Submitted URL: https://links.iterable.com/u/click?_t=624e2f206db949a7ac0c775a432f5e68&_m=fdfd65771fc945788c41dd34bc877b0d&_e=s5tYDB_VcTcOP...
Effective URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Submission: On January 14 via manual from SG — Scanned from SG

Summary

This website contacted 71 IPs in 6 countries across 55 domains to perform 142 HTTP transactions. The main IP is 192.135.136.168, located in United States and belongs to 14WEST-AS, US. The main domain is pro.manwardpress.com.
TLS certificate: Issued by R3 on December 10th 2023. Valid for: 3 months.
This is the only time pro.manwardpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.233.81.194 14618 (AMAZON-AES)
1 1 104.21.70.137 13335 (CLOUDFLAR...)
1 1 35.241.49.11 396982 (GOOGLE-CL...)
1 5 192.135.136.168 11372 (14WEST-AS)
3 52.217.198.145 16509 (AMAZON-02)
4 142.251.12.95 15169 (GOOGLE)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
4 54.231.232.80 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
7 151.101.130.132 54113 (FASTLY)
7 104.26.2.22 13335 (CLOUDFLAR...)
1 13.33.88.87 16509 (AMAZON-02)
4 142.251.10.97 15169 (GOOGLE)
3 172.253.118.94 15169 (GOOGLE)
2 13.224.250.26 16509 (AMAZON-02)
1 151.101.129.44 54113 (FASTLY)
1 54.192.150.34 16509 (AMAZON-02)
3 74.125.68.100 15169 (GOOGLE)
4 13.107.21.200 8068 (MICROSOFT...)
2 13.227.254.91 16509 (AMAZON-02)
2 216.239.32.181 15169 (GOOGLE)
2 142.251.175.154 15169 (GOOGLE)
3 142.251.175.94 15169 (GOOGLE)
1 74.125.200.155 15169 (GOOGLE)
5 157.240.15.13 32934 (FACEBOOK)
2 180.222.114.11 10310 (YAHOO-1)
1 18.155.68.16 16509 (AMAZON-02)
1 3 13.224.250.9 16509 (AMAZON-02)
1 182.161.73.133 55569 (CRITEO-AS...)
1 151.101.193.140 54113 (FASTLY)
2 2 35.158.151.55 16509 (AMAZON-02)
3 4 35.213.12.39 15169 (GOOGLE)
1 1 18.184.206.17 16509 (AMAZON-02)
2 4 18.143.106.89 16509 (AMAZON-02)
1 18.155.68.60 16509 (AMAZON-02)
1 64.233.170.207 15169 (GOOGLE)
2 172.217.194.147 15169 (GOOGLE)
4 23.210.250.147 20940 (AKAMAI-ASN1)
1 2 3.210.94.65 14618 (AMAZON-AES)
2 52.84.251.89 16509 (AMAZON-02)
1 2 23.207.188.21 16625 (AKAMAI-AS)
2 4 182.161.73.136 55569 (CRITEO-AS...)
1 151.101.65.140 54113 (FASTLY)
1 106.10.236.146 56173 (YAHOO-SG3...)
12 157.240.15.35 32934 (FACEBOOK)
4 23.210.250.152 20940 (AKAMAI-ASN1)
1 3 182.161.73.146 55569 (CRITEO-AS...)
1 74.119.119.150 19750 (AS-CRITEO)
2 13.33.33.38 16509 (AMAZON-02)
1 52.84.251.46 16509 (AMAZON-02)
1 1 172.217.194.157 15169 (GOOGLE)
2 3 103.43.89.4 29990 (ASN-APPNEX)
1 69.173.158.64 26667 (RUBICONPR...)
1 23.106.127.169 59253 (LEASEWEB-...)
1 141.226.229.48 200478 (TABOOLA-AS)
1 23.199.81.118 20940 (AKAMAI-ASN1)
1 2 52.223.2.229 16509 (AMAZON-02)
2 23.46.16.159 20940 (AKAMAI-ASN1)
1 124.146.153.152 2514 (INFOSPHER...)
1 211.120.53.203 4694 (IDCF IDC ...)
1 23.73.13.201 16625 (AKAMAI-AS)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
1 15.165.192.6 16509 (AMAZON-02)
1 103.195.32.131 41690 (DAILYMOTI...)
1 18.177.218.85 16509 (AMAZON-02)
1 139.99.63.224 16276 (OVH)
1 2 52.221.130.175 16509 (AMAZON-02)
1 35.244.154.8 396982 (GOOGLE-CL...)
1 38.133.127.127 22075 (AS-OUTBRAIN)
1 67.199.150.86 3257 (GTT-BACKB...)
1 13.227.254.51 16509 (AMAZON-02)
1 23.215.7.14 20940 (AKAMAI-ASN1)
1 122.248.237.153 16509 (AMAZON-02)
3 54.192.150.81 16509 (AMAZON-02)
1 52.37.23.212 16509 (AMAZON-02)
1 52.89.86.65 16509 (AMAZON-02)
142 71
Apex Domain
Subdomains
Transfer
14 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 4275
embed-ssl.wistia.com — Cisco Umbrella Rank: 8202
pipedream.wistia.com — Cisco Umbrella Rank: 6517
distillery.wistia.com — Cisco Umbrella Rank: 6443
embed-cloudfront.wistia.com
2 MB
12 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
572 B
9 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4057
gum.criteo.com — Cisco Umbrella Rank: 423
sslwidget.criteo.com — Cisco Umbrella Rank: 2254
widget.us.criteo.com — Cisco Umbrella Rank: 19669
dis.criteo.com — Cisco Umbrella Rank: 608
33 KB
9 amazonaws.com
portrait-tracker.s3.amazonaws.com — Cisco Umbrella Rank: 671861
s3.amazonaws.com
dnzkifeab6.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 600779
782 KB
8 typekit.net
use.typekit.net — Cisco Umbrella Rank: 463
p.typekit.net — Cisco Umbrella Rank: 566
4 KB
7 lytics.io
c.lytics.io — Cisco Umbrella Rank: 11353
122 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1451
2 KB
5 pmsrv.co
c.pmsrv.co — Cisco Umbrella Rank: 62026
analytics.pmsrv.co — Cisco Umbrella Rank: 71451
6 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
151 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
storage.googleapis.com — Cisco Umbrella Rank: 286
7 KB
5 manwardpress.com
pro.manwardpress.com
38 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
2 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
3 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com — Cisco Umbrella Rank: 2
876 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
c.bing.com — Cisco Umbrella Rank: 247
14 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
346 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
3 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
rtb-eu.mfadsrvr.com — Cisco Umbrella Rank: 187577
2 KB
3 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3215
rp.liadm.com — Cisco Umbrella Rank: 1497
16 KB
3 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 13364
672 B
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 681
script.hotjar.com — Cisco Umbrella Rank: 996
63 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
22 KB
3 gstatic.com
fonts.gstatic.com
73 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 698
876 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1743
1 KB
2 socdm.com
adgen.socdm.com — Cisco Umbrella Rank: 25352
tg.socdm.com — Cisco Umbrella Rank: 1525
2 KB
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
739 B
2 media.net
contextual.media.net — Cisco Umbrella Rank: 709
1 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 673
7 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 646
sync-t1.taboola.com — Cisco Umbrella Rank: 1704
779 B
2 getblueshift.com
cdn.getblueshift.com — Cisco Umbrella Rank: 15631
api.getblueshift.com — Cisco Umbrella Rank: 13998
4 KB
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 784
337 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2988
621 B
1 clmbtech.com
ade.clmbtech.com — Cisco Umbrella Rank: 3535
260 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
383 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 870
577 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 829
287 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
442 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
661 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 4276
414 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2469
123 B
1 dable.io
adx.dable.io — Cisco Umbrella Rank: 24914
143 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
549 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2620
280 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
688 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
940 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1450
638 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1335
9 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
5 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2998
25 KB
1 d20saclk.com
www.d20saclk.com
459 B
1 stocksagesynergynwl.com
www.stocksagesynergynwl.com
776 B
1 iterable.com
links.iterable.com — Cisco Umbrella Rank: 51657
1 KB
142 55
Domain Requested by
12 www.facebook.com pro.manwardpress.com
7 c.lytics.io portrait-tracker.s3.amazonaws.com
c.lytics.io
pro.manwardpress.com
7 fast.wistia.com pro.manwardpress.com
fast.wistia.com
5 connect.facebook.net pro.manwardpress.com
connect.facebook.net
5 pro.manwardpress.com 1 redirects pro.manwardpress.com
portrait-tracker.s3.amazonaws.com
4 p.typekit.net use.typekit.net
4 gum.criteo.com 2 redirects dynamic.criteo.com
gum.criteo.com
4 use.typekit.net s3.amazonaws.com
4 ups.analytics.yahoo.com 2 redirects pro.manwardpress.com
4 x.bidswitch.net 3 redirects
4 www.googletagmanager.com portrait-tracker.s3.amazonaws.com
www.googletagmanager.com
pro.manwardpress.com
4 s3.amazonaws.com pro.manwardpress.com
s3.amazonaws.com
www.googletagmanager.com
4 fonts.googleapis.com pro.manwardpress.com
s3.amazonaws.com
3 embed-cloudfront.wistia.com fast.wistia.com
3 ib.adnxs.com 2 redirects
3 c.pmsrv.co 1 redirects pro.manwardpress.com
3 www.google.com.sg pro.manwardpress.com
3 bat.bing.com pro.manwardpress.com
bat.bing.com
3 www.google-analytics.com www.googletagmanager.com
pro.manwardpress.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
3 portrait-tracker.s3.amazonaws.com pro.manwardpress.com
portrait-tracker.s3.amazonaws.com
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 hb.yahoo.net
2 eb2.3lift.com 1 redirects
2 dis.criteo.com
2 pipedream.wistia.com fast.wistia.com
2 contextual.media.net 1 redirects
2 analytics.pmsrv.co c.pmsrv.co
2 rp.liadm.com 1 redirects pro.manwardpress.com
2 www.google.com pro.manwardpress.com
2 rtb.mfadsrvr.com 2 redirects
2 s.yimg.com pro.manwardpress.com
s.yimg.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 static.hotjar.com pro.manwardpress.com
2 dnzkifeab6.execute-api.us-east-1.amazonaws.com portrait-tracker.s3.amazonaws.com
1 api.getblueshift.com cdn.getblueshift.com
1 beacon.krxd.net
1 sync-criteo.ads.yieldmo.com
1 ade.clmbtech.com
1 s.ad.smaato.net
1 simage2.pubmatic.com
1 sync.outbrain.com
1 c.bing.com
1 idsync.rlcdn.com
1 ads.stickyadstv.com
1 cs.adingo.jp
1 public-prod-dspcookiematching.dmxleo.com
1 adx.dable.io
1 tags.bluekai.com
1 tg.socdm.com
1 adgen.socdm.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 pixel.rubiconproject.com
1 cm.g.doubleclick.net 1 redirects
1 distillery.wistia.com fast.wistia.com
1 widget.us.criteo.com pro.manwardpress.com
1 sslwidget.criteo.com 1 redirects
1 sp.analytics.yahoo.com pro.manwardpress.com
1 alb.reddit.com pro.manwardpress.com
1 storage.googleapis.com c.lytics.io
1 script.hotjar.com static.hotjar.com
1 rtb-eu.mfadsrvr.com 1 redirects
1 www.redditstatic.com pro.manwardpress.com
1 dynamic.criteo.com www.googletagmanager.com
1 b-code.liadm.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 embed-ssl.wistia.com pro.manwardpress.com
1 trc.taboola.com pro.manwardpress.com
1 cdn.getblueshift.com portrait-tracker.s3.amazonaws.com
1 code.jquery.com pro.manwardpress.com
1 cdnjs.cloudflare.com pro.manwardpress.com
1 stackpath.bootstrapcdn.com pro.manwardpress.com
1 www.d20saclk.com 1 redirects
1 www.stocksagesynergynwl.com 1 redirects
1 links.iterable.com 1 redirects
142 79

This site contains no links.

Subject Issuer Validity Valid
ordertracking2.pubsvs.com
R3
2023-12-10 -
2024-03-09
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-03
9 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
bootstrapcdn.com
GTS CA 1P5
2023-11-30 -
2024-02-28
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-10
9 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-07-02 -
2024-08-02
a year crt.sh
*.getblueshift.com
Amazon RSA 2048 M02
2023-07-10 -
2024-08-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon RSA 2048 M03
2024-01-08 -
2025-02-04
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.wistia.com
Amazon RSA 2048 M02
2024-01-01 -
2025-01-28
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01
2023-10-24 -
2024-04-21
6 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.google.com.sg
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-23 -
2024-01-21
3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-12-12 -
2024-01-31
2 months crt.sh
*.liadm.com
Amazon RSA 2048 M03
2023-12-02 -
2024-12-29
a year crt.sh
pmsrv.co
Amazon RSA 2048 M02
2023-09-16 -
2024-10-14
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-08 -
2024-07-06
6 months crt.sh
storage.googleapis.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
www.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-21 -
2024-10-21
a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-01 -
2024-02-28
6 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-10-24 -
2024-04-17
6 months crt.sh
pipedream-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M03
2023-09-11 -
2024-10-09
a year crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M01
2023-09-13 -
2024-10-11
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-12-26 -
2024-06-19
6 months crt.sh
hb.yahoo.net
R3
2023-12-18 -
2024-03-17
3 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018
2023-05-31 -
2024-06-30
a year crt.sh
*.dable.io
Sectigo ECC Domain Validation Secure Server CA
2023-10-27 -
2024-11-25
a year crt.sh
public-prod-dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA
2024-01-07 -
2024-04-06
3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M03
2023-09-13 -
2024-10-12
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1
2023-11-20 -
2024-11-27
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03
2023-09-04 -
2024-10-02
a year crt.sh
colombiaonline.com
R3
2024-01-04 -
2024-04-03
3 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01
2023-03-26 -
2024-04-23
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh

This page contains 7 frames:

Primary Page: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Frame ID: 01009EC80B28E9B1C4571923888615D4
Requests: 105 HTTP requests in this frame

Frame: https://portrait-tracker.s3.amazonaws.com/index.html
Frame ID: EC918D1CCB42817C64142B0ECC6C34F5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pro.manwardpress.com&origin=onetag
Frame ID: 3054A09C39B3D53ACEFE4E636C705D5F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 43E152FFF1777A63C4EA3C5596BD3658
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 29FC7FCF5554F6147E41E755F937CAB6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B23BF99CD233526FD0622314559CAD1E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-cEttSYg0SFgb1E8pm0BfGtw7YVv4_RFzwKLkyQ&google_gid=CAESECEPqWGRvWaxCboCMLVhS0M&google_cver=1&google_ula=913071,0
Frame ID: 73B2F2BA2238BFF90E08F001EEE6C85C
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

Manward PressManward Press

Page URL History Show full URLs

  1. https://links.iterable.com/u/click?_t=624e2f206db949a7ac0c775a432f5e68&_m=fdfd65771fc945788c41dd34bc877... HTTP 303
    https://www.stocksagesynergynwl.com/PBGRT/218JJH3/?source_id=OxfMWLDar2&sub1=1&sub2=Iter24SSA&sub3=Iter24&sub4=O... HTTP 302
    https://www.d20saclk.com/31BJBCL/FNH5DF/?sub5=de39c10bf646472a96fe2fb3896827ee HTTP 302
    https://pro.manwardpress.com/m/2284067?s1=e2ac14f9a25647a3921ebf4f14815c79 HTTP 301
    https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

142
Requests

92 %
HTTPS

0 %
IPv6

55
Domains

79
Subdomains

71
IPs

6
Countries

3908 kB
Transfer

7742 kB
Size

96
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.iterable.com/u/click?_t=624e2f206db949a7ac0c775a432f5e68&_m=fdfd65771fc945788c41dd34bc877b0d&_e=s5tYDB_VcTcOPYpyjxvQ8ejJHrS9SuzpGxijZCNJKrHUiUTBU2rD85nNjPNVAbLtC6TwMi1m-ZDqdfAYln0hL2xxXM87ZDL7iCWyn9hYv3A9MLi2qEVgXJBkoYUL5eCswgWVBGEaiHyVcVWbJ8I6P8yH50KzwfvIv1vDNq9hcJjnHh2kieV0L7GfdMQdp1cLO7CgbhOnHCfLniRCIs2uC492fmp1M3MULGlfH8D_3WU9d5Rdy6OnyPCoKmWE_lVxUmCvc8YLzVXLrxuTTkb3u-SjuvhfIrQy3pr8bY9-MoOs2waH7pgFN0cn3WNaGI2vFHsdddpdhO_lk7PfXhxT7UXjm6odksRXHkP3SaLYT0M%3D HTTP 303
    https://www.stocksagesynergynwl.com/PBGRT/218JJH3/?source_id=OxfMWLDar2&sub1=1&sub2=Iter24SSA&sub3=Iter24&sub4=Oli&sub5=ahowell%40mfha.net HTTP 302
    https://www.d20saclk.com/31BJBCL/FNH5DF/?sub5=de39c10bf646472a96fe2fb3896827ee HTTP 302
    https://pro.manwardpress.com/m/2284067?s1=e2ac14f9a25647a3921ebf4f14815c79 HTTP 301
    https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://rtb.mfadsrvr.com/pixel?id=524901&type=img HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/pixel?id=524901&type=img HTTP 302
  • https://x.bidswitch.net/check_uuid/%2F%2Frtb-eu.mfadsrvr.com%2Fsync%3Fssp%3Dbidswitch%26bsw_user_id%3D%24%7BBSW_UUID%7D%26bsw_cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/%2F%2Frtb-eu.mfadsrvr.com%2Fsync%3Fssp%3Dbidswitch%26bsw_user_id%3D%24%7BBSW_UUID%7D%26bsw_cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
  • https://rtb-eu.mfadsrvr.com/sync?ssp=bidswitch&bsw_user_id=2ccc60ea-cf7e-4449-bd2a-8325b9b6b513&bsw_cookie_age=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=fc4ff58e-634a-45d3-834d-bc957c404390 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=2ccc60ea-cf7e-4449-bd2a-8325b9b6b513&_origin=1&gdpr=&gdpr_consent=
Request Chain 69
  • https://rp.liadm.com/j?dtstmp=1705211626224&aid=a-03e6&se=e30&duid=eb701cbdb086--01hm38h0knkeq65y3107dydcjq&tv=v2.11.6&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FNMWL4101%2F%3Fs1%3De2ac14f9a25647a3921ebf4f14815c79%26h%3Dtrue&wpn=lc-bundle&c=PHRpdGxlPk1hbndhcmQgUHJlc3M8L3RpdGxlPjx0aXRsZT5NYW53YXJkIFByZXNzPC90aXRsZT48aDEgY2xhc3M9ImhlYWRsaW5lIj5BcnRpZmljaWFsIFNVUEVSIEludGVsbGlnZW5jZSAoQVNJKTwvaDE-PGgxPldBSVQhPC9oMT4&cd=.manwardpress.com HTTP 302
  • https://rp.liadm.com/j?se=e30&duid=eb701cbdb086--01hm38h0knkeq65y3107dydcjq&aid=a-03e6&cd=.manwardpress.com&dtstmp=1705211626224&tv=v2.11.6&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FNMWL4101%2F%3Fs1%3De2ac14f9a25647a3921ebf4f14815c79%26h%3Dtrue&c=PHRpdGxlPk1hbndhcmQgUHJlc3M8L3RpdGxlPjx0aXRsZT5NYW53YXJkIFByZXNzPC90aXRsZT48aDEgY2xhc3M9ImhlYWRsaW5lIj5BcnRpZmljaWFsIFNVUEVSIEludGVsbGlnZW5jZSAoQVNJKTwvaDE-PGgxPldBSVQhPC9oMT4
Request Chain 71
  • https://c.pmsrv.co/v2/acvr3?a=50bbcf39-5fab-4416-a13c-acc35b621b86&event=page-land&weight=0&dnt=false&_ible=1&ej=%7B%22dnt%22%3Afalse%7D&ord=1693349858541197.8&sid=7dcbe218-5827-4cb6-8e03-4a995c1d77bf&pg=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FNMWL4101%2F%3Fs1%3De2ac14f9a25647a3921ebf4f14815c79%26h%3Dtrue&_ii=0&ppg=&_tk=%7B%7D HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=max&ovsid=setstatuscode&redirect=https%3A%2F%2Fc.pmsrv.co%2Fv2%2Fcsync%3FMNETID%3D%24%7Bmnetid%7D%26MAXID%3Da5a61ae5-f9ff-4b7d-9c2d-9cafcd7b934a%26o_url%3Dhttps%253A%252F%252Fc.pmsrv.co%252Fv2%252Facvr3%253Fa%253D50bbcf39-5fab-4416-a13c-acc35b621b86%2526event%253Dpage-land%2526_ible%253D1%2526sid%253D7dcbe218-5827-4cb6-8e03-4a995c1d77bf%2526weight%253D0%2526_ii%253D0 HTTP 302
  • https://c.pmsrv.co/v2/csync?MNETID=3482132270137529000V10&MAXID=a5a61ae5-f9ff-4b7d-9c2d-9cafcd7b934a&o_url=https%3A%2F%2Fc.pmsrv.co%2Fv2%2Facvr3%3Fa%3D50bbcf39-5fab-4416-a13c-acc35b621b86%26event%3Dpage-land%26_ible%3D1%26sid%3D7dcbe218-5827-4cb6-8e03-4a995c1d77bf%26weight%3D0%26_ii%3D0
Request Chain 82
  • https://sslwidget.criteo.com/event?a=109318&v=5.20.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=3-tGM19YSGV4WmRVbnhHdlFBbGFJQkdmRjRGS2FBYTdJUkhwdCUyRkdqZlVLWEtJR0V1cHFqcU5tWnI1eU9aTUxOU1dNZkJ1VmolMkZNVjdEZmJyakU5TnhMc1lXMjNNdWlkT2YlMkJibUo2NzBVMVFYNzVvcTBoSGZadUFZUTNXc2szM0dmZkxJemZqRG9NWGlpM09oUjRlbDNDQU5yUmRuNWFPcXU1NmgwSXlMeXlsYmZ6ajQlM0Q&tld=manwardpress.com&dy=1&fu=https%253A%252F%252Fpro.manwardpress.com%252Fp%252FDARKTO129MWLLT2YRDSCBP%252FNMWL4101%252F%253Fs1%253De2ac14f9a25647a3921ebf4f14815c79%2526h%253Dtrue&ceid=6368f851-7825-43a9-898d-158fe41f80d3&dtycbr=59126 HTTP 302
  • https://widget.us.criteo.com/event?a=109318&v=5.20.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=3-tGM19YSGV4WmRVbnhHdlFBbGFJQkdmRjRGS2FBYTdJUkhwdCUyRkdqZlVLWEtJR0V1cHFqcU5tWnI1eU9aTUxOU1dNZkJ1VmolMkZNVjdEZmJyakU5TnhMc1lXMjNNdWlkT2YlMkJibUo2NzBVMVFYNzVvcTBoSGZadUFZUTNXc2szM0dmZkxJemZqRG9NWGlpM09oUjRlbDNDQU5yUmRuNWFPcXU1NmgwSXlMeXlsYmZ6ajQlM0Q&tld=manwardpress.com&dy=1&fu=https%253A%252F%252Fpro.manwardpress.com%252Fp%252FDARKTO129MWLLT2YRDSCBP%252FNMWL4101%252F%253Fs1%253De2ac14f9a25647a3921ebf4f14815c79%2526h%253Dtrue&ceid=6368f851-7825-43a9-898d-158fe41f80d3&dtycbr=59126
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-cEttSYg0SFgb1E8pm0BfGtw7YVv4_RFzwKLkyQ&google_cm&google_hm=ay1jRXR0U1lnMFNGZ2IxRThwbTBCZkd0dzdZVnY0X1JGendLTGt5UQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-cEttSYg0SFgb1E8pm0BfGtw7YVv4_RFzwKLkyQ&google_gid=CAESECEPqWGRvWaxCboCMLVhS0M&google_cver=1&google_ula=913071,0
Request Chain 103
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3983868958357695097
Request Chain 109
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-uHnZiog0SFgb1E8pm0BfGtw7YVshFNZsiQfADw&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-uHnZiog0SFgb1E8pm0BfGtw7YVshFNZsiQfADw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Request Chain 114
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=5vTuuvl0m936iQsR4BXYSEqv1QUN7t1e
Request Chain 115
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Wvh8eIg0SFgb1E8pm0BfGtw7YVuHjhzB2Hw0Tg HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Wvh8eIg0SFgb1E8pm0BfGtw7YVuHjhzB2Hw0Tg&C=1
Request Chain 120
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jX60Sog0SFgb1E8pm0BfGtw7YVt3yCpVxbqw3g HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jX60Sog0SFgb1E8pm0BfGtw7YVt3yCpVxbqw3g
Request Chain 128
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-OWSM4Yg0SFgb1E8pm0BfGtw7YVspK1ajX0xfCA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-OWSM4Yg0SFgb1E8pm0BfGtw7YVspK1ajX0xfCA&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1DQWluVGl4RTJ1SEROZ2JJV2hfdmg0VTlsdXNpa01TeX5B&ovsid=k-OWSM4Yg0SFgb1E8pm0BfGtw7YVspK1ajX0xfCA&dpid=58301
Request Chain 133
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_5hmCJoEqD9QtqMhuCChvzzSjG3-uAk4

142 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/
Redirect Chain
  • https://links.iterable.com/u/click?_t=624e2f206db949a7ac0c775a432f5e68&_m=fdfd65771fc945788c41dd34bc877b0d&_e=s5tYDB_VcTcOPYpyjxvQ8ejJHrS9SuzpGxijZCNJKrHUiUTBU2rD85nNjPNVAbLtC6TwMi1m-ZDqdfAYln0hL2x...
  • https://www.stocksagesynergynwl.com/PBGRT/218JJH3/?source_id=OxfMWLDar2&sub1=1&sub2=Iter24SSA&sub3=Iter24&sub4=Oli&sub5=ahowell%40mfha.net
  • https://www.d20saclk.com/31BJBCL/FNH5DF/?sub5=de39c10bf646472a96fe2fb3896827ee
  • https://pro.manwardpress.com/m/2284067?s1=e2ac14f9a25647a3921ebf4f14815c79
  • https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
75 KB
34 KB
Document
General
Full URL
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.168 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
1003169b5208d31dd2650c462ec861b22ea8ff4fb82f1d8945d5cbd06930055e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
34916
Content-Type
text/html; charset=utf-8
Date
Sun, 14 Jan 2024 05:53:42 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding

Redirect headers

Cache-Control
private
Content-Length
227
Content-Type
text/html; charset=utf-8
Date
Sun, 14 Jan 2024 05:53:42 GMT
Location
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Strict-Transport-Security
max-age=63072000; includeSubDomains
all.js
portrait-tracker.s3.amazonaws.com/
38 KB
38 KB
Script
General
Full URL
https://portrait-tracker.s3.amazonaws.com/all.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.198.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8e3eae4b3bdc6b8060cfee108e4a703344cdec648e7fb8ac3182e7b3515323a7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 05:53:45 GMT
x-amz-version-id
7g4s3_ZTCbOwPNu0yskg5_y26GtP5xQS
Last-Modified
Wed, 30 Aug 2023 15:02:46 GMT
Server
AmazonS3
x-amz-request-id
9B6V53Y0FTK71ZBA
ETag
"1460caa541e7ae81380de414c9d2a67c"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
38500
x-amz-id-2
tMzuX/qlWh2azaQWzTR3kpMwn0vzCKZMIRzvdPaOBiGQu2+oN4MuDFzlCqRe9mckxkN/b/g6tJw=
Common.js
pro.manwardpress.com/p/Scripts/
2 KB
1 KB
Script
General
Full URL
https://pro.manwardpress.com/p/Scripts/Common.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.168 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 05:53:43 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Mon, 24 Jul 2023 13:39:44 GMT
ETag
"a37f814e34bed91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
1140
HideContent.js
pro.manwardpress.com/p/Scripts/
724 B
857 B
Script
General
Full URL
https://pro.manwardpress.com/p/Scripts/HideContent.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.168 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 05:53:43 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Mon, 24 Jul 2023 13:39:44 GMT
ETag
"bbcd814e34bed91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
466
css2
fonts.googleapis.com/
46 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
1717b8269f2f202b37ea6e3561598313d2fe9a8286a68155cfdf3d2a0b856a1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 05:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 05:53:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 05:53:43 GMT
css2
fonts.googleapis.com/
18 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
d28bc900afc46b86256434d0c4f4ddbcc8408f8da9e914c53e8d58a8d12accf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 05:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 05:53:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 05:53:43 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/
157 KB
25 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Origin
https://pro.manwardpress.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
987
age
187834
cdn-cachedat
09/13/2022 20:52:10
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"3afe15e976734d9daac26310110c4594"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
6419181208665da05611430c6ca0c6d7
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
84539ec86e103e23-SIN
cdn-requestpullsuccess
True
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/animate.min.css
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
296048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Thu, 07 May 2020 16:26:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb436a8-11848"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgqN6PodohoGk6UBqwKnDtJPnbvyd%2BhHyl7YK7X%2F1hg1ogqm8gus%2B%2FT%2BHK5Lj1ZJF6Hq%2Fqhvs6iSKwAgx%2BWq0uOmjDOKhywUYaEYP2Lr3I2dk2W4w1lTh674AyIGqlkg9RMYVQGs"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84539ec86f4b919b-SIN
expires
Fri, 03 Jan 2025 05:53:43 GMT
styles.css
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/
27 KB
27 KB
Stylesheet
General
Full URL
https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles.css
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.232.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f94f1ee66752e3577dbf42e5b264db35f3a83a71b95c1ed433701a458960fb59

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 05:53:45 GMT
x-amz-version-id
8MfX2jDe5m7dvAdrTvDDoryIZhDJ3wxY
Last-Modified
Fri, 03 Nov 2023 15:37:48 GMT
Server
AmazonS3
x-amz-request-id
9B6V1M7FM8SRJ44T
ETag
"a77364a3685f408e9802843ec2099f5f"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
27215
x-amz-id-2
TlKpeFdTwUzjpsR2R8gx23AWgf+WCJ0xri/aSWpInc5ghUp9mP654Aols2GNkFwV7oBMpEEqDlU=
jquery-3.3.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Origin
https://pro.manwardpress.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
10409424
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-qpg1269-QPG
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705211624.749188,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
28, 974844
E-v1.js
fast.wistia.com/assets/external/
741 KB
126 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa2bbe3c56da28451e928e58a050a06b665e63a06321c3c8c85f33445416fff2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:44 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2832
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
128533
x-served-by
cache-iad-kcgs7200171-IAD, cache-qpg1252-QPG
x-browser-version
120
last-modified
Thu, 11 Jan 2024 12:05:44 GMT
server
AmazonS3
x-timer
S1705211625.789878,VS0,VE0
etag
"8fa6fc67e7ec6383ec8633dd7d3e6f3a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
f7d54b482369fc68705aab43a29d71d7adae5423
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
82, 233
asi-profit-and-protect-ipad.png
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/OF/
227 KB
228 KB
Image
General
Full URL
https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/OF/asi-profit-and-protect-ipad.png
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.232.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
66d056fc5eec74ee8809f641e63cd1fc2ce993807f56060fb54295aedbe93eb6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 05:53:45 GMT
x-amz-version-id
UKHR_rSfd1Jp9XcsrMHwhadqLc4Geqsh
Last-Modified
Mon, 06 Nov 2023 17:17:43 GMT
Server
AmazonS3
x-amz-request-id
9B6TR34Z1CNKTDKB
ETag
"346f2e0aa4ffdc608e5c78eb20e57035"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
232844
x-amz-id-2
W9zRGAkhlBT+FieBGIH2Dm8JbwuRmAoMauWl6hPxHNtLejXcehcDhYI0zQ91ieUME5knjx/An9I=
promo.js
portrait-tracker.s3.amazonaws.com/
25 KB
25 KB
Script
General
Full URL
https://portrait-tracker.s3.amazonaws.com/promo.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.198.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a095f39e85e1eda398ad708a5d835db2972ff7bd06d305519ceb59539d5aa8f7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 05:53:45 GMT
x-amz-version-id
cXC3qWJAccekxs7Ey.uMIQ5gFtuOBV.4
Last-Modified
Mon, 04 Dec 2023 18:30:38 GMT
Server
AmazonS3
x-amz-request-id
9B6GR6VMA8SYFCYE
ETag
"ade4b9bddef78cf33d60018590245ff8"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
25222
x-amz-id-2
5E6AuYr0aRtkmcwzlnjIkoaFxOiu5zONJqkTW4SyRuwO8O03SqDbe+4T5P/UBePSFxXDNtZ/ysk=
latest.min.js
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/
68 KB
23 KB
Script
General
Full URL
https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d5713b91ab76efc80f0ae4857adddc1c4f6e5709f3b6112efcb5bd931f7fca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:44 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Sun, 14 Jan 2024 04:45:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4105
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSBmdZdBEbDbiq%2FELMMVy9Z0xuFjgOVzSd3QSJje1iGPZc9Jys5xfnRaqLJ3HhMqaGn1JFn%2BIda5YWH0%2BpVEEb%2F2p0nwjlaX3uEE4AZKI9fK7UD7sQd5%2B69%2BfTSI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
content-encoding
br
cache-control
max-age=7200
cf-ray
84539eceff744cdd-SIN
blueshift.js
cdn.getblueshift.com/
6 KB
3 KB
Script
General
Full URL
https://cdn.getblueshift.com/blueshift.js
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-87.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
393483170bc4a2319e51ea073f4e13b85185948301acce471b482094d11af7c7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 05:15:39 GMT
Content-Encoding
gzip
Via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SIN2-P2
Age
2286
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2805
Last-Modified
Tue, 21 Nov 2023 12:16:06 GMT
Server
AmazonS3
ETag
"e7a548f293fa4dad39c906cae250b1ed"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Accept-Ranges
bytes
X-Amz-Cf-Id
13pV3D3XXZj7No8uI_K2dZHHjiO-pAOpm_bqK9e0fdRZMyf6Sx5gyg==
gtm.js
www.googletagmanager.com/
330 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
91103f08ee56661ad999056dc39d3f9f319363b5f44b7154084576c462017251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99254
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 05:53:44 GMT
bg.png
s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/
124 KB
124 KB
Image
General
Full URL
https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/bg.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.232.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
af3f431637d5f12cdf40c46fbd61b6172dbcf29472a33716de58c3a5f8b962a6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s3.amazonaws.com/assets.manwardpress.com/promo/MWL/dark/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 05:53:45 GMT
x-amz-version-id
t0pnOFM2wSkzC0PVz2VuslCpwv2vdO4N
Last-Modified
Fri, 27 Oct 2023 17:14:09 GMT
Server
AmazonS3
x-amz-request-id
9B6HFRGKM13HP4GP
ETag
"6f458a92f3fe9527d69e75be25a8a32a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
127021
x-amz-id-2
qu9ETLsRouBYkU7qKO3v0KbO446io7a+Qj+U7baIFw1oFW7riCT8VljXejg2w9dOo6ovjPsJXY0=
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pro.manwardpress.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 06:57:22 GMT
x-content-type-options
nosniff
age
341782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19388
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:53:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 06:57:22 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pro.manwardpress.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 07:08:29 GMT
x-content-type-options
nosniff
age
341115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34328
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:54:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 07:08:29 GMT
nKKX-Go6G5tXcraQKwKAcA.woff2
fonts.gstatic.com/s/kanit/v15/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKX-Go6G5tXcraQKwKAcA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@900&family=Kanit:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&family=Roboto+Slab:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
864cc08aa6c75c74cf8488a6829c00117d583ddb54c0b39f96b4499ce3b4e9d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pro.manwardpress.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 06:57:35 GMT
x-content-type-options
nosniff
age
341769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19916
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:54:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 06:57:35 GMT
index.html
portrait-tracker.s3.amazonaws.com/ Frame EC91
2 KB
3 KB
Document
General
Full URL
https://portrait-tracker.s3.amazonaws.com/index.html
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.198.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9b6554e3dbe9e11702720eb95ef8808b4e1e307bbec908ab5e6d0e1da2294470

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
2371
Content-Type
text/html
Date
Sun, 14 Jan 2024 05:53:46 GMT
ETag
"c029f674b13b082e9a03b16217c3f576"
Last-Modified
Wed, 03 Nov 2021 21:10:09 GMT
Server
AmazonS3
x-amz-id-2
fB+j2v7yZYQJBZfQSUSe8HloPjBDj/J2Wu7+vjruWVx+ucx3mndhuf/0336eGeLckGv5R4F6c3s=
x-amz-request-id
PZWKBMW3DJT8W5DC
x-amz-version-id
X1zblgbOV1d.Qkc55AyQidmgNGbabuW5
d4c5c54e-7fa0-4c49-ad75-c2f7342c7b53
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/
231 KB
35 KB
Script
General
Full URL
https://c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/d4c5c54e-7fa0-4c49-ad75-c2f7342c7b53?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22d4c5c54e-7fa0-4c49-ad75-c2f7342c7b53%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A8%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FNMWL4101%2F%3Fs1%3De2ac14f9a25647a3921ebf4f14815c79%26h%3Dtrue%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1705211625031&callback=u_568554412175251900
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a332e7d4914c71801ea64053e31672e215870ae88c0b123160570c5bb4fc13
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:45 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFDJH39wbgsJ0cmbtrWn5msHcyBylZmRaovvb7BJYNY6J%2FE%2FR%2B1f6ytLSJsoeDLgQUn8N19N%2BCcho1ep18qioIvngzQr3P2nngu8uc36jwIqXCiu8gPuQffWXZfb"}],"group":"cf-nel","max_age":604800}
cf-ray
84539ed0790c4cdd-SIN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/
35 B
561 B
Image
General
Full URL
https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&_sesstart=1&_tz=8&_ul=en-US&_sz=1600x1200&_ts=1705211624996&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FNMWL4101%2F%3Fs1%3De2ac14f9a25647a3921ebf4f14815c79%26h%3Dtrue&_v=3.0.35&_uid=d4c5c54e-7fa0-4c49-ad75-c2f7342c7b53&_getid=t
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:45 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feIKUHu%2BXH7RifV2hRK34wc%2Btj7XTTa2H26wXx1e3UAFhbX7fSENwekvfv%2BcZUu58XhVLNOQeuB9Ks2gfdnMDwX6MP3syaTdtwHZeJri8XxE40qRj0MiEq%2BhETRI"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
84539ed0790d4cdd-SIN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
jupsr1090a.json
fast.wistia.com/embed/medias/
6 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/jupsr1090a.json
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
930db7e09ecfeba54c3a74e79e954b63866272369df4232b89feb1b007ea37a1
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:45 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 a075746ea1824aa1c02a5e26a9e968e4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
84007
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
34
content-length
1653
x-request-id
c6386465-13bd-4902-847f-d0320f51e669
x-served-by
cache-iad-kjyo7100109-IAD, cache-qpg1248-QPG
x-runtime
0.032942
x-browser-version
120
server
envoy
x-timer
S1705211625.420633,VS0,VE1
etag
W/"930db7e09ecfeba54c3a74e79e954b63"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
kvU5l9tM2HqxN_qvS5yLWczEMp_prSYJFsAmfM9LvrICmkYQ59Utkw==
x-cache-hits
85, 1
NMWL4101
pro.manwardpress.com/p/effortattributes/extractEffortattributes/
687 B
976 B
XHR
General
Full URL
https://pro.manwardpress.com/p/effortattributes/extractEffortattributes/NMWL4101
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.168 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
12802697e93de61c6ab650c482cef87326c75b520e26371a130e6db526ee468c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 14 Jan 2024 05:53:44 GMT
Cache-Control
private
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Length
687
Content-Type
application/json; charset=utf-8
GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/
76 B
594 B
XHR
General
Full URL
https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-26.sin52.r.cloudfront.net
Software
/
Resource Hash
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984

Request headers

Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 05:53:46 GMT
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
x-amzn-requestid
87c4613e-cc08-4f36-b549-a823ad2e284c
x-amzn-trace-id
Root=1-65a376ea-7dfa2d9a35fa262237b1af93;Sampled=0;lineage=17be0e8a:0
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
Rg-EoF2joAMEi_A=
content-length
76
x-amz-cf-id
uZRDp5FQZCwaZVU83IBccgWCpuseJ9LsAAhqGlRqxkjRkglWoCeRQA==
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame
0
0
Preflight
General
Full URL
https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-26.sin52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pro.manwardpress.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
3
content-type
application/json
date
Sun, 14 Jan 2024 05:53:45 GMT
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
x-amz-apigw-id
Rg-EhERuIAMEDRA=
x-amz-cf-id
JgJjUJE1m0cmmz70KpyavHC0wZLhx5juqrjW2ejVxWwRnHfQztcHww==
x-amz-cf-pop
SIN52-C2
x-amzn-requestid
084b4f85-4e47-405e-86d7-cf38ae1a489c
x-cache
Miss from cloudfront
cm
trc.taboola.com/sg/lytics/1/
43 B
405 B
Image
General
Full URL
https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3Dd4c5c54e-7fa0-4c49-ad75-c2f7342c7b53%26account_id%3D9c32784e3cc4888a693a7988ad64c63d
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 14 Jan 2024 05:53:45 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
1557
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-qpg1247-QPG
pragma
no-cache
server
nginx
x-timer
S1705211626.683073,VS0,VE2
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ef6d1743f95d45b58afe30918ade93ca.webp
embed-ssl.wistia.com/deliveries/
36 KB
37 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/ef6d1743f95d45b58afe30918ade93ca.webp?image_crop_resized=1280x720
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-34.sin2.r.cloudfront.net
Software
envoy /
Resource Hash
bc057a4ddb102ddf9a6ca8495830fc21e9a68502568956e0c416348145f7e077

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 07:18:22 GMT
access-control-request-method
*
via
1.1 f5171077d7910626ec3cf65e0c222f3c.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
SIN2-C1
age
1031723
edge-cache-tag
ef6d1743f95d45b58afe30918ade93ca
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
232
content-disposition
inline
surrogate-key
ef6d1743f95d45b58afe30918ade93ca thumbnail-delivery
last-modified
Wed, 08 Nov 2023 05:14:52 UTC
server
envoy
etag
FeAz6PM7B5JMI3EKzOF3WTHC1xU=
vary
Origin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
vTi5qN-4TwL5BT80abrpHNtipzQ0IytRyQe266lgI5tuCGrkpMGeyQ==
js
www.googletagmanager.com/gtag/
286 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
f3d5f6996457bfe23775eb6c794b634daf98e0a19e8d3a66f8dd1ccfe78af2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95829
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 05:53:45 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 Jan 2024 04:05:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6503
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 14 Jan 2024 06:05:22 GMT
gtm.js
www.googletagmanager.com/
278 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
63a2a1ef1d1e8cd8e3ec03f6e5b262c418d007c240777227588298eeea01d43d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82035
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 05:53:45 GMT
gtm.js
www.googletagmanager.com/
208 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e4500edf714660205702ee55b9649bc0d6aabc086407b99df3df74ad685d4914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76827
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 05:53:45 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 14 Jan 2024 05:53:45 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9DEEDC779FF140B1A5C802EBCD6E4793 Ref B: SG1EDGE0316 Ref C: 2024-01-14T05:53:45Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
lytics-styles.css
s3.amazonaws.com/assets.oxfordclub.com/css/global/
336 KB
336 KB
Stylesheet
General
Full URL
https://s3.amazonaws.com/assets.oxfordclub.com/css/global/lytics-styles.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.232.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
024b97bcb61e783abbe5267944f31d9873a774bc2261840dd42bfa4bd9137aa1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 05:53:46 GMT
x-amz-version-id
JdMwHw1LtECprUU5uo3nZpaXVKJxr9AS
Last-Modified
Thu, 11 Jan 2024 19:41:41 GMT
Server
AmazonS3
x-amz-request-id
PZWNNMH511KCJE9R
ETag
"f9cb7f8bcaa7b777e79ba39d1c628192"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
343679
x-amz-id-2
qKgWZ8u/b7hC6MMxvIp835ARuBIUa0ijUJAEdItGYMv9y5S/oSCpAPIa9QFo0Fkq3L7YlNGRCKs=
hotjar-925909.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-925909.js?sv=6
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-91.sin52.r.cloudfront.net
Software
/
Resource Hash
503167540a4e02549eb7dbde734c467c95092e0f934fb42f69683d9f03c7cefa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sun, 14 Jan 2024 05:53:45 GMT
via
1.1 900a893b03bf29fa958d4587d585157e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
etag
W/35f462dfbb8bf0047b1b026b3f322e2e
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Ff8O_XNXo2wGNCw4n9VpN9WNkbceLFVWZeC_3ose4Y8HUVdEIVmFBg==
portrait
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/
35 B
303 B
Image
General
Full URL
https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait?page.url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FNMWL4101%2F%3Fs1%3De2ac14f9a25647a3921ebf4f14815c79%26h%3Dtrue&page.timestamp=1705211624376&page.page_domain=pro.manwardpress.com&page.page_referrer=&page.page_title=Manward%20Press&page.page_name=DARKTO129MWLLT2YRDSCBP&page.promocode=NMWL4101&page.page_type=promo%20page&page.abandon_time=300000&page.system=Iris&page.page_template_type=video&identity.sessionid=_2hy89y6rb1v&identity.device_width=large&identity.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&identity.clientid=799ee206-7eb6-482b-9fab-84b66cf5eaa4&identity.lytics_uid=d4c5c54e-7fa0-4c49-ad75-c2f7342c7b53&identity.first_touch=pro.manwardpress.com&effort.ScheduledDate=01%2F11%2F2024&effort.ScheduleTime=&effort.PromoCode=NMWL4101&effort.EffortId=2705622&effort.MultivariateId=2284067&effort.EffortType=Dedicated&effort.ItemCode=MWL&effort.ItemName=Manward%20Money%20Report&effort.ItemType=Subscription&effort.ItemSubscriptionType=FrontEnd&effort.AdvantageListCode=&effort.ListName=Web%20Impact&effort.PlacementName=Dedicated&effort.SegmentName=All&effort.TagsName_len=1&effort.TagsName_json=%5B%22Affiliates%22%5D&effort.TagsName=Affiliates&effort.Advertisement=&effort.Page1=DarkTO49%20(Video)&effort.Page1Status=Active&effort.Page2=&effort.Page2Status=&effort.OfferStatus=Active&effort.TreeName=DarkTO199%20(Video)&effort.TreeStatus=Active&effort.MediaChannel=N%20-%20Agora%20Swap%20Website&effort.AcquisitionMethod=UX%20-%20Web%2FEmail%20Promo%20External&effort.CampaignName=MWL%20Dark&effort.timestamp=1705211624376&_ts=1705211625562&_nmob=t&_device=desktop&url=pro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FNMWL4101%2F%3Fs1%3De2ac14f9a25647a3921ebf4f14815c79%26h%3Dtrue&_uid=d4c5c54e-7fa0-4c49-ad75-c2f7342c7b53&_v=3.0.35&_uido=d4c5c54e-7fa0-4c49-ad75-c2f7342c7b53
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:45 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWTHeSNnU3f2ZF5SoV9eaLMsgDRBbwC1T8VEJo%2B19P6iyTTYDSDX5oq0GWpcP3rryTvauM5H%2FDyVCU4bnWBhvbMB%2FINc%2BIytftsrtXdDiO%2BIA3Sx85QvlRZ%2FHT4e"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
84539ed3ecce4cdd-SIN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
collect
analytics.google.com/g/
0
258 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-BBMPM3EJHQ&gtm=45je41a0v9106739609z8813057436&_p=1705211624377&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=153933058.1705211626&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705211625&sct=1&seg=0&dl=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FNMWL4101%2F%3Fs1%3De2ac14f9a25647a3921ebf4f14815c79%26h%3Dtrue&dt=Manward%20Press&en=page_view&_fv=1&_nsi=1&_ss=1&ep.promocode=NMWL4101&ep.device_width=large&ep.iris_campaign_name=MWL%20Dark&ep.media_channel=N%20-%20Agora%20Swap%20Website&ep.placement_name=Dedicated&ep.acquisition_method=UX%20-%20Web%2FEmail%20Promo%20External&ep.list_name=Web%20Impact&ep.item_type=Subscription&ep.page_type=promo%20page&ep.iris_tree_name=DarkTO199%20(Video)&ep.iris_page_1=DarkTO49%20(Video)&ep.template_type=video&ep.effort_type=Dedicated&ep.item_code=MWL&ep.item_subscription_type=FrontEnd&tfd=5788
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 05:53:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pro.manwardpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
48 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BBMPM3EJHQ&cid=153933058.1705211626&gtm=45je41a0v9106739609z8813057436&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BBMPM3EJHQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 05:53:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pro.manwardpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/
42 B
409 B
Image
General
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BBMPM3EJHQ&cid=153933058.1705211626&gtm=45je41a0v9106739609z8813057436&aip=1&dma=0&gcd=11l1l1l1l1&z=499509139
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 05:53:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/665056240/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/665056240/?random=1705211625674&cv=11&fst=1705211625674&bg=ffffff&guid=ON&async=1&gtm=45He41a0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpro.manwardpress.com%2Fp%2FDARKTO129MWLLT2YRDSCBP%2FNMWL4101%2F%3Fs1%3De2ac14f9a25647a3921ebf4f14815c79%26h%3Dtrue&label=H5lgCLKD4sgBEPDnj70C&hn=www.googleadservices.com&frm=0&tiba=Manward%20Press&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
69998d09be220c37e5f92a04216abd08ad28569b17e4ce595281fbe5f4501f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 05:53:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-925834.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-925834.js?sv=6
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-91.sin52.r.cloudfront.net
Software
/
Resource Hash
540bf29b41bed7ab6f3f42147ba128a72579e0da92b167806226382d2df29aec
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sun, 14 Jan 2024 05:53:45 GMT
via
1.1 900a893b03bf29fa958d4587d585157e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
etag
W/d6b485a6251e654640aa9ffa956933ef
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
2Eu6oMvj_Ae5CSJjfw9rYYBxS2PCJoeueLUjA7aR_d6NAT6NPtNDtQ==
fbevents.js
connect.facebook.net/en_US/
212 KB
57 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Jan 2024 05:53:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
ziaWTAucM9yJdA2LxLrFVKQorVmbFhbJCj4j5PEjz1+E0AxvVkG97TNnFtRgRcHzLb3pP4Ihg+C9mPjDJG9sGw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/
18 KB
7 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
180.222.114.11 Singapore, Singapore, ASN10310 (YAHOO-1, US),
Reverse DNS
e1.ycpi.vip.sgb.yahoo.com
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Sun, 14 Jan 2024 05:38:02 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
GR9VE77SNA9J20HJ
age
945
x-amz-server-side-encryption
AES256
content-length
6262
x-amz-id-2
r9a+80x+se5hWhC5L6r2CjY9L0XPkJ8GeLjhpPK+w37OjaCW39JR8BmNKwcum4lfIFc8BK80BoE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
a-03e6.min.js
b-code.liadm.com/
47 KB
15 KB
Script
General
Full URL
https://b-code.liadm.com/a-03e6.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ3NG7C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-16.sin52.r.cloudfront.net
Software
/
Resource Hash
7c1d6792a9118cff70545fb0d32628685b3b74283d1633304e3e9e10e92dbea9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 13:52:29 GMT
content-encoding
gzip
via
1.1 4051cd1127320e383387d289cc46a5fc.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
age
57677
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
u9Pq5iakYRpbBq3UZeI6EAtQPpbe0JHfgv-YGJn_-Qa-G4bnonoI_Q==
analytics.js
c.pmsrv.co/v1/
10 KB
3 KB
Script
General
Full URL
https://c.pmsrv.co/v1/analytics.js?d=pro.manwardpress.com
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-9.sin52.r.cloudfront.net
Software
/ Express
Resource Hash
4f2d67f554fdc058d41f8b62af5f31f2794c4253647b3e327c8dfc7cc7ed436b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 16:45:46 GMT
content-encoding
br
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
9738
x-amz-cf-pop
SIN52-C2
age
47280
x-amzn-requestid
02906162-e243-431b-8d49-02ca7918cb22
x-amzn-remapped-connection
close
x-powered-by
Express
x-cache
Hit from cloudfront
x-amz-apigw-id
RfKpGHIQyK4EWSw=
pragma
no-cache
x-amzn-trace-id
Root=1-65a2be39-7b8a324428b06fe215133373;Sampled=0;lineage=c8fdcb33:0
etag
W/"260a-0ti1LKcOFAjKF+aS9gUUhwQqEFE"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
x-amzn-remapped-date
Sat, 13 Jan 2024 16:45:45 GMT
x-amz-cf-id
LDVJMvlcOVvfFQ4vzAgJ2yH_FJQ7QvKF7QTGNmiJS6S2lGWDs5Vumg==
expires
-1
ld.js
dynamic.criteo.com/js/ld/
46 KB
20 KB
Script
General
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=109318
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5S9B9GG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.133 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
6938c87cb03a4ab9f2146324f9ba9615dabdba5d20128f4c1d4cfbeabe893c23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixel.js
www.redditstatic.com/ads/
26 KB
9 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5c4f333e017c9640455e5799950b8fbebded3b1f815debdb6f78a6bc9a599faf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 11 Jan 2024 16:53:48 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"7e21c5a8cd33b5b26adb70efa1378617"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
8123
sync
ups.analytics.yahoo.com/ups/55859/
Redirect Chain
  • https://rtb.mfadsrvr.com/pixel?id=524901&type=img
  • https://rtb.mfadsrvr.com/ul_cb/pixel?id=524901&type=img
  • https://x.bidswitch.net/check_uuid/%2F%2Frtb-eu.mfadsrvr.com%2Fsync%3Fssp%3Dbidswitch%26bsw_user_id%3D%24%7BBSW_UUID%7D%26bsw_cookie_age%3D%24%7BCOOKIE_AGE%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/%2F%2Frtb-eu.mfadsrvr.com%2Fsync%3Fssp%3Dbidswitch%26bsw_user_id%3D%24%7BBSW_UUID%7D%26bsw_cookie_age%3D%24%7BCOOKIE_AGE%7D
  • https://rtb-eu.mfadsrvr.com/sync?ssp=bidswitch&bsw_user_id=2ccc60ea-cf7e-4449-bd2a-8325b9b6b513&bsw_cookie_age=0
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=fc4ff58e-634a-45d3-834d-bc957c404390
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=2ccc60ea-cf7e-4449-bd2a-8325b9b6b513&_origin=1&gdpr=&gdpr_consent=
0
400 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55859/sync?uid=2ccc60ea-cf7e-4449-bd2a-8325b9b6b513&_origin=1&gdpr=&gdpr_consent=
Requested by
Host: pro.manwardpress.com
URL: https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
Protocol
H2
Server
18.143.106.89 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
//ups.analytics.yahoo.com/ups/55859/sync?uid=2ccc60ea-cf7e-4449-bd2a-8325b9b6b513&_origin=1&gdpr=&gdpr_consent=
Date
Sun, 14 Jan 2024 05:53:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pathfora.min.js
c.lytics.io/static/
103 KB
22 KB
Script
General
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pro.manwardpress.com/p/DARKTO129MWLLT2YRDSCBP/NMWL4101/?s1=e2ac14f9a25647a3921ebf4f14815c79&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 05:53:45 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Sun, 14 Jan 2024 05:15:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2273
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMeQEnLoGq%2B4mlhQurJs5cUVeugFrxV5JBWl9FdGsUP6X3iM2vvApAf%2FaC6L4JqaseuW3wx6bEXDHOrNl9HP3BzR4jTSUjG2KvFRPa4ek3Yhw3pVXvtuPhWHnZYB"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
84539ed57e6c4cdd-SIN
modules.01a61edd76e9459a4476.js
script.hotjar.com/
219 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.01a61edd76e9459a4476.js
Requested by
Host: static.hotjar.com
URL: https://stat