter.com/	1970-01-21 08:01:04	Name: guest_id Value: v1%3A172230486422321883
.t.co/	1970-01-21 08:01:04	Name: muc_ads Value: 35aeeac4-fd89-4cb3-9566-e3ea979690a6
.doubleclick.net/	1970-01-21 08:01:04	Name: IDE Value: AHWqTUmjC9pvTjwayR0DgIRxCz8ZmjaPfJ_XNpdntrabyvK4npGVrr9b791jVKcl
.c.pmsrv.co/	1969-12-31 23:59:59	Name: tpc Value: 1
.manwardpress.com/	1969-12-31 23:59:59	Name: _pmedia_sid Value: e013c6b0-1efc-46f4-b8e9-2192d63c7af7
.pro.manwardpress.com/	1970-01-20 22:25:06	Name: seerses Value: e
.pro.manwardpress.com/	1970-01-21 08:01:04	Name: seerid Value: e1441be7-58e6-4d74-b656-920b1a6a9380
.lytics.io/	1970-01-21 08:01:04	Name: seerid Value: e1441be7-58e6-4d74-b656-920b1a6a9380
.liadm.com/	1970-01-21 08:01:04	Name: lidid Value: e7d57580-5447-4b81-8c6f-1a7ed97ac000
.pro.manwardpress.com/	1970-01-21 07:10:40	Name: _bs Value: 784509d5-7cb2-cee5-a69a-140ca7b797d2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.google.com
analytics.pmsrv.co
analytics.twitter.com
api.getblueshift.com
b-code.liadm.com
bat.bing.com
c.lytics.io
c.pmsrv.co
cdn.getblueshift.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
distillery.wistia.com
dnzkifeab6.execute-api.us-east-1.amazonaws.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
events-c.mb.wealthyretirement.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.sentry-cdn.com
pipedream.wistia.com
pixel-config.reddit.com
portrait-tracker.s3.amazonaws.com
pro.manwardpress.com
rp.liadm.com
s.yimg.com
s3.amazonaws.com
script.hotjar.com
sp.analytics.yahoo.com
stackpath.bootstrapcdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
t.co
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
104.17.25.14
104.17.29.85
104.18.10.207
104.244.42.131
104.26.2.22
108.138.106.124
108.138.128.48
108.139.47.120
13.107.21.237
13.225.63.120
13.226.34.31
13.226.34.66
13.35.93.4
142.251.174.207
146.75.80.157
151.101.1.44
151.101.130.217
151.101.193.140
151.101.2.132
151.101.65.140
151.101.66.137
157.240.229.1
157.240.229.35
172.217.197.94
172.217.222.154
172.217.222.97
172.67.73.236
173.194.204.100
173.194.204.147
173.194.204.94
173.194.207.154
173.194.207.95
18.164.96.87
18.238.80.116
18.238.80.53
192.135.136.168
216.239.36.181
3.234.202.148
3.5.19.110
3.5.28.166
34.144.246.130
35.83.125.178
54.231.232.80
54.88.71.74
69.147.65.251
72.21.81.130
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0ce7f12375d3468057558db1d985db610631e4712329dc5301bb00de0859c5c7
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06
14ece17463b15b1730cf4960c02f027ec0e0533777e1ee87bf59c4e81a9e2788
1517ed0281ec8256ac007c3de7c96cec87188715989358baf4eb52fb660876c5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ae37538ceacf2b3b1bac1208621fbd98393d4f3a402931ce7ffda5cb73245dd
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
25b936bb552cacec6c67d608fc6b937affbbfa36f99b8551277e6d163f72e43e
265deb8f5652d0b0c73ea7f0ba373f2888b3714d72eb082acebd696d823eb1c1
2d9e600cc97a563d568d616671db47dac1576938a377d50e92c3d0d250e14ba3
2dd5dba8a1943628368ae291416da3b80f252b93ec6d02c51b5274cca2f4a3e5
31969a9254d2e57b3a58d33f19c2247cc20e4cd982e79eb8d2eb05f5f94682a3
347e2dcf6758c47ae0d79812e7e6717a6ecab078a8d0c7e9e0acc53d1ed60771
35da92a11fcd1a050eec27305efae18b011b3f9cfb2c0d84794b88d1ce7b4abd
3686979a3c00af4661870439cf2c0909c51289b8b201d7efa8586d38e9b388bd
3cadb7bf939ed2bfd7e41deb8df8c415d24f007f0e4432f152a0cbef35a2968a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454fe3d6a7491066359ed831478843356388a37795b64332cab14caa64eedf7c
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
48d88bf733095added29fb6682799ac2f0ffabe5e66f6cfe73e88468c724d260
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e3bdca19d97e79df53f375b588ee49911a6682bf5673bbbc4dff4afd8571cc9
4e886f0bfa032b6abb1a7411c9be27ccf1c0a604d73f4a678b3cd2848fcfd50d
4f2d67f554fdc058d41f8b62af5f31f2794c4253647b3e327c8dfc7cc7ed436b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
63068b8cb05fa55f4f7be7887ab1b85613207f119bb4d5da07efc3f4141dcdb9
66d056fc5eec74ee8809f641e63cd1fc2ce993807f56060fb54295aedbe93eb6
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c22225f1e71845451b6d2dc031d7b51912bf6966d2e6fbcd3cc203b065e14ab
76f1e74b479a581e026a28af840a4fc32122ac5980b82632623ae7fcc879cbd1
7738c6bb791826a771add3ca3f6d7cb68502906a8342b7955b43dd84e8cd7ce1
789b45b86a6101797872c6f0c04dff9e712d44a717af0584cdb2506ffd87d5ba
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
827d9260911830f9fc5f799abc6b84f5b7d116101ac969a55a3271e46a914a59
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd
864cc08aa6c75c74cf8488a6829c00117d583ddb54c0b39f96b4499ce3b4e9d1
86ede111b40921a43d3d77c0d5d21a19b747189bed9074a857bd6c77126cd3c6
8821e58177f6c45a0f2906ed5d3efdc244ed566d7bf4df8fa849427b474bc698
8a6ca1e9c6851c9380cdd6c5d6e374570986dc46c7cc80ccf371f8a3a89947da
8b8045007a32445a83e59d46d1e8237fb3a7a4bd62d3cfdd943ca853ba86e2b2
9b84647256daa900e5c30a9d2ce23df4ce10661b09173492210bf5448296fca8
9e8068cccb5c366e0b6316ce83e926ddd60e420954a61f7931cc7fcb467cc841
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
b92bf92042029aa55a2247b67dc1bc8ec5878e170e35b27814c995175fd4302c
bbe88376a0d76a85616d21118d6d8193e9acb81c680f888de947cdfb0a81a385
bc057a4ddb102ddf9a6ca8495830fc21e9a68502568956e0c416348145f7e077
c25eb3ecb480bbb23e31adf523d92baecef5eb47e12e78dc95c1833cfd9647ff
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d1820d86bf2b855eb2e3c9ca6b4380a7bf0176e212fbd7cf194f2cb85632d0a9
db53f5f275cb9892bf45b30a488646ba35e89ef2327586a482e1f289699d19b9
db7084473b5620188c4839453b5628a982526ce58d91ed8d0ff3fb5aef513310
dbaba64ca2f7e853bf61afcd776e02e1fe12584c9b89c431c98c9ebcbda951f0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50bbdde3a7c0f8c04016edbde607f80c38871fc0474f1a8b0c8c90bd231c0a8
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4
ed2bc704e3fc26b8ee33210578b918016eab1d881e7db60e44e4afbbeeb5b2fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
fb5973bab3d2f9b273214c50bd9e04c484c6d1bfa3c66f3cb6dab2d9df4b8f5b

pro.manwardpress.com Open in urlscan Pro 192.135.136.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

98 %HTTPS

0 %IPv6

32 Domains

46 Subdomains

45 IPs

2 Countries

4095 kBTransfer

7749 kBSize

34 Cookies

0 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pro.manwardpress.com Open in urlscan Pro
192.135.136.168 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

98 %
HTTPS

0 %
IPv6

32
Domains

46
Subdomains

45
IPs

2
Countries

4095 kB
Transfer

7749 kB
Size

34
Cookies

111 HTTP transactions
0 data transactions