urlscan.io logo urlscan.io
SecurityTrails logo

pro.manwardpress.com Open in urlscan Pro
192.135.136.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.tradingwithmanny.com/u/click?_t=22910c22682842989d32bf798bc31bde&_m=0cec0bf0eb1f45a098cea41d64f4978a&_e=RPvJOTsWvJvpl...
Effective URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Submission: On July 09 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 5 countries across 31 domains to perform 96 HTTP transactions. The main IP is 192.135.136.168, located in United States and belongs to 14WEST-AS, US. The main domain is pro.manwardpress.com.
TLS certificate: Issued by R10 on June 26th 2024. Valid for: 3 months.
This is the only time pro.manwardpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 50.112.136.248 16509 (AMAZON-02)
1 5 192.135.136.168 11372 (14WEST-AS)
2 16.182.35.17 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 52.217.81.254 16509 (AMAZON-02)
1 2a04:4e42::649 54113 (FASTLY)
7 2a04:4e42::644 54113 (FASTLY)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.239.36.125 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.216.33.193 16509 (AMAZON-02)
4 2600:9000:20a... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
2 18.245.60.50 16509 (AMAZON-02)
1 18.239.18.99 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
3 2600:9000:224... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 13.224.245.27 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.107 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2600:9000:209... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2600:9000:238... 16509 (AMAZON-02)
2 2a04:4e42:600... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 151.101.65.140 54113 (FASTLY)
1 151.101.193.140 54113 (FASTLY)
1 2600:9000:211... 16509 (AMAZON-02)
1 3.255.41.64 16509 (AMAZON-02)
8 2a03:2880:f17... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 52.201.12.52 14618 (AMAZON-AES)
1 54.187.230.172 16509 (AMAZON-02)
96 42
1    2606:4700:3032::6815:18a5 (United States)

ASN13335 (CLOUDFLARENET, US)
links.tradingwithmanny.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
track.smartinvestingsociety.com
1    50.112.136.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-136-248.us-west-2.compute.amazonaws.com
www.clkmg.com
5    192.135.136.168 (United States)

ASN11372 (14WEST-AS, US)
pro.manwardpress.com
2    16.182.35.17 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
portrait-tracker.s3.amazonaws.com
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    52.217.81.254 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
7    2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
6    2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
1    18.239.36.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-125.ams58.r.cloudfront.net
cdn.getblueshift.com
7    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.216.33.193 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
portrait-tracker.s3.amazonaws.com
4    2600:9000:20a0:1800:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed-ssl.wistia.com
embed-cloudfront.wistia.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    18.245.60.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-50.fra60.r.cloudfront.net
dnzkifeab6.execute-api.us-east-1.amazonaws.com
1    18.239.18.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-99.ams58.r.cloudfront.net
distillery.wistia.com
1    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
3    2600:9000:2240:600:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pipedream.wistia.com
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    13.224.245.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-245-27.lhr62.r.cloudfront.net
static.hotjar.com
1    2606:4700:20::ac43:49ec (United States)

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net
script.hotjar.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    2600:9000:2090:4600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2600:9000:238d:a600:a:8e7d:9900:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.pmsrv.co
2    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    2a00:1450:4001:812::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    2600:9000:211e:7600:1:7222:ccc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
analytics.pmsrv.co
1    3.255.41.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-255-41-64.eu-west-1.compute.amazonaws.com
sp.analytics.yahoo.com
8    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:1f18:730:b140:260e:e00d:f9f2:bc3a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    52.201.12.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-12-52.compute-1.amazonaws.com
rp4.liadm.com
1    54.187.230.172 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-230-172.us-west-2.compute.amazonaws.com
api.getblueshift.com
Apex Domain
Subdomains		 Transfer
15 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 11574
embed-ssl.wistia.com — Cisco Umbrella Rank: 20394
distillery.wistia.com — Cisco Umbrella Rank: 17542
pipedream.wistia.com — Cisco Umbrella Rank: 17921
embed-cloudfront.wistia.com
1 MB
9 amazonaws.com
portrait-tracker.s3.amazonaws.com — Cisco Umbrella Rank: 940212
s3.amazonaws.com
dnzkifeab6.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 730943
763 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
7 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 110
570 KB
7 lytics.io
c.lytics.io — Cisco Umbrella Rank: 19061
77 KB
5 manwardpress.com
pro.manwardpress.com
39 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
region1.analytics.google.com — Cisco Umbrella Rank: 3576
87 B
3 pmsrv.co
c.pmsrv.co — Cisco Umbrella Rank: 164228
analytics.pmsrv.co — Cisco Umbrella Rank: 169138
5 KB
3 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 4910
rp.liadm.com — Cisco Umbrella Rank: 1815
rp4.liadm.com — Cisco Umbrella Rank: 5227
37 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 232
78 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6500
190 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
432 B
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1311
script.hotjar.com — Cisco Umbrella Rank: 1952
64 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 530
14 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 102
22 KB
3 gstatic.com
fonts.gstatic.com
73 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 108
storage.googleapis.com — Cisco Umbrella Rank: 525
5 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 3224
alb.reddit.com — Cisco Umbrella Rank: 1955
761 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1497
13 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 1020
7 KB
2 getblueshift.com
cdn.getblueshift.com — Cisco Umbrella Rank: 28212
api.getblueshift.com — Cisco Umbrella Rank: 22714
4 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 2268
500 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 177
2 KB
1 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 7355
2 KB
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 1100
409 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1178
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 331
5 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4404
28 KB
1 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 402484
912 B
1 smartinvestingsociety.com
track.smartinvestingsociety.com
750 B
1 tradingwithmanny.com
links.tradingwithmanny.com
1 KB
96 31
Domain Requested by
8 www.facebook.com
7 www.googletagmanager.com portrait-tracker.s3.amazonaws.com
www.googletagmanager.com
pro.manwardpress.com
7 c.lytics.io portrait-tracker.s3.amazonaws.com
c.lytics.io
pro.manwardpress.com
7 fast.wistia.com pro.manwardpress.com
fast.wistia.com
5 pro.manwardpress.com 1 redirects pro.manwardpress.com
portrait-tracker.s3.amazonaws.com
4 s3.amazonaws.com pro.manwardpress.com
www.googletagmanager.com
3 connect.facebook.net pro.manwardpress.com
connect.facebook.net
3 www.google.de
3 bat.bing.com pro.manwardpress.com
bat.bing.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 embed-cloudfront.wistia.com fast.wistia.com
3 pipedream.wistia.com fast.wistia.com
3 fonts.gstatic.com fonts.googleapis.com
3 portrait-tracker.s3.amazonaws.com pro.manwardpress.com
portrait-tracker.s3.amazonaws.com
2 www.redditstatic.com pro.manwardpress.com
www.redditstatic.com
2 c.pmsrv.co pro.manwardpress.com
2 region1.analytics.google.com www.googletagmanager.com
2 s.yimg.com pro.manwardpress.com
s.yimg.com
2 www.google.com 1 redirects
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 static.hotjar.com pro.manwardpress.com
2 dnzkifeab6.execute-api.us-east-1.amazonaws.com portrait-tracker.s3.amazonaws.com
2 fonts.googleapis.com pro.manwardpress.com
1 api.getblueshift.com cdn.getblueshift.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 sp.analytics.yahoo.com
1 analytics.pmsrv.co c.pmsrv.co
1 alb.reddit.com
1 pixel-config.reddit.com www.redditstatic.com
1 www.googleadservices.com www.googletagmanager.com
1 storage.googleapis.com c.lytics.io
1 b-code.liadm.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 js.sentry-cdn.com fast.wistia.com
1 distillery.wistia.com fast.wistia.com
1 trc.taboola.com pro.manwardpress.com
1 embed-ssl.wistia.com pro.manwardpress.com
1 cdn.getblueshift.com portrait-tracker.s3.amazonaws.com
1 code.jquery.com pro.manwardpress.com
1 cdnjs.cloudflare.com pro.manwardpress.com
1 stackpath.bootstrapcdn.com pro.manwardpress.com
1 www.clkmg.com 1 redirects
1 track.smartinvestingsociety.com 1 redirects
1 links.tradingwithmanny.com 1 redirects
96 46

This site contains links to these domains. Also see Links.

Domain
manwardfinancial.com
Subject Issuer Validity Valid
ordertracking2.pubsvs.com
R10		 2024-06-26 -
2024-09-24		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-25 -
2025-05-02		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
lytics.io
E1		 2024-05-14 -
2024-08-12		 3 months crt.sh
*.getblueshift.com
Amazon RSA 2048 M02		 2024-06-08 -
2025-07-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.wistia.com
Amazon RSA 2048 M02		 2024-01-01 -
2025-01-28		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon RSA 2048 M03		 2024-01-08 -
2025-02-04		 a year crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M01		 2023-09-13 -
2024-10-11		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-04 -
2025-07-06		 a year crt.sh
pipedream-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-09		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.de
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-17 -
2024-07-16		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-08 -
2024-08-28		 2 months crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2023-12-02 -
2024-12-29		 a year crt.sh
pmsrv.co
Amazon RSA 2048 M02		 2023-09-16 -
2024-10-14		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
storage.googleapis.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.googleadservices.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-03-19 -
2024-09-11		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Frame ID: 6CC1123BAA277F20D857B03D260A4474
Requests: 92 HTTP requests in this frame

Frame: https://portrait-tracker.s3.amazonaws.com/index.html
Frame ID: 18FC46F8D1964B12E08E1B940724F73C
Requests: 1 HTTP requests in this frame

Frame: https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait
Frame ID: 242C5F24518EB4CED5664D36713E1B2E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7DDB6FB26FBD42FE7F329822EE086273
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Manward PressManward Press

Page URL History Show full URLs

  1. https://links.tradingwithmanny.com/u/click?_t=22910c22682842989d32bf798bc31bde&_m=0cec0bf0eb1f45a098cea41d64f49... HTTP 303
    https://track.smartinvestingsociety.com/Oxford-SIS-MWLdar-NL HTTP 302
    https://www.clkmg.com/Tradingtips/Oxford-SIS-MWLdar-NL HTTP 302
    https://pro.manwardpress.com/m/2281816 HTTP 301
    https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

98 %
HTTPS

66 %
IPv6

31
Domains

46
Subdomains

42
IPs

5
Countries

2930 kB
Transfer

6550 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.tradingwithmanny.com/u/click?_t=22910c22682842989d32bf798bc31bde&_m=0cec0bf0eb1f45a098cea41d64f4978a&_e=RPvJOTsWvJvpl_XAZ50YUo_7rUpGSv0nhjb-_SrjTp6vEan7qNfVN-xirX_RJM687vXjLV8C9M5RokATrNxiVcqpPm0tUuTzC8mMwMUF6GvZLl-DYWmCDvqpoPMa1uNH-rNUFtNE9vHaT8g9BdBaw5JuUZbrL1zrhieuNkag5aLbUneByIKNDoWj2W5Mu_cieGNQ0rX2pMtaTKt6ikf2638KmdFc8ZzzGpCplOrXsNDV3e0IoWjpWeE3hQnuRifD HTTP 303
    https://track.smartinvestingsociety.com/Oxford-SIS-MWLdar-NL HTTP 302
    https://www.clkmg.com/Tradingtips/Oxford-SIS-MWLdar-NL HTTP 302
    https://pro.manwardpress.com/m/2281816 HTTP 301
    https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701391511/?random=1383542052&cv=11&fst=1720530191535&bg=ffffff&guid=ON&async=1&gtm=45be4730v9178943451z8832065994za201zb832065994&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&npa=1&pscdl=noapi&auid=1701891170.1720530191&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChEI8L-ztAYQpeOSqb2--M_cARIdAFwCq2jlPliRWSlADtZIIE0in_RUI9L1Qwpp0ec&pscrd=IhMIreSTt4KahwMVkBaiAx0naRjeMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Rmh0dHBzOi8vcHJvLm1hbndhcmRwcmVzcy5jb20vcC9EQVJLVE8xMjlNV0xMVDJZUkRTQ0JQL0xNV0w0MzMyLz9oPXRydWU HTTP 302
  • https://www.google.com/pagead/1p-conversion/701391511/?random=1383542052&cv=11&fst=1720530191535&bg=ffffff&guid=ON&async=1&gtm=45be4730v9178943451z8832065994za201zb832065994&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&npa=1&pscdl=noapi&auid=1701891170.1720530191&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIreSTt4KahwMVkBaiAx0naRjeMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Rmh0dHBzOi8vcHJvLm1hbndhcmRwcmVzcy5jb20vcC9EQVJLVE8xMjlNV0xMVDJZUkRTQ0JQL0xNV0w0MzMyLz9oPXRydWU&is_vtc=1&cid=CAQSGwDaQooLkijM211mi03zJIIXaggeHFPvZpnyEg&eitems=ChEI8L-ztAYQpeOSqb2--M_cARIdAFwCq2i5zqzmFw1E3iSdwZu1NLxZP0Wnquer05g&random=622099153 HTTP 302
  • https://www.google.de/pagead/1p-conversion/701391511/?random=1383542052&cv=11&fst=1720530191535&bg=ffffff&guid=ON&async=1&gtm=45be4730v9178943451z8832065994za201zb832065994&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&npa=1&pscdl=noapi&auid=1701891170.1720530191&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIreSTt4KahwMVkBaiAx0naRjeMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Rmh0dHBzOi8vcHJvLm1hbndhcmRwcmVzcy5jb20vcC9EQVJLVE8xMjlNV0xMVDJZUkRTQ0JQL0xNV0w0MzMyLz9oPXRydWU&is_vtc=1&cid=CAQSGwDaQooLkijM211mi03zJIIXaggeHFPvZpnyEg&eitems=ChEI8L-ztAYQpeOSqb2--M_cARIdAFwCq2i5zqzmFw1E3iSdwZu1NLxZP0Wnquer05g&random=622099153&ipr=y
Request Chain 88
  • https://rp.liadm.com/j?dtstmp=1720530191636&aid=a-03e6&se=e30&duid=eb701cbdb086--01j2bseh4qhfj46551nbq26k9z&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&wpn=lc-bundle&cd=.manwardpress.com&c=PHRpdGxlPk1hbndhcmQgUHJlc3M8L3RpdGxlPjx0aXRsZT5NYW53YXJkIFByZXNzPC90aXRsZT48aDEgY2xhc3M9ImhlYWRsaW5lIj5BcnRpZmljaWFsIFNVUEVSIEludGVsbGlnZW5jZSAoQVNJKTwvaDE-PGgxPldBSVQhPC9oMT4 HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1720530191636&aid=a-03e6&se=e30&duid=eb701cbdb086--01j2bseh4qhfj46551nbq26k9z&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&wpn=lc-bundle&cd=.manwardpress.com&c=PHRpdGxlPk1hbndhcmQgUHJlc3M8L3RpdGxlPjx0aXRsZT5NYW53YXJkIFByZXNzPC90aXRsZT48aDEgY2xhc3M9ImhlYWRsaW5lIj5BcnRpZmljaWFsIFNVUEVSIEludGVsbGlnZW5jZSAoQVNJKTwvaDE-PGgxPldBSVQhPC9oMT4&i6=MjAwMTphYzg6MjA6M2QwMDoxMDExOjU4NmY6NzZkMDo5MzM1&n3pc=true

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/
Redirect Chain
  • https://links.tradingwithmanny.com/u/click?_t=22910c22682842989d32bf798bc31bde&_m=0cec0bf0eb1f45a098cea41d64f4978a&_e=RPvJOTsWvJvpl_XAZ50YUo_7rUpGSv0nhjb-_SrjTp6vEan7qNfVN-xirX_RJM687vXjLV8C9M5RokA...
  • https://track.smartinvestingsociety.com/Oxford-SIS-MWLdar-NL
  • https://www.clkmg.com/Tradingtips/Oxford-SIS-MWLdar-NL
  • https://pro.manwardpress.com/m/2281816
  • https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
76 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.168 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
df7da72e5e325d2e120c9cd1d9c6dfedc877510316c285a6a4c15bfdc8b22c64
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
35588
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jul 2024 13:03:09 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding

Redirect headers

Cache-Control
private
Content-Length
187
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jul 2024 13:03:09 GMT
Location
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Strict-Transport-Security
max-age=63072000; includeSubDomains
all.js
portrait-tracker.s3.amazonaws.com/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portrait-tracker.s3.amazonaws.com/all.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.35.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0d442120d2b60deb30df02e017358ba9e8057e57af2a52aadaceb08200dc5118

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 13:03:11 GMT
x-amz-version-id
DJTsKKAXZAjX88yytY8IZ9oo.cyFutLW
Last-Modified
Tue, 12 Mar 2024 18:03:33 GMT
Server
AmazonS3
x-amz-request-id
E8ET0GVH3DXXHKMV
ETag
"7a4866af82b3d9c4147211938ab5004d"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
38527
x-amz-id-2
XwWrRNLJU8NXzCxNPb+BPbyJbgPSQ7iW0YtjCtiU2cgJ/Yp8vDqzPzUDu2MPZvZhlrcD82R9FwY=
Common.js
pro.manwardpress.com/p/Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pro.manwardpress.com/p/Scripts/Common.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.168 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 13:03:09 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Mon, 24 Jul 2023 13:39:44 GMT
ETag
"a37f814e34bed91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
1140
HideContent.js
pro.manwardpress.com/p/Scripts/ 		724 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pro.manwardpress.com/p/Scripts/HideContent.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.168 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 13:03:09 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Mon, 24 Jul 2023 13:39:44 GMT
ETag
"bbcd814e34bed91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
466
css2
fonts.googleapis.com/ 		46 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
789b45b86a6101797872c6f0c04dff9e712d44a717af0584cdb2506ffd87d5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jul 2024 13:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 12:18:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jul 2024 13:03:09 GMT
css2
fonts.googleapis.com/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b92bf92042029aa55a2247b67dc1bc8ec5878e170e35b27814c995175fd4302c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jul 2024 13:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 13:03:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jul 2024 13:03:09 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 		157 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Origin
https://pro.manwardpress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1067
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2313064
cdn-cachedat
03/18/2024 12:06:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"3afe15e976734d9daac26310110c4594"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
dc20bc23e7bb5f9d3bc895e80240c379
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8a0883367d635d50-FRA
cdn-requestpullsuccess
True
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/animate.min.css
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1613949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Thu, 07 May 2020 16:26:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb436a8-11848"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wYlAqWa1oQd0YjCXtYAbp%2Flp%2FkunZSevan4QITJG7EJdWrtscT9MudAwzkxiwthCdaUt3tteC19EvoanXDPodFA3%2FoyibV3WmNthDc%2FgGAkVUIcd0ixFarnqUb99Lr%2FuqrweM5qkG%2BvSUN4D2q9E%2FbDL"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a08833679e01e5a-FRA
expires
Sun, 29 Jun 2025 13:03:09 GMT
styles-light.css
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles-light.css
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.81.254 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
76f1e74b479a581e026a28af840a4fc32122ac5980b82632623ae7fcc879cbd1

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 13:03:11 GMT
x-amz-version-id
Dfa1hRKb_TY07QbKej8bHnALqr8eiyCQ
Last-Modified
Thu, 08 Feb 2024 15:08:25 GMT
Server
AmazonS3
x-amz-request-id
E8EXRJBZWPVVVY5F
ETag
"f5231267e73a75f99f0bc7980dd2af1e"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
28290
x-amz-id-2
lQWKGs9/QUarWLt5Lrcm0dzyWaqRxB+IHJSn9uCKHkz93Prl18Er72WOVb6KfAloblCRUaHmIZc=
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Origin
https://pro.manwardpress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2336647
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-fra-eddf8230051-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1720530190.833959,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
3, 489365
E-v1.js
fast.wistia.com/assets/external/ 		790 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd8f7a6a2d555ddb404968d89be389e2a723894aa3a6e923c2dcfde77270ee16
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:10 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
318
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
136905
x-served-by
cache-iad-kjyo7100084-IAD, cache-fra-eddf8230060-FRA
x-browser-version
126
last-modified
Mon, 08 Jul 2024 19:58:42 GMT
server
AmazonS3
x-timer
S1720530190.303103,VS0,VE0
etag
"4ab019e665cd07bbd537c2481fd22ce6"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
aa527b69402cfc719e2222cf6d1ba11b4fe1377b
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
33, 61
asi-profit-and-protect-ipad.png
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/OF/ 		227 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/OF/asi-profit-and-protect-ipad.png
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.81.254 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
66d056fc5eec74ee8809f641e63cd1fc2ce993807f56060fb54295aedbe93eb6

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 13:03:11 GMT
x-amz-version-id
UKHR_rSfd1Jp9XcsrMHwhadqLc4Geqsh
Last-Modified
Mon, 06 Nov 2023 17:17:43 GMT
Server
AmazonS3
x-amz-request-id
E8ENHQV3PNC3FVF0
ETag
"346f2e0aa4ffdc608e5c78eb20e57035"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
232844
x-amz-id-2
Nz1b/IhQ7pjVb10oGj7Q2Y3Pnt257I1t3nkdQo0ejNv+yfdM2d4hkJcbvO8TWnsaAQx7WwCFxWc=
promo.js
portrait-tracker.s3.amazonaws.com/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portrait-tracker.s3.amazonaws.com/promo.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.35.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8b8045007a32445a83e59d46d1e8237fb3a7a4bd62d3cfdd943ca853ba86e2b2

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 13:03:11 GMT
x-amz-version-id
Ea8sPnxc0hvQZiplzrNDZ20cACmxzdAR
Last-Modified
Mon, 18 Mar 2024 16:37:29 GMT
Server
AmazonS3
x-amz-request-id
E8EVHENMRSAGD6RP
ETag
"968945799d89c26299a62dc0339bde67"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
25710
x-amz-id-2
EEQ4pisVIN1w/qUKGKj5jZxOsfonWkdUXGhitZUivzeiQb7yFxedBSOnGHFcobu/JSfbEklkqlI=
latest.min.js
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c5498e6b566cbdce24d58c797661ae67e8dfb2d75f3d5592017a881f9b1762
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:10 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5695
last-modified
Tue, 09 Jul 2024 11:28:15 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5hK25sgh1vJIPQXKGM9laptqMuOpysFPj2hbFNYlnOn3KkVv00doD%2F89m9ATZf23%2FEuwehPEYGd6nL0FzHde%2BeFBmUiBbrwifDCe8TwFHWZp157SMeeeOWXbC1Vx1DRXa9ROzivVeEoU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
x-lytics-trace
e776320fa5ee55e2e5e4cceb5bd1a031
cf-ray
8a0883398c0637e9-FRA
blueshift.js
cdn.getblueshift.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getblueshift.com/blueshift.js
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-125.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 12:22:22 GMT
Content-Encoding
gzip
Via
1.1 bec13cdbd4d650c71ed35e5a7991d3ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P2
Age
2449
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2826
Last-Modified
Wed, 24 Jan 2024 03:44:50 GMT
Server
AmazonS3
ETag
"bd39fba69cd2745738daf44e0e350f6e"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Accept-Ranges
bytes
X-Amz-Cf-Id
-vp5WUWBXkp64_XvQZ1nTbaWm5lMVZHaqpz20yGHVrQd0ABhxUWSjw==
gtm.js
www.googletagmanager.com/ 		367 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4c6edce0ddb8ad1ed357d64a30e55f1950ae76aa299e61c13f9b39898c6dc61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111739
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jul 2024 13:03:10 GMT
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pro.manwardpress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 10:09:28 GMT
x-content-type-options
nosniff
age
10422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19388
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:53:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 10:09:28 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pro.manwardpress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:43:24 GMT
x-content-type-options
nosniff
age
11986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34328
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:54:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:43:24 GMT
nKKX-Go6G5tXcraQKwKAcA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKX-Go6G5tXcraQKwKAcA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
864cc08aa6c75c74cf8488a6829c00117d583ddb54c0b39f96b4499ce3b4e9d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pro.manwardpress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:36:37 GMT
x-content-type-options
nosniff
age
12393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19916
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:54:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:36:37 GMT
1t9erh7kxn.json
fast.wistia.com/embed/medias/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/1t9erh7kxn.json
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
9526ca668fe7ae0df9c004380c796bb1049be067709feb7f2bbe9c0b83dcc6c2
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 db72f6ab1d9d27534c6158ca17e3af1c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
326041
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
51
content-length
1607
x-request-id
d32befe1-3cb6-4288-896b-2c068eb266b0
x-served-by
cache-iad-kiad7000026-IAD, cache-fra-eddf8230066-FRA
x-runtime
0.049402
x-browser-version
126
server
envoy
x-timer
S1720530190.404553,VS0,VE1
etag
W/"9526ca668fe7ae0df9c004380c796bb1"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
K5aG5zXYS0W4anSIUsBa9c7myz7Uk4owUw3Z-GeiVQd2pVgq_kWB1Q==
x-cache-hits
57, 1
index.html
portrait-tracker.s3.amazonaws.com/ Frame 18FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://portrait-tracker.s3.amazonaws.com/index.html
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.33.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Length
2371
Content-Type
text/html
Date
Tue, 09 Jul 2024 13:03:11 GMT
ETag
"c029f674b13b082e9a03b16217c3f576"
Last-Modified
Wed, 03 Nov 2021 21:10:09 GMT
Server
AmazonS3
x-amz-id-2
MfBOFnE36XxT7RfR10s/MrbD7r2knkQZqvEOeUR5s6nZ8+I6+MatzYcSeGhz9JrJIA5oJ+zN06M=
x-amz-request-id
E8EYE7G92YNMTZSJ
x-amz-version-id
X1zblgbOV1d.Qkc55AyQidmgNGbabuW5
c6eb1fff175ff99e09b43d3be3e64a3d.webp
embed-ssl.wistia.com/deliveries/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-ssl.wistia.com/deliveries/c6eb1fff175ff99e09b43d3be3e64a3d.webp?image_crop_resized=1280x720
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
bc057a4ddb102ddf9a6ca8495830fc21e9a68502568956e0c416348145f7e077

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 18:11:37 GMT
access-control-request-method
*
via
1.1 bb69678e2a9bd96a2b2aa070ba9687a4.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
AMS58-P2
age
67893
edge-cache-tag
c6eb1fff175ff99e09b43d3be3e64a3d
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
274
content-disposition
inline
surrogate-key
c6eb1fff175ff99e09b43d3be3e64a3d thumbnail-delivery
last-modified
Tue, 12 Mar 2024 18:53:01 UTC
server
envoy
etag
wsemgWmms2B6osnEJe6LsfBsDPc=
vary
Origin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
6KW6GHoATW2PPr5vdayZfXGPUXOy9p-gszQ_rWYHe1wp_FA52_tFSQ==
4d8c5902-215e-4a7e-b4bc-3d673aa8a921
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/ 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/4d8c5902-215e-4a7e-b4bc-3d673aa8a921?segments=true&mergestate=true&state=%7B%22_uid%22%3A%224d8c5902-215e-4a7e-b4bc-3d673aa8a921%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22de-DE%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1720530190500&callback=u_248443961604391870
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a5e82cd68686f09f6b0978ce3f1585773af35e88888b75f4ae99a5574d8c973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:10 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000;
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WyZ%2FEFCoVy4feOzMvSvcAy34q4t%2Fg%2FbjVT7y349qrHZI2Sypc4q5NCKdBk8Dg5Ffow8Az2AUVxo1FbNBvG4YexXLHJaVPgju2dhMLX1fOSGF4dnwR%2FbnwXGgjvBhCbKjsKcVqgeTxucY"}],"group":"cf-nel","max_age":604800}
x-lytics-trace
88f1ae4e89f79c914bfcea4fc3ccb749
cf-ray
8a08833aade837e9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 		35 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&_ts=1720530190495&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&_v=3.0.35&_uid=4d8c5902-215e-4a7e-b4bc-3d673aa8a921&_getid=t
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:10 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GzsYB6mWFxmlgSPkXDtAT%2FNGfOZt9ipDZWS5gFNfs56amYxa5AueL1CAmSORVKOzbK%2BBMXditsh0E218U8rr6QS6fo3XhgMLc8mD4xW3oG6z5Pis8i6TXQUGayiQ5R%2B%2BCGE%2Fjx6Qsdzu"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
85a585ee9e21d3776d66a86e66138b91
cf-ray
8a08833aadea37e9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
cm
trc.taboola.com/sg/lytics/1/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D4d8c5902-215e-4a7e-b4bc-3d673aa8a921%26account_id%3D9c32784e3cc4888a693a7988ad64c63d
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 09 Jul 2024 13:03:10 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7551
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230127-FRA
pragma
no-cache
server
nginx
x-timer
S1720530191.879604,VS0,VE9
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
LMWL4332
pro.manwardpress.com/p/effortattributes/extractEffortattributes/ 		753 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.manwardpress.com/p/effortattributes/extractEffortattributes/LMWL4332
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.168 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
51f1fe054ef37be8f2ed9cb1d99ff618bc06074255fc8f28a70314d87c97d43d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 09 Jul 2024 13:03:10 GMT
Cache-Control
private
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Length
753
Content-Type
application/json; charset=utf-8
GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 		76 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-50.fra60.r.cloudfront.net
Software
/
Resource Hash
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
10d38f22-f9b2-4277-b8a5-bfcaadb04a80
x-amzn-trace-id
Root=1-668d350f-35ffdfe01fe17bae23df3573;Parent=5ad7cb5ea8c18c2f;Sampled=0;lineage=17be0e8a:0
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
apU6bETPIAMEQwA=
content-length
76
x-amz-cf-id
8KDUGxjZ5due_cDEcUi4YFrgtiZRRnkttcYBkQ1cjRTj_RAdVJRR7g==
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-50.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pro.manwardpress.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
3
content-type
application/json
date
Tue, 09 Jul 2024 13:03:10 GMT
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
x-amz-apigw-id
apU6YGcyIAMEiZA=
x-amz-cf-id
dVKv4jbWrZCgNubRhlBoIV0huW1aIe9zScNYAAcFwKoAcCcvEMO6Hw==
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
dec8a831-9d28-459d-b8d2-aebfaa64e0f3
x-cache
Miss from cloudfront
playPauseLoadingControl.js
fast.wistia.com/assets/external/ 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ae37538ceacf2b3b1bac1208621fbd98393d4f3a402931ce7ffda5cb73245dd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://pro.manwardpress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:10 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
415
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21819
x-served-by
cache-iad-kjyo7100133-IAD, cache-fra-eddf8230066-FRA
x-browser-version
126
last-modified
Mon, 08 Jul 2024 19:58:43 GMT
server
AmazonS3
x-timer
S1720530191.900627,VS0,VE0
etag
"66d2391bf93be270dc0b6ebe090be9cb"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
aa527b69402cfc719e2222cf6d1ba11b4fe1377b
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
30, 27
hls_video.js
fast.wistia.com/assets/external/engines/ 		510 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
827d9260911830f9fc5f799abc6b84f5b7d116101ac969a55a3271e46a914a59
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://pro.manwardpress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:10 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2304
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
127761
x-served-by
cache-iad-kjyo7100043-IAD, cache-fra-eddf8230066-FRA
x-browser-version
126
last-modified
Mon, 08 Jul 2024 19:58:42 GMT
server
AmazonS3
x-timer
S1720530191.901928,VS0,VE0
etag
"2f775b894830b4770275e4a7ef486fd5"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
aa527b69402cfc719e2222cf6d1ba11b4fe1377b
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
886, 108
x
distillery.wistia.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-99.ams58.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jul 2024 13:03:10 GMT
via
1.1 75e0fbd228777058c683bbe0f9e553f0.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
AMS58-P6
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
x-amz-cf-id
atbFTMOG5E_EmA8-WgmVeLbZGI5xT7Pb7AqVL1JIFwopZuGLFg7QfA==
favicon.png
s3.amazonaws.com/assets.manwardpress.com/ 		524 B
904 B 		Other
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/assets.manwardpress.com/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.81.254 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1517ed0281ec8256ac007c3de7c96cec87188715989358baf4eb52fb660876c5

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 13:03:11 GMT
x-amz-version-id
null
Last-Modified
Fri, 26 Mar 2021 14:07:46 GMT
Server
AmazonS3
x-amz-request-id
E8ER2699BHNKHYCG
ETag
"ecc1bd1d1cbccff2b4d8d68e630dfc10"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
524
x-amz-id-2
lF8SdnAobOjCY6oFEhHj4HriHDJ6/tE7pRZyd8pcN6lEPHBiQdEpCz0ANduX8SvA4abl9grzGmA=
blank.gif
fast.wistia.com/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/assets/images/blank.gif
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Origin
https://pro.manwardpress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:10 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
874
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1214
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-eddf8230066-FRA
x-browser-version
126
last-modified
Wed, 10 May 2023 19:48:54 GMT
server
AmazonS3
x-timer
S1720530191.965357,VS0,VE0
etag
"fbdc4ed9a1e2ee4917a265306927bcf1"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4048899, 41
1t9erh7kxn.m3u8
fast.wistia.com/embed/medias/ 		757 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/1t9erh7kxn.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
b79dc2ea2ef7f6f39e0fe9e549c6617b66a29a79cf291ba741a62b6b7c7cf0dc
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
via
1.1 3d088826d90526f82c740c9ebe467f50.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD55-P2
age
0
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
33
content-length
757
x-request-id
6c6aa48c-28e3-4843-b7e4-263d263bca06
x-served-by
cache-iad-kiad7000139-IAD, cache-fra-eddf8230066-FRA
x-runtime
0.032502
x-browser-version
126
server
envoy
x-timer
S1720530191.971875,VS0,VE90
etag
W/"b79dc2ea2ef7f6f39e0fe9e549c6617b"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
0drtz9ccT_iaXeyFlpDp8G6FOI1NIylFjRrVHBuNrX0_I6K7IK2Heg==
x-cache-hits
131, 0
a3591ba5e949a37083cc6f5a4191e903.min.js
js.sentry-cdn.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d9e600cc97a563d568d616671db47dac1576938a377d50e92c3d0d250e14ba3
Security Headers
Name Value
Content-Security-Policy worker-src blob:; base-uri 'none'; img-src * blob: data:; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; style-src * 'unsafe-inline'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; media-src *; object-src 'none'; default-src 'none'; frame-ancestors 'self' *.sentry.io; font-src * data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=2a6a1d3a6cec0e23ff3a006550b7db07e00d7541
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Origin
https://pro.manwardpress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
worker-src blob:; base-uri 'none'; img-src * blob: data:; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; style-src * 'unsafe-inline'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; media-src *; object-src 'none'; default-src 'none'; frame-ancestors 'self' *.sentry.io; font-src * data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=2a6a1d3a6cec0e23ff3a006550b7db07e00d7541
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 13:03:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
18
x-envoy-upstream-service-time
27
content-length
1299
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-59744cccc4-qn426, cache-chi-klot8100079-CHI, cache-fra-eddf8230093-FRA
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
mput
pipedream.wistia.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
0
content-length
2
x-amz-cf-id
dVRsSI1eVlHjMAcCnUZfha6VO3B8CaBG6yApLr3OOJJHSDID26QANQ==
b808a5ae171dbcb20a41b691f17edd32c20c07be.m3u8
embed-cloudfront.wistia.com/deliveries/ 		116 KB
117 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/b808a5ae171dbcb20a41b691f17edd32c20c07be.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
3594f87affceb8d766ed917fe2a71a2338584088e26b511dc3e68e33358fe60f

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 15:48:02 GMT
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
AMS58-P2
age
76509
edge-cache-tag
b808a5ae171dbcb20a41b691f17edd32c20c07be-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
217
content-length
118785
surrogate-key
b808a5ae171dbcb20a41b691f17edd32c20c07be-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
JQWqeaC7oTkj1_kCP0Snc827kjAoJ1xFun2WlCoxgBego_EN0W5lyg==
expires
Tue, 08 Jul 2025 15:48:02 GMT
js
www.googletagmanager.com/gtag/ 		317 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56b82849e95f824acdc29c44878363bda08f89afe8d147e14bb6fbdf1dcbcc5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106368
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jul 2024 13:03:11 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 12:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2044
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 09 Jul 2024 14:29:07 GMT
gtm.js
www.googletagmanager.com/ 		319 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b43fc0c1532769eccc990272468481d917efb20ade4413bed24b0c563a231b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95621
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jul 2024 13:03:11 GMT
gtm.js
www.googletagmanager.com/ 		242 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3cace5106a3639becfe91f33d1a847dee98f8595d251fab2284d65bc72a60536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88762
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jul 2024 13:03:11 GMT
bat.js
bat.bing.com/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a97bc8ec679a82ec782bd76c7302c0ca394c1ad672450f86f87bee5e0ec06b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 09 Jul 2024 13:03:10 GMT
last-modified
Mon, 08 Jul 2024 16:08:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C6D0C8F2EC5443A792ABEDE8A1F04A44 Ref B: FRAEDGE1921 Ref C: 2024-07-09T13:03:11Z
etag
"804a6d1951d1da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13828
lytics-styles.css
s3.amazonaws.com/assets.oxfordclub.com/css/global/ 		441 KB
442 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.81.254 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c7428a052bf22d2d208e6c03492f6005521fedad1ee63386085c3caea45b7e40

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 13:03:12 GMT
x-amz-version-id
RSfnUJimYwRXZFwfxk2MtyCswYmL_PIU
Last-Modified
Tue, 02 Jul 2024 20:20:49 GMT
Server
AmazonS3
x-amz-request-id
XBVJ862N5WG5X2GJ
ETag
"4717f7a5817bc795dea2f339aba09c18"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
451755
x-amz-id-2
f1jCREXro25ZHBo0tj9escUORINB0Fm4FRFQpTRoaiQ9TS5SM/ZIfmovSCbjofzwUz7TazyNWv0=
hotjar-925909.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-925909.js?sv=6
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-27.lhr62.r.cloudfront.net
Software
/
Resource Hash
1a506b39ecad8fdb74a7866758c89ca267dd92153122c3b6e3914f4f6ce0f103
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f2f35cfbe251bd412f460c97cca8770c.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
etag
W/b66da78966354698d9f9ea9c59d9c8cf
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
dP20iKJCs8HbAArv_Mk0rAIWARXcox1cbEpSOmrVDhKRb9NXPA7QrA==
portrait
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/ Frame 242C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://pro.manwardpress.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a08833ece5e1c36-FRA
content-encoding
br
content-type
text/html
date
Tue, 09 Jul 2024 13:03:11 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=drxAivWu12y4AG%2FJ5tJBsW6U3Pb9HBpeyqAqphna56da1nwKccqdhBZHGpuSF6ELdd%2BfQownqGyzbDdwJ3fK0kgh86O%2FDGWuT59CVywpy79%2FxvdwOrGTLufyQDe6twy5bvhvGRbJJ43P"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000;
via
1.1 google
x-lytics-trace
7a3bbce2168732a3a3623ce7eec1c323
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-148998105-6&cid=0471dd4d-5099-42c1-973a-c9d3861047d4&jid=1602602839&gjid=994042843&_gid=1999705755.1720530191&npa=1&_u=YKAAgAABAAAAAEAAIE~&z=1142876225
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 09 Jul 2024 13:03:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pro.manwardpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=152656774&t=pageview&_s=1&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&ul=de-de&de=UTF-8&dt=Manward%20Press&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YKAAgAABAAAAAAAAIE~&jid=1602602839&gjid=994042843&cid=0471dd4d-5099-42c1-973a-c9d3861047d4&tid=UA-148998105-6&_gid=1999705755.1720530191&gtm=45He4730n81KTM4C7Cv813057436za200&cd1=LMWL4332&cd2=1720530190271&cd3=large&cd5=0471dd4d-5099-42c1-973a-c9d3861047d4&cd6=_f3w2zybq1b&cd7=MWL%20Dark&cd8=L%20-%20External%20Email&cd9=Dedicated&cd10=UX%20-%20Web%2FEmail%20Promo%20External&cd11=Smart%20Investing%20Society&cd12=Subscription&cd13=promo%20page&cd14=RussDarkIntroAltLPTO199%20(Video)&cd16=RussDarkIntroAltLPTO49%20(Video)&cd17=video&cd18=Dedicated&cd19=MWL&cd20=FrontEnd&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=1904744582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 10:02:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
10865
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
seg-1-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/b808a5ae171dbcb20a41b691f17edd32c20c07be.m3u8/ 		514 KB
516 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/b808a5ae171dbcb20a41b691f17edd32c20c07be.m3u8/seg-1-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
1fa7ef9878e5c8167e6e100a3b40f84dae35e5afe3c9b70c8f8dde8edca64a15

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 15:48:02 GMT
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
AMS58-P2
age
76509
edge-cache-tag
b808a5ae171dbcb20a41b691f17edd32c20c07be-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
87
content-length
526776
surrogate-key
b808a5ae171dbcb20a41b691f17edd32c20c07be-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CzxYwI0uAhY4oX7tth9hK_cx7msQZqkxpUgxmuTozRGqWb5b8N79bA==
expires
Tue, 08 Jul 2025 15:48:02 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:00:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 09 Jul 2024 14:00:59 GMT
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-925909.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-107.fra56.r.cloudfront.net
Software
/
Resource Hash
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 01 Jul 2024 08:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
708724
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56291
last-modified
Mon, 01 Jul 2024 08:10:34 GMT
etag
"ca025d2d8ae4b3dc51e058b782590501"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
qz5oekT_I96szct4P8yOu-sz7CFyXUQIdzN4JlHkCIHo2JeBl1ShbA==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-148998105-6&cid=0471dd4d-5099-42c1-973a-c9d3861047d4&jid=1602602839&npa=1&_u=YKAAgAABAAAAAEAAIE~&z=1652081978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-148998105-6&cid=0471dd4d-5099-42c1-973a-c9d3861047d4&jid=1602602839&npa=1&_u=YKAAgAABAAAAAEAAIE~&z=1652081978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		239 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-665056240&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
830f2a1239da49a27001e066e4649a508a8798c3dbe8526e39a3ccc91bf19e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87007
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jul 2024 13:03:11 GMT
hotjar-925834.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-925834.js?sv=6
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-27.lhr62.r.cloudfront.net
Software
/
Resource Hash
574cad8d4ce70d52b3eee5ca76903c390b9e930a8682d236cbf6b33a5d617b07
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 13:03:11 GMT
via
1.1 f2f35cfbe251bd412f460c97cca8770c.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
etag
W/d3921d68253855b351266cf2b19e7177
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
RlgtTYmh-pJbVjDoydeykD993biHIXgkj7fXgvjbkXT32E133zcjJQ==
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 09 Jul 2024 13:03:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
iJjcxIMv9s8d0qiehcIHVD9mlbq3ReDh2MWVzey/5gzRjThWC8XP0wNvZJZI/f04HcXLKBLO8eo8dqPRQ9RhOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Tue, 09 Jul 2024 12:29:05 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
TY6G5ABPD9N5VXPW
age
2047
x-amz-server-side-encryption
AES256
content-length
6262
x-amz-id-2
EMOorENL8H93nwzrgj8/JM3sNy6rVaLi5P78NGW8v9EQ7c23DM/Up8W+bMIl0+f5H/D7VkHk+Zs=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
a-03e6.min.js
b-code.liadm.com/ 		101 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-03e6.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:4600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
db7084473b5620188c4839453b5628a982526ce58d91ed8d0ff3fb5aef513310

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 19:23:20 GMT
content-encoding
gzip
via
1.1 941049c97e511f86acc1525badae21c2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
age
63591
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
x-amz-cf-id
h4vORfbqOfvi6Wbh-yjHtt92TIOhyp0mIUGrw_cPIWk4yZr7y7ykyA==
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je4730v9106739609z8813057436za200zb813057436&_p=1720530190271&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=0471dd4d-5099-42c1-973a-c9d3861047d4&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720530191&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&dt=Manward%20Press&en=page_view&_fv=1&_ss=1&ep.promocode=LMWL4332&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=L%20-%20External%20Email&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=Smart%20Investing%20Society&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=RussDarkIntroAltLPTO199%20(Video)&ep.iris_page_1=RussDarkIntroAltLPTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&tfd=4249&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pro.manwardpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BBMPM3EJHQ&cid=0471dd4d-5099-42c1-973a-c9d3861047d4&gtm=45je4730v9106739609z8813057436za200zb813057436&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pro.manwardpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BBMPM3EJHQ&cid=0471dd4d-5099-42c1-973a-c9d3861047d4&gtm=45je4730v9106739609z8813057436za200zb813057436&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=1466880527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
15322609.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/15322609.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 09 Jul 2024 13:03:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4E1F8DF6ABAC452A8F3D945A2FD22CEC Ref B: FRAEDGE1921 Ref C: 2024-07-09T13:03:11Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=15322609&Ver=2&mid=bf913eb8-6191-4481-873f-ea71db2a9b51&sid=984459703df311efacd9cdbac9f9765e&vid=9844d6203df311efb8b4e9f64e99f5e4&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Manward%20Press&p=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&r=&lt=3886&evt=pageLoad&sv=1&cdb=AQAA&rn=878420
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 09 Jul 2024 13:03:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F31D89A5EBF94B58B0E56BA73D0752B2 Ref B: FRAEDGE1921 Ref C: 2024-07-09T13:03:11Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pathfora.min.js
c.lytics.io/static/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2024 12:53:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
555
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8jWxjfXDQz3KwVfK3mtPH7ql4FqGMHCWp4EtEsEgvTg9PFbUz2%2Fqm1HiSN0WLCxegd8ZJ%2FnffzD%2BqMVHzPIl9YZLXt4ArUhEg%2F9c8SXJCB%2Fr0gfaoC6BebI9GJfgoKrDkPcLhuJkH0J"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
8a08833fbc9d37e9-FRA
destination
www.googletagmanager.com/gtag/ 		265 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-701391511&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
46b88c122f2dbb9a65e8d6bbf3bf5b54d8ea74912bbb864119d5d0af4cca376e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93677
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jul 2024 13:03:11 GMT
analytics.js
c.pmsrv.co/v1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:a600:a:8e7d:9900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
4f2d67f554fdc058d41f8b62af5f31f2794c4253647b3e327c8dfc7cc7ed436b

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 12:21:54 GMT
content-encoding
br
via
1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
2477
x-powered-by
Express
etag
W/"260a-0ti1LKcOFAjKF+aS9gUUhwQqEFE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
x-amz-cf-id
U95HI3bAOwGNKlhwzuRF5z2S8oGFk3iGILfQBJcVzY9s-RyE-9T1zA==
expires
-1
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
2144695142494790
connect.facebook.net/signals/config/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2144695142494790?v=2.9.160&r=stable&domain=pro.manwardpress.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7713e387fbef20d81b1e9dce9387ee10d1629ab5816a48db5da222aff083f414
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 09 Jul 2024 13:03:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=64, mss=1328, tbw=63800, tp=-1, tpl=-1, uplat=50, ullat=0
pragma
public
x-fb-debug
+0vc/LBQW4O6wrXN+NvFPeOEQoGG0hDeP1Vr9u1r1uCDuKBKbA/CxQiuy0iJzh17TcEOk8GusCWKN2OKSe7OWQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=AW-665056240&v=3&t=t&pid=1474535549&dl=pro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F&tdp=AW-665056240;;1;7;1&frm=0&pcid=_GTM-TJ3NG7C&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
405446.json
s.yimg.com/wi/config/ 		2 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/405446.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 09 Jul 2024 12:32:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
73QXPHA22GZ3Y577
age
1871
content-length
2
x-amz-id-2
vYUwaVtw25zZVWmXN3PEXqmnBzXag1yB8pC0zmCXONXkhP5F4oJ2o8Hda3x/P+dudbfCGJVFGI4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
pathfora.min.css
c.lytics.io/static/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2024 12:24:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2302
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=goDE2xvRopGUutZEkKVaR82F1NlTRvikK0yHQcpdIn1tmGOhP4Vk5G%2Fi6jkI54Rz83cvZWrVIzN%2B67N2Lr%2BQAw8cjeRLIKY%2F2oU2mFJT3ZLvA6uu%2BS7he7SeIXIpav4PzyHumv0syQUj"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
8a088340ee4f37e9-FRA
lytics_overrides.min.css
storage.googleapis.com/lioservices/2470-oxford-club/ 		602 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 12:32:12 GMT
age
1859
x-guploader-uploadid
ACJd0NobwjrDnKnuAYePFyU6bfBHR9FUoy-3KI_P65S2ouVIzWjEALMM_ZyhJY_hVFrvEBgJS9I
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
602
last-modified
Thu, 04 Oct 2018 21:47:26 GMT
server
UploadServer
etag
"9df2d5ae6031369aa6e0f3685608cd8c"
x-goog-generation
1538689646128559
x-goog-hash
crc32c=VZEimQ==, md5=nfLVrmAxNpqm4PNoVgjNjA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
602
accept-ranges
bytes
content-type
text/css
expires
Tue, 09 Jul 2024 13:32:12 GMT
/
www.googleadservices.com/pagead/conversion/701391511/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/701391511/?random=1720530191535&cv=11&fst=1720530191535&bg=ffffff&guid=ON&async=1&gtm=45be4730v9178943451z8832065994za201zb832065994&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1701891170.1720530191&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-701391511&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
06a29b3c8445399902ac43ab308a2fd1ceaa3249ff1692f5603cf1aae8d33968
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1694
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
pixel-config.reddit.com/pixels/t2_ej6rqnb0/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_ej6rqnb0/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
t2_ej6rqnb0_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_ej6rqnb0_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1720530191551&id=t2_ej6rqnb0&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=82ffefad-0887-4ec9-a998-f0de272b1d61&aaid=0000000000000000000000000000000000000000000000000000000000000001&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
tracking.js
analytics.pmsrv.co/v1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.pmsrv.co/v1/tracking.js?d=pro.manwardpress.com&a=50bbcf39-5fab-4416-a13c-acc35b621b86
Requested by
Host: c.pmsrv.co
URL: https://c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7600:1:7222:ccc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
31969a9254d2e57b3a58d33f19c2247cc20e4cd982e79eb8d2eb05f5f94682a3

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 12:32:01 GMT
content-encoding
gzip
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
1870
x-powered-by
Express
etag
W/"bc8-CwjlEyZMeJT2T4gdzys39D9fgms"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
x-amz-cf-id
Lr4lwutohxHWjYfLjAaOTMy3f8eHdSAJaOjUaHcMzB6tRwBRSgeC-g==
expires
-1
acvr3
c.pmsrv.co/v2/ 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.pmsrv.co/v2/acvr3?a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=page-land&weight=0&dnt=false&_ible=1&ej=%7B%22dnt%22%3Afalse%7D&ord=7296078166154434&sid=17e49768-30d5-49f6-896b-a64bbe77c717&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&_ii=0&ppg=&_tk=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:a600:a:8e7d:9900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
via
1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
x-powered-by
Express
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
x-amz-cf-id
XN58gGnZOg2KKrx9JqifPfHFT9prz7tWqFi5_dBlHJi0tEUkgUfprg==
expires
-1
sp.pl
sp.analytics.yahoo.com/ 		43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2009%20Jul%202024%2013%3A03%3A11%20GMT&n=-2d&b=Manward%20Press&.yp=405446&f=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&enc=UTF-8&yv=1.15.1&tagmgr=gtm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-255-41-64.eu-west-1.compute.amazonaws.com
Software
ATS/9.1.10.121 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS/9.1.10.121
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Tue, 09 Jul 2024 13:03:11 GMT
2275199989273587
connect.facebook.net/signals/config/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2275199989273587?v=2.9.160&r=stable&domain=pro.manwardpress.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C187%2C186%2C188%2C193%2C194%2C195%2C191%2C183%2C123%2C152%2C182%2C184%2C114%2C146%2C136%2C140%2C177%2C120%2C219%2C107%2C220%2C154%2C111%2C127%2C115%2C143
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddf0884df72bbbdc2317d233c064a1d73b499599da9d005aa681388e4fb48d67
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 09 Jul 2024 13:03:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4322, tp=9, tpl=0, uplat=40, ullat=0
pragma
public
x-fb-debug
NIk+RavcsZym4Ss+j9nyDm8bV5m8ZaCIfqcNY1m7Mcm1PJ70LrK+ZDoqH7yFglrPK27I1JGLVqNQMOdPyaOUrw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2144695142494790&ev=PageView&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&rl=&if=false&ts=1720530191567&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720530191566.28960055670437405&ler=empty&cdl=API_unavailable&it=1720530191438&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2864, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jul 2024 13:03:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2144695142494790&ev=PageView&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&rl=&if=false&ts=1720530191567&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720530191566.28960055670437405&ler=empty&cdl=API_unavailable&it=1720530191438&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x59a75095a9248fed","source_keys":["1","2"]},{"key_piece":"0xbe15455d37e3baa4","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 09 Jul 2024 13:03:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389620903176197619", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=17, mss=1328, tbw=7675, tp=-1, tpl=-1, uplat=162, ullat=0
pragma
no-cache
x-fb-debug
focrfLjRk/Ip6I/sLWeiP2keYiZIoXKkzssd0RFGoDBKuRMW56jQy+1Vi0BBQNOs+3CW59v6hYDAPrehjGB4FA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389620903176197619"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2144695142494790&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&rl=&if=false&ts=1720530191568&cd[external_id]=4d8c5902-215e-4a7e-b4bc-3d673aa8a921&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.1.1720530191566.28960055670437405&ler=empty&cdl=API_unavailable&it=1720530191438&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2864, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jul 2024 13:03:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2144695142494790&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&rl=&if=false&ts=1720530191568&cd[external_id]=4d8c5902-215e-4a7e-b4bc-3d673aa8a921&sw=1600&sh=1200&v=2.9.160&r=stable&ec=1&o=4126&fbp=fb.1.1720530191566.28960055670437405&ler=empty&cdl=API_unavailable&it=1720530191438&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9118286742b4c0a5","source_keys":["1","2"]},{"key_piece":"0xaa6b3ced5b73ed88","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 09 Jul 2024 13:03:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389620903010123236", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=17, mss=1328, tbw=6601, tp=-1, tpl=-1, uplat=159, ullat=0
pragma
no-cache
x-fb-debug
7DYHBy5/fuUTjGSgFfNj8f534nWiQZcfWpyAJ0EG4VhFIzgu8ApIjHG28VElOxvcQfS82Q3H0mrNsyiQoJoDXA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389620903010123236"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2144695142494790&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&rl=&if=false&ts=1720530191570&cd[suppression_active_subscribers_investme]=true&cd[wrp_video_modal]=true&cd[exclude_active_on_prhealth]=true&cd[libwealt_modal_target]=true&cd[wealthre_modal_target]=true&cd[proftrnd_lytics_modal]=true&cd[786_webinar_libwealt_modal_target]=true&cd[suppore]=true&cd[suppbrk]=true&cd[omt_launch_webinar_modal]=true&cd[suppress_tot_tot_lifetime_oxccc_tot19hot_and_mlb]=true&cd[suppress_oxc_owa_owa20hot]=true&cd[no_oxf_oxf19hot_agb_oxccc_oxcdc]=true&cd[exclude_active_pes_oxc]=true&cd[exclude_active_on_nmt_oxc]=true&cd[exclude_active_on_786hot20_oxc_786_agb]=true&cd[exclude_active_on_totwealt_oxc_mlb]=true&cd[exclude_active_ett_mab_oxc]=true&cd[exclude_active_on_mal_agb_oxc]=true&cd[exclude_active_on_oxc_786_agb_duplicate]=true&cd[tradeday_nonsubscribers]=true&cd[suppress_]=true&cd[suppress_cbp20hot_cbp_agb_oxc]=true&cd[suppress_all_osa20hot_active_osa_buyers_and_oxc_duplicate]=true&cd[suppress_325war_active]=true&cd[786_ipo_suppression]=true&cd[suppress_war_wax_woh]=true&cd[suppress_active_tbl21hot_tbl_mab_oxc]=true&cd[ly_unknown_email]=true&cd[suppress_ore_orl_mab_oxc]=true&cd[exclude_active_on_mwl]=true&cd[exclude_active_on_omt_agb_oxc]=true&cd[suppress_oxc]=true&cd[suppress_active_on_cbp_cbx_asb_asx_mxb]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[suppress_active_on_nmt_mlb_and_oxc]=true&cd[suppress_war_wax]=true&cd[suppress_active_on_oxf_oxcdc_agb_and_oxccc]=true&cd[suppress_active_on_brk_oxc_dc_mlb_and_oxc_cc]=true&cd[suppress_active_on_mwl_asb_and_mxb]=true&cd[suppress_active_on_mwl_asb_mxb_and_oxc_cc]=true&cd[suppress_active_on_ata_and_oxc]=true&cd[suppress_active_on_mwl_mwx_or_if_known_email]=true&cd[suppress_mtd_mtx_asb_asx_mxb]=true&cd[suppress_war_wax_woh_and_wohtrial]=true&cd[exclude_active_on_wnm]=true&cd[suppress_oxf_oxl_agb_oxc_dc_and_oxc_cc]=true&cd[tot_fifty_0123]=true&cd[suppress_cbp_asb_mxb]=true&cd[suppress_299s23lv_buyers_or_oxc_active]=true&cd[suppress_299s23lv_buyers]=true&cd[suppress_299s23lv_buyers_dv]=true&cd[suppress_mlb_and_oxc_active]=true&cd[all_except_wealthre_suppressed]=true&cd[all]=true&cd[rbf_mxb_suppressed_]=true&cd[suppress_dpl_hotlist_suppress_dpl_subs]=true&cd[orc_experience_10eb16e2c7f7b4f4128310cc919434e0_decision]=true&cd[orc_experience_97e2f2ea1ff28a1db5a5d226d4d35dc5_decision]=true&cd[orc_experience_be8b450f6dfb2815f2eef05d3ca66f56_decision]=true&cd[orc_experience_38cddb36cbb25ff040b869c9b922d118_decision]=true&cd[orc_experience_ec46afc33ebb8902300228aad63baea2_decision]=true&cd[orc_experience_c594066e4a73ebc890931229a1c97611_decision]=true&cd[orc_experience_4e7a6bbab046b3883cbc178a27a9e94d_decision]=true&cd[orc_experience_dfcd2ca030ee3e5082344f92580596e5_decision]=true&cd[orc_experience_1c5ef2af5e76f9058f1e5bccf086035a_decision]=true&cd[orc_experience_d58acd2b5d11c170b338aca7d2d77a59_decision]=true&cd[orc_experience_7ae5efe8bba0fa7a33c21326b8db0758_decision]=true&cd[orc_experience_42698c34dddb90210d6064716afd5de7_decision]=true&cd[orc_experience_274930a410229dff3c0869dd5c9d5545_decision]=true&cd[orc_experience_43224cbec233e28646921beaa4270168_decision]=true&cd[orc_experience_31ba84a13887e6d8515276e97f31a84e_decision]=true&cd[orc_experience_4fbd970d62a9c0a700ce20e57837a412_decision]=true&cd[orc_experience_bb53ff30364af235a354dffae8fbef2c_decision]=true&cd[orc_experience_b51aa24e2059ccb207a29be07914079c_decision]=true&cd[orc_experience_90daef94fc6c805ef319ce463ddfc6b1_decision]=true&cd[orc_experience_20c7723bd092fd89a0cd66dbb1c3bb1a_decision]=true&cd[orc_experience_763e22fe7d26bb7e254ab44942f40713_decision]=true&cd[orc_experience_57dd6382546d6ee60c56af264047cf27_decision]=true&cd[orc_experience_773a8e0397d83fb205cde84c850217b4_decision]=true&cd[orc_experience_0d43044150ad966afe7e2f37fae75f1f_decision]=true&cd[orc_experience_00af6fe348d0e7bab2a3bfb65d85aaec_decision]=true&cd[orc_experience_fbb1042f654bea32157897dc77b93371_decision]=true&cd[orc_experience_28727308f4a1e7921a81180c7a4887b0_decision]=true&cd[orc_experience_87bafa8adeba0028497dee5920ff3aaf_decision]=true&cd[orc_experience_b8261a77cabb8bd59d03d518a7c91ef5_decision]=true&cd[orc_experience_cee5d767a8126200f6f00c967a06c933_decision]=true&cd[orc_experience_574398b8cc1bfccd9d9075d366961a24_decision]=true&cd[orc_experience_658470c9c357ab5b65925c31cef4cb9d_decision]=true&cd[orc_experience_db1cf70b782b3cfc95d7637749c89713_decision]=true&cd[orc_experience_764f3fcd872129e61cc81bde726af0cb_decision]=true&cd[orc_experience_cfe22eb7c324cdb4c2ec593c993a69aa_decision]=true&cd[orc_experience_89c9bc423bc2c09a1e727dc0c39420fb_decision]=true&cd[orc_experience_570a1dc9e3169262d52e090116fcc189_decision]=true&cd[orc_experience_c0354e88aec23f66740738829bdb4d85_decision]=true&cd[orc_experience_039dff1b122103fd2efc1f38a2f90f02_decision]=true&cd[orc_experience_59045656fae6b70f8c168c1153cd2362_decision]=true&cd[orc_experience_53f3081d74832a181887cc9b7e944f95_decision]=true&cd[orc_experience_476eeeac190f7c3bc9aa83a00c5b60cc_decision]=true&cd[orc_experience_f8290a990220111057cb44939e14044d_decision]=true&cd[orc_experience_b31d441abd55fb5e869273b752703c52_decision]=true&sw=1600&sh=1200&v=2.9.160&r=stable&ec=2&o=4126&fbp=fb.1.1720530191566.28960055670437405&ler=empty&cdl=API_unavailable&it=1720530191438&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9118286742b4c0a5","source_keys":["1","2"]},{"key_piece":"0xaa6b3ced5b73ed88","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 09 Jul 2024 13:03:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389620904237192179", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=17, mss=1328, tbw=3407, tp=-1, tpl=-1, uplat=158, ullat=0
pragma
no-cache
x-fb-debug
l4FChAsR1WrYGNH8vWK3tMKCJ9EP3VuSwHdoJ2r94rwuuEdDZY8mfMCqJ1BHbku2l0Q276IjSlgGnFyZEpP0ig==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389620904237192179"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
config.js
c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/ 		181 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/experience/candidate/9c32784e3cc4888a693a7988ad64c63d/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1215a52b0063ab4e8b738ba8c532da98db22cad90766730c141c3f71ce6ce64e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=63072000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2545
last-modified
Tue, 09 Jul 2024 12:20:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yDgDsrKTQKzw2cGuZoWF4sTixvn5cYgQgVWiNRTCdVUKIi5FHkH6KoLDL0zxos03OnluYqGaxcXhJuooS0aKnuQ%2BXdrBOYCFy7CXm9PfNcQ2qAxzQBCHr7QT6n50CVw1sZj3BMgXhML0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
x-lytics-trace
44a4fb56c14f5ace137460a424f03652
cf-ray
8a0883416ef737e9-FRA
/
www.facebook.com/tr/ Frame 7DDB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://pro.manwardpress.com
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://pro.manwardpress.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jul 2024 13:03:11 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=0
mput
pipedream.wistia.com/ 		2 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
ETsEh6ebkaxflgHJVseIT148O8zDj6TjwN81NFWb9Svlq_Y-u1IG1w==
f675fda046e0443850622425c9e4cf655936cd3e.m3u8
embed-cloudfront.wistia.com/deliveries/ 		116 KB
117 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/f675fda046e0443850622425c9e4cf655936cd3e.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
b41df8a1b4f75c747fbb27844fb1cbb0894a95cbbffb1571f2a93e9801d9f7ef

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 18:12:00 GMT
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
AMS58-P2
age
67871
edge-cache-tag
f675fda046e0443850622425c9e4cf655936cd3e-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
325
content-length
118785
surrogate-key
f675fda046e0443850622425c9e4cf655936cd3e-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
d7HxG-ayqY6eDbc8ug-KLxZG2-xAk4IndXu_XKi22260dCC-q8uT4w==
expires
Tue, 08 Jul 2025 18:12:00 GMT
/
www.google.de/pagead/1p-conversion/701391511/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701391511/?random=1383542052&cv=11&fst=1720530191535&bg=ffffff&guid=ON&async=1&gtm=45be4730v9178943451z8832065994za201zb832065994&gc...
  • https://www.google.com/pagead/1p-conversion/701391511/?random=1383542052&cv=11&fst=1720530191535&bg=ffffff&guid=ON&async=1&gtm=45be4730v9178943451z8832065994za201zb832065994&gcd=13l3l3l2l1&dma_cps=...
  • https://www.google.de/pagead/1p-conversion/701391511/?random=1383542052&cv=11&fst=1720530191535&bg=ffffff&guid=ON&async=1&gtm=45be4730v9178943451z8832065994za201zb832065994&gcd=13l3l3l2l1&dma_cps=s...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/701391511/?random=1383542052&cv=11&fst=1720530191535&bg=ffffff&guid=ON&async=1&gtm=45be4730v9178943451z8832065994za201zb832065994&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&npa=1&pscdl=noapi&auid=1701891170.1720530191&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIreSTt4KahwMVkBaiAx0naRjeMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Rmh0dHBzOi8vcHJvLm1hbndhcmRwcmVzcy5jb20vcC9EQVJLVE8xMjlNV0xMVDJZUkRTQ0JQL0xNV0w0MzMyLz9oPXRydWU&is_vtc=1&cid=CAQSGwDaQooLkijM211mi03zJIIXaggeHFPvZpnyEg&eitems=ChEI8L-ztAYQpeOSqb2--M_cARIdAFwCq2i5zqzmFw1E3iSdwZu1NLxZP0Wnquer05g&random=622099153&ipr=y
Protocol
H3
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/701391511/?random=1383542052&cv=11&fst=1720530191535&bg=ffffff&guid=ON&async=1&gtm=45be4730v9178943451z8832065994za201zb832065994&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&label=aY85CPnS0q4YEJfFuc4C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&value=0&npa=1&pscdl=noapi&auid=1701891170.1720530191&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSidldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIreSTt4KahwMVkBaiAx0naRjeMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Rmh0dHBzOi8vcHJvLm1hbndhcmRwcmVzcy5jb20vcC9EQVJLVE8xMjlNV0xMVDJZUkRTQ0JQL0xNV0w0MzMyLz9oPXRydWU&is_vtc=1&cid=CAQSGwDaQooLkijM211mi03zJIIXaggeHFPvZpnyEg&eitems=ChEI8L-ztAYQpeOSqb2--M_cARIdAFwCq2i5zqzmFw1E3iSdwZu1NLxZP0Wnquer05g&random=622099153&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1720530191636&aid=a-03e6&se=e30&duid=eb701cbdb086--01j2bseh4qhfj46551nbq26k9z&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%...
  • https://rp4.liadm.com/j?dtstmp=1720530191636&aid=a-03e6&se=e30&duid=eb701cbdb086--01j2bseh4qhfj46551nbq26k9z&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332...
13 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1720530191636&aid=a-03e6&se=e30&duid=eb701cbdb086--01j2bseh4qhfj46551nbq26k9z&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&wpn=lc-bundle&cd=.manwardpress.com&c=PHRpdGxlPk1hbndhcmQgUHJlc3M8L3RpdGxlPjx0aXRsZT5NYW53YXJkIFByZXNzPC90aXRsZT48aDEgY2xhc3M9ImhlYWRsaW5lIj5BcnRpZmljaWFsIFNVUEVSIEludGVsbGlnZW5jZSAoQVNJKTwvaDE-PGgxPldBSVQhPC9oMT4&i6=MjAwMTphYzg6MjA6M2QwMDoxMDExOjU4NmY6NzZkMDo5MzM1&n3pc=true
Protocol
H2
Server
52.201.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-12-52.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:12 GMT
x-pixel-event-id
7834dc68-6c0d-4ac9-bae4-9b1c9a902f16
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
https://rp4.liadm.com/j?dtstmp=1720530191636&aid=a-03e6&se=e30&duid=eb701cbdb086--01j2bseh4qhfj46551nbq26k9z&tv=v2.14.3&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&wpn=lc-bundle&cd=.manwardpress.com&c=PHRpdGxlPk1hbndhcmQgUHJlc3M8L3RpdGxlPjx0aXRsZT5NYW53YXJkIFByZXNzPC90aXRsZT48aDEgY2xhc3M9ImhlYWRsaW5lIj5BcnRpZmljaWFsIFNVUEVSIEludGVsbGlnZW5jZSAoQVNJKTwvaDE-PGgxPldBSVQhPC9oMT4&i6=MjAwMTphYzg6MjA6M2QwMDoxMDExOjU4NmY6NzZkMDo5MzM1&n3pc=true
access-control-allow-origin
https://pro.manwardpress.com
date
Tue, 09 Jul 2024 13:03:11 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2275199989273587&ev=PageView&dl=https%3A%2F%2Fpro.manwardpress.com&rl=&if=false&ts=1720530191643&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4124&fbp=fb.1.1720530191566.28960055670437405&ler=empty&cdl=API_unavailable&pm=1&hrl=485d24&it=1720530191438&coo=false&cs_cc=1&cas=8166847433345392%2C2335543143241576&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pro.manwardpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=17, mss=1328, tbw=3261, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jul 2024 13:03:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2275199989273587&ev=PageView&dl=https%3A%2F%2Fpro.manwardpress.com&rl=&if=false&ts=1720530191643&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4124&fbp=fb.1.1720530191566.28960055670437405&ler=empty&cdl=API_unavailable&pm=1&hrl=485d24&it=1720530191438&coo=false&cs_cc=1&cas=8166847433345392%2C2335543143241576&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pro.manwardpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8da4f3ed1237eadb","source_keys":["1","2"]},{"key_piece":"0x0be99a65086e6ad0","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 09 Jul 2024 13:03:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389620902549450365", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=17, mss=1328, tbw=8914, tp=-1, tpl=-1, uplat=160, ullat=0
pragma
no-cache
x-fb-debug
O1HHvO1ildPE5aMxhU7WhS3wKWoPURUTbVZnO8YK1ysmQYCrhPZJNsLZZGm0g3HVMA2XX0RxPQ7ZpIfb16hvZw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389620902549450365"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
allIntegrations.js
fast.wistia.com/assets/external/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed2bc704e3fc26b8ee33210578b918016eab1d881e7db60e44e4afbbeeb5b2fd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://pro.manwardpress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 13:03:11 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
270
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
12251
x-served-by
cache-iad-kiad7000107-IAD, cache-fra-eddf8230066-FRA
x-browser-version
126
last-modified
Mon, 08 Jul 2024 19:58:42 GMT
server
AmazonS3
x-timer
S1720530192.902723,VS0,VE0
etag
"c71c49acde6f4cac3c778ccc6f496292"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
aa527b69402cfc719e2222cf6d1ba11b4fe1377b
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
30, 12
unity.gif
api.getblueshift.com/ 		42 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.getblueshift.com/unity.gif?t=1720530192&e=pageload&r=&z=568287&x=5475fa15fca6698857e67e2705849cfa&k=b32b2e05-b65a-45c2-8549-8c02497496d2&u=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue
Requested by
Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.230.172 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-230-172.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://pro.manwardpress.com
date
Tue, 09 Jul 2024 13:03:12 GMT
access-control-expose-headers
etag
content-length
42
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif
mput
pipedream.wistia.com/ 		2 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/allIntegrations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 09 Jul 2024 13:03:12 GMT
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
ZIzQIYSdBf1N7ui0zUw7mA9b4ttbS0T-_ewTLfo8pwzKk0FnQo5ZSw==
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je4730v9106739609za200zb813057436&_p=1720530190271&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=0471dd4d-5099-42c1-973a-c9d3861047d4&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1720530191&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FLMWL4332%2F%3Fh%3Dtrue&dt=Manward%20Press&en=scroll&ep.promocode=LMWL4332&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=L%20-%20External%20Email&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=Smart%20Investing%20Society&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=RussDarkIntroAltLPTO199%20(Video)&ep.iris_page_1=RussDarkIntroAltLPTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&epn.percent_scrolled=90&_et=22&tfd=9289&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 13:03:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pro.manwardpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| event_api_key object| jstag string| _blueshiftid object| blueshift object| bundles object| portraitReady object| portraitLyticsLoaded object| portraitPageLoaded object| portraitPurchase object| portraitReversePurchase object| portraitIdentity object| portraitEventTrigger object| portraitXHRHook object| liosetup object| dataLayer object| Portrait function| __attachEventHandler function| __detachEventHandler function| __addUnloadEvent function| __sendAjaxPost function| __urlParameters function| __setCookie function| __getCookie function| __getByClassName number| __subscribeNowDelay function| __showElements object| __subscribeNowElements function| __showSubscribeNow function| $ function| jQuery string| displayexitpop string| displayclickpop number| exitpopseconds string| buttonanimation object| leadgensignup string| videoid string| legaldate string| promopagetype string| MainUrl object| pagepaths object| urlParams number| exitpoptime object| _wq object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia string| _wistiaElemId object| wistiaEmbeds object| __lytics__jstag__ object| google_tag_manager object| google_tag_data string| clientid string| ly_cookie_id object| Sentry object| videoTenSecondEvent object| videoButtonPopEvent object| videoReadyEvent string| GoogleAnalyticsObject function| ga object| LyticsPortrait object| containers object| uetq function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled function| fbq function| _fbq object| dotq function| onYouTubeIframeAPIReady function| UET function| UET_init function| UET_push object| ueto_85f0fcd6fa function| ctrk function| rdt object| YAHOO object| pathfora object| LI object| __li__evt_bus object| liQ object| liQ_instances object| GooglebQhCsO function| redditNormalizeEmail object| _pfacfg string| req

32 Cookies

Domain/Path Name / Value
pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332 Name: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/LMWL4332/?h
Value: true=visited
.liadm.com/j Name: lidid
Value: 2df414a0-382b-4ca9-b6ae-a83c9c62f775
.tradingwithmanny.com/ Name: iterableEmailCampaignId
Value: 10070245
.tradingwithmanny.com/ Name: iterableTemplateId
Value: 13290719
.tradingwithmanny.com/ Name: iterableMessageId
Value: 0cec0bf0eb1f45a098cea41d64f4978a
.tradingwithmanny.com/ Name: iterableEndUserId
Value: verdacht%40safeonweb.be
links.tradingwithmanny.com/ Name: XSRF-TOKEN
Value: 6259768e38070ac778f799d87784a6474122ab11-1720530187377-9b9b03b380f061b5ca84aa14
.clkmg.com/ Name: vid
Value: 1046551368
pro.manwardpress.com/ Name: 2281816
Value: 2727592
pro.manwardpress.com/ Name: BIGipServerIRIS_PROD_HTTPS_POOL
Value: 1543569418.47873.0000
pro.manwardpress.com/ Name: LMWL4332
Value:
.pro.manwardpress.com/ Name: seerses
Value: e
.pro.manwardpress.com/ Name: seerid
Value: 4d8c5902-215e-4a7e-b4bc-3d673aa8a921
.lytics.io/ Name: seerid
Value: 4d8c5902-215e-4a7e-b4bc-3d673aa8a921
.manwardpress.com/ Name: _ga
Value: GA1.1.0471dd4d-5099-42c1-973a-c9d3861047d4
.manwardpress.com/ Name: _uetsid
Value: 984459703df311efacd9cdbac9f9765e
.manwardpress.com/ Name: _uetvid
Value: 9844d6203df311efb8b4e9f64e99f5e4
.manwardpress.com/ Name: _ga_BBMPM3EJHQ
Value: GS1.1.1720530191.1.0.1720530191.60.0.0
.manwardpress.com/ Name: _gcl_au
Value: 1.1.1701891170.1720530191
.bing.com/ Name: MUID
Value: 09D20729DA4C69A710ED139EDB4C68C1
.manwardpress.com/ Name: _hjSessionUser_925909
Value: eyJpZCI6ImZkY2E3Yjk0LTExYTctNWMyOC05Yzc5LTExMTBmZjZiMGYwNiIsImNyZWF0ZWQiOjE3MjA1MzAxOTE0MTQsImV4aXN0aW5nIjpmYWxzZX0=
.manwardpress.com/ Name: _hjSession_925909
Value: eyJpZCI6IjBhNjk5ZjM2LWIzYzQtNDA1Ny1hODY1LTllNzYwMzdiYTYwMSIsImMiOjE3MjA1MzAxOTE0MjMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.c.pmsrv.co/ Name: tpc
Value: 1
.manwardpress.com/ Name: _li_dcdm_c
Value: .manwardpress.com
.manwardpress.com/ Name: _lc2_fpi
Value: eb701cbdb086--01j2bseh4qhfj46551nbq26k9z
.manwardpress.com/ Name: _lc2_fpi_meta
Value: {%22w%22:1720530191511}
.manwardpress.com/ Name: _rdt_uuid
Value: 1720530191550.82ffefad-0887-4ec9-a998-f0de272b1d61
.manwardpress.com/ Name: _pmedia_sid
Value: 17e49768-30d5-49f6-896b-a64bbe77c717
.manwardpress.com/ Name: _fbp
Value: fb.1.1720530191566.28960055670437405
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pro.manwardpress.com/ Name: _bs
Value: b32b2e05-b65a-45c2-8549-8c02497496d2
.liadm.com/ Name: lidid
Value: 2df414a0-382b-4ca9-b6ae-a83c9c62f775

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.pmsrv.co
api.getblueshift.com
b-code.liadm.com
bat.bing.com
c.lytics.io
c.pmsrv.co
cdn.getblueshift.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
distillery.wistia.com
dnzkifeab6.execute-api.us-east-1.amazonaws.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.sentry-cdn.com
links.tradingwithmanny.com
pipedream.wistia.com
pixel-config.reddit.com
portrait-tracker.s3.amazonaws.com
pro.manwardpress.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s.yimg.com
s3.amazonaws.com
script.hotjar.com
sp.analytics.yahoo.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
track.smartinvestingsociety.com
trc.taboola.com
www.clkmg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
13.224.245.27
13.32.27.107
142.250.181.226
151.101.193.140
151.101.65.140
16.182.35.17
18.239.18.99
18.239.36.125
18.245.60.50
192.135.136.168
2001:4860:4802:34::36
2600:1f18:730:b140:260e:e00d:f9f2:bc3a
2600:9000:2090:4600:8:8845:1500:93a1
2600:9000:20a0:1800:1e:c86:4140:93a1
2600:9000:211e:7600:1:7222:ccc0:93a1
2600:9000:2240:600:3:471f:5240:93a1
2600:9000:238d:a600:a:8e7d:9900:93a1
2606:4700:20::681a:216
2606:4700:20::ac43:49ec
2606:4700:3032::6815:18a5
2606:4700::6811:180e
2606:4700::6812:bcf
2620:1ec:c11::237
2a00:1288:80:807::2
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::201b
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42:600::396
2a04:4e42:600::729
2a04:4e42::644
2a04:4e42::649
2a06:98c1:3120::3
3.255.41.64
50.112.136.248
52.201.12.52
52.216.33.193
52.217.81.254
54.187.230.172
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06a29b3c8445399902ac43ab308a2fd1ceaa3249ff1692f5603cf1aae8d33968
0d442120d2b60deb30df02e017358ba9e8057e57af2a52aadaceb08200dc5118
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06
1215a52b0063ab4e8b738ba8c532da98db22cad90766730c141c3f71ce6ce64e
1517ed0281ec8256ac007c3de7c96cec87188715989358baf4eb52fb660876c5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a506b39ecad8fdb74a7866758c89ca267dd92153122c3b6e3914f4f6ce0f103
1ae37538ceacf2b3b1bac1208621fbd98393d4f3a402931ce7ffda5cb73245dd
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
1fa7ef9878e5c8167e6e100a3b40f84dae35e5afe3c9b70c8f8dde8edca64a15
2a5e82cd68686f09f6b0978ce3f1585773af35e88888b75f4ae99a5574d8c973
2d9e600cc97a563d568d616671db47dac1576938a377d50e92c3d0d250e14ba3
31969a9254d2e57b3a58d33f19c2247cc20e4cd982e79eb8d2eb05f5f94682a3
3594f87affceb8d766ed917fe2a71a2338584088e26b511dc3e68e33358fe60f
3cace5106a3639becfe91f33d1a847dee98f8595d251fab2284d65bc72a60536
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
46b88c122f2dbb9a65e8d6bbf3bf5b54d8ea74912bbb864119d5d0af4cca376e
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4f2d67f554fdc058d41f8b62af5f31f2794c4253647b3e327c8dfc7cc7ed436b
51f1fe054ef37be8f2ed9cb1d99ff618bc06074255fc8f28a70314d87c97d43d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56b82849e95f824acdc29c44878363bda08f89afe8d147e14bb6fbdf1dcbcc5e
574cad8d4ce70d52b3eee5ca76903c390b9e930a8682d236cbf6b33a5d617b07
5b43fc0c1532769eccc990272468481d917efb20ade4413bed24b0c563a231b3
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
63c5498e6b566cbdce24d58c797661ae67e8dfb2d75f3d5592017a881f9b1762
66d056fc5eec74ee8809f641e63cd1fc2ce993807f56060fb54295aedbe93eb6
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
76f1e74b479a581e026a28af840a4fc32122ac5980b82632623ae7fcc879cbd1
7713e387fbef20d81b1e9dce9387ee10d1629ab5816a48db5da222aff083f414
789b45b86a6101797872c6f0c04dff9e712d44a717af0584cdb2506ffd87d5ba
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
827d9260911830f9fc5f799abc6b84f5b7d116101ac969a55a3271e46a914a59
830f2a1239da49a27001e066e4649a508a8798c3dbe8526e39a3ccc91bf19e33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd
864cc08aa6c75c74cf8488a6829c00117d583ddb54c0b39f96b4499ce3b4e9d1
8b8045007a32445a83e59d46d1e8237fb3a7a4bd62d3cfdd943ca853ba86e2b2
9526ca668fe7ae0df9c004380c796bb1049be067709feb7f2bbe9c0b83dcc6c2
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
a97bc8ec679a82ec782bd76c7302c0ca394c1ad672450f86f87bee5e0ec06b19
a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
b41df8a1b4f75c747fbb27844fb1cbb0894a95cbbffb1571f2a93e9801d9f7ef
b79dc2ea2ef7f6f39e0fe9e549c6617b66a29a79cf291ba741a62b6b7c7cf0dc
b92bf92042029aa55a2247b67dc1bc8ec5878e170e35b27814c995175fd4302c
bc057a4ddb102ddf9a6ca8495830fc21e9a68502568956e0c416348145f7e077
c7428a052bf22d2d208e6c03492f6005521fedad1ee63386085c3caea45b7e40
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
db7084473b5620188c4839453b5628a982526ce58d91ed8d0ff3fb5aef513310
ddf0884df72bbbdc2317d233c064a1d73b499599da9d005aa681388e4fb48d67
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7da72e5e325d2e120c9cd1d9c6dfedc877510316c285a6a4c15bfdc8b22c64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4
ed2bc704e3fc26b8ee33210578b918016eab1d881e7db60e44e4afbbeeb5b2fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f4c6edce0ddb8ad1ed357d64a30e55f1950ae76aa299e61c13f9b39898c6dc61
fd8f7a6a2d555ddb404968d89be389e2a723894aa3a6e923c2dcfde77270ee16