wetransfer.com Open in urlscan Pro
108.128.146.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wetransfer.org/
Effective URL:
https://wetransfer.com/
Submission: On August 10 via api (August 10th 2022, 8:02:34 pm UTC) from AR — Scanned from DE

Summary HTTP 79 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 39 IPs in 11 countries across 37 domains to perform 79 HTTP transactions. The main IP is 108.128.146.55, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is wetransfer.com. The Cisco Umbrella rank of the primary domain is 14254.
TLS certificate: Issued by Amazon on July 7th 2022. Valid for: a year.

This is the only time wetransfer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.222.236.84 52.222.236.84	16509 (AMAZON-02) (AMAZON-02)
6	108.128.146.55 108.128.146.55	16509 (AMAZON-02) (AMAZON-02)
15	108.138.7.88 108.138.7.88	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
1	18.66.15.13 18.66.15.13	16509 (AMAZON-02) (AMAZON-02)
2	34.242.86.125 34.242.86.125	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
10	184.51.9.44 184.51.9.44	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.33.249.191 52.33.249.191	16509 (AMAZON-02) (AMAZON-02)
4	52.49.70.141 52.49.70.141	16509 (AMAZON-02) (AMAZON-02)
2	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	54.86.103.61 54.86.103.61	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	52.17.103.74 52.17.103.74	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	104.96.159.57 104.96.159.57	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.122.47.104 3.122.47.104	16509 (AMAZON-02) (AMAZON-02)
1 2	35.210.91.196 35.210.91.196	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	2.23.97.19 2.23.97.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
2 3	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 2	52.57.41.188 52.57.41.188	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1 1	34.224.201.190 34.224.201.190	14618 (AMAZON-AES) (AMAZON-AES)
1	54.229.124.21 54.229.124.21	() ()
1 2	54.216.202.57 54.216.202.57	16509 (AMAZON-02) (AMAZON-02)
1 2	3.248.52.119 3.248.52.119	16509 (AMAZON-02) (AMAZON-02)
1 1	3.64.108.197 3.64.108.197	16509 (AMAZON-02) (AMAZON-02)
1 1	52.57.93.199 52.57.93.199	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
79	39

2 52.222.236.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-84.fra56.r.cloudfront.net

wetransfer.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.128.146.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-146-55.eu-west-1.compute.amazonaws.com

wetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 108.138.7.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-88.fra56.r.cloudfront.net

prod-cdn.wetransfer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-13.vie50.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.242.86.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-86-125.eu-west-1.compute.amazonaws.com

auth-session-caching.wetransfer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 184.51.9.44 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-44.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.33.249.191 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-249-191.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.70.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-70-141.eu-west-1.compute.amazonaws.com

snowplow.wetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.206.240 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.103.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-103-61.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.103.74 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-103-74.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.159.57 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.47.104 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-104.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.91.196 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 196.91.210.35.bc.googleusercontent.com

t.visx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.97.19 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-19.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.41.188 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-41-188.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.201.190 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-201-190.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.124.21 (None, )

ASN- ()

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.202.57 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-202-57.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.52.119 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-52-119.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.108.197 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-108-197.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.93.199 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-93-199.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	wetransfer.net prod-cdn.wetransfer.net — Cisco Umbrella Rank: 19339 auth-session-caching.wetransfer.net — Cisco Umbrella Rank: 26157	2 MB
12	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 968 sync.mathtag.com — Cisco Umbrella Rank: 484	10 KB
10	wetransfer.com wetransfer.com — Cisco Umbrella Rank: 14254 snowplow.wetransfer.com — Cisco Umbrella Rank: 18715	17 KB
6	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1341 api.lab.amplitude.com — Cisco Umbrella Rank: 7836	615 B
4	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 208	879 B
4	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1575 events.launchdarkly.com — Cisco Umbrella Rank: 1221	524 B
3	semasio.net 2 redirects uip.semasio.net — Cisco Umbrella Rank: 18879 se.semasio.net	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 451 d.agkn.com — Cisco Umbrella Rank: 568	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 188	2 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 728	841 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1229 beacon.krxd.net	501 B
2	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 2757	474 B
2	adscale.de 1 redirects ih.adscale.de — Cisco Umbrella Rank: 1323	628 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1384	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 516	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 469	608 B
2	visx.net 1 redirects t.visx.net — Cisco Umbrella Rank: 7779	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	500 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	2 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 649	839 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	154 KB
2	wetransfer.org 1 redirects wetransfer.org	833 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 541	1 KB
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 1478	456 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605	163 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 960	311 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 628	731 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 309	98 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 495	445 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2047	273 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 869	225 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 326	239 B
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 9741	9 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	24 KB
79	37

	Domain	Requested by
15	prod-cdn.wetransfer.net	wetransfer.com prod-cdn.wetransfer.net
10	pixel.mathtag.com	www.googletagmanager.com pixel.mathtag.com wetransfer.com
6	wetransfer.com	prod-cdn.wetransfer.net
4	cm.g.doubleclick.net	3 redirects
4	snowplow.wetransfer.com	cdnjs.cloudflare.com
4	api.amplitude.com	prod-cdn.wetransfer.net
2	dpm.demdex.net	1 redirects
2	sync.crwdcntrl.net	1 redirects
2	ad.sxp.smartclip.net	1 redirects
2	ih.adscale.de	1 redirects
2	loadm.exelator.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	uip.semasio.net	2 redirects
2	pixel.tapad.com	1 redirects
2	t.visx.net	1 redirects
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ad.360yield.com	1 redirects
2	ib.adnxs.com	2 redirects
2	events.launchdarkly.com	prod-cdn.wetransfer.net
2	sync.mathtag.com	1 redirects
2	api.lab.amplitude.com	prod-cdn.wetransfer.net
2	www.google-analytics.com	www.googletagmanager.com wetransfer.com
2	auth-session-caching.wetransfer.net	prod-cdn.wetransfer.net
2	app.launchdarkly.com	prod-cdn.wetransfer.net
2	www.googletagmanager.com	wetransfer.com www.googletagmanager.com
2	wetransfer.org	1 redirects
1	id5-sync.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	mwzeom.zeotap.com
1	se.semasio.net
1	rtb-csync.smartadserver.com
1	ce.lijit.com
1	ads.stickyadstv.com
1	idsync.rlcdn.com
1	stags.bluekai.com
1	eu-u.openx.net
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	public.profitwell.com	wetransfer.org
1	cdnjs.cloudflare.com	wetransfer.com
79	45

This site contains links to these domains. Also see Links.

Domain
wetransfer.zendesk.com
about.wetransfer.com

Subject Issuer	Validity	Valid
wetransfer.at Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
wetransfer.com Amazon	`2022-07-07` - `2023-08-05`	a year	crt.sh
wetransfer.net Amazon	`2022-06-13` - `2023-07-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.profitwell.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
snowplow.wetransfer.com Amazon	`2022-03-19` - `2023-04-17`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-24` - `2023-06-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
events.launchdarkly.com Amazon	`2021-09-19` - `2022-10-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://wetransfer.com/
Frame ID: 5E764A0735AB25D23BCA0029788782A3
Requests: 38 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&no_iframe=1&mt_adid=250688&source=mathtag
Frame ID: 4CF1141C86A5B6FCAD7F2676BC2196C0
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WeTransfer - Send Large Files & Share Photos Online - Up to 2GB Free

Page URL History Show full URLs

http://wetransfer.org/ HTTP 301
https://wetransfer.org/ Page URL
https://wetransfer.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

79
Requests

78 %
HTTPS

9 %
IPv6

37
Domains

45
Subdomains

39
IPs

11
Countries

1958 kB
Transfer

5012 kB
Size

59
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wetransfer.zendesk.com/
Title: Hilfecenter

Search URL Search Domain Scan URL

URL: https://about.wetransfer.com/
Title: Unternehmen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wetransfer.org/ HTTP 301
https://wetransfer.org/ Page URL
https://wetransfer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://wetransfer.org/ HTTP 301
https://wetransfer.org/

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=TuNi9A7UTACTxNgnRVZzSw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm=&google_hm=TuNi9A7UTACTxNgnRVZzSw&google_tc= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESECkTxuzDz3pD57gV66yafCA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=TuNi9A7UTACTxNgnRVZzSw

Request Chain 50

https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fmt_exid%3D13%26mt_mminit%3D1%26mt_exuid%3D%24UID HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8947551656747804899

Request Chain 53

https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b

Request Chain 54

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b&C=1

Request Chain 55

https://ups.analytics.yahoo.com/ups/55938/sync?uid=4ee362f4-0ed4-4c00-93c4-d8274556734b&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55938/sync?uid=4ee362f4-0ed4-4c00-93c4-d8274556734b&_origin=1&verify=true

Request Chain 57

https://x.bidswitch.net/sync?dsp_id=80&user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b&expires=30 HTTP 302
https://t.visx.net/sync?tp_id=1&tp_uid=0c554be0-fc62-4a01-b00f-24c28aa94680&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd= HTTP 302
https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=0c554be0-fc62-4a01-b00f-24c28aa94680&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEJ_pjMEntVatROcQhy0iB4g&google_cver=1

Request Chain 61

https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=4ee362f4-0ed4-4c00-93c4-d8274556734b HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=4ee362f4-0ed4-4c00-93c4-d8274556734b

Request Chain 65

https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=4ee362f4-0ed4-4c00-93c4-d8274556734b&sInitiator=external HTTP 302
https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=4ee362f4-0ed4-4c00-93c4-d8274556734b&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/14876172?sExtCookieId=4ee362f4-0ed4-4c00-93c4-d8274556734b&sInitiator=external&gdpr=&gdpr_consent=

Request Chain 66

https://sync.search.spotxchange.com/partner?adv_id=6653&uid=4ee362f4-0ed4-4c00-93c4-d8274556734b HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=4ee362f4-0ed4-4c00-93c4-d8274556734b&__user_check__=1&sync_id=5e5ef136-18e7-11ed-bd7e-125b01370206

Request Chain 68

https://loadm.exelator.com/load/?p=204&g=101&buid=4ee362f4-0ed4-4c00-93c4-d8274556734b&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=101&buid=4ee362f4-0ed4-4c00-93c4-d8274556734b&j=0&xl8blockcheck=1

Request Chain 70

https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=4ee362f4-0ed4-4c00-93c4-d8274556734b HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&nut&uu=0862efe80a70454e827c981657a9b789

Request Chain 71

https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&ang_testid=1

Request Chain 72

https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath

Request Chain 73

https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4ee362f4-0ed4-4c00-93c4-d8274556734b HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4ee362f4-0ed4-4c00-93c4-d8274556734b&ct=y

Request Chain 74

https://dpm.demdex.net/ibs:dpid=269&dpuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b

Request Chain 75

https://aa.agkn.com/adscores/g.pixel?sid=9211132948&mt=4ee362f4-0ed4-4c00-93c4-d8274556734b HTTP 302
https://d.agkn.com/pixel/10751/?che=1660161751902&ip=185.213.155.162&l1=https%3A%2F%2Fpixel.mathtag.com%2Fsync%2Fimg%2F%3Fmt_exid%3D10009%26mt_exuid%3D HTTP 302
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
wetransfer.org/
Redirect Chain

http://wetransfer.org/
https://wetransfer.org/

116 B
436 B

35ms
9ms

Document
text/html

52.222.236.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wetransfer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-84.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53534
content-length: 116
content-type: text/html
date: Wed, 10 Aug 2022 05:19:23 GMT
etag: "74c65d722b5f510de2bb8cfa55fd6328"
last-modified: Tue, 02 Mar 2021 07:11:06 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-id: JYYTIqQ6AWeSfv5lPSpoWIal-GvmX3_KBWlG_mJL50QMLkLqnEvcYw==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 183
Content-Type: text/html
Date: Wed, 10 Aug 2022 20:02:27 GMT
Location: https://wetransfer.org/
Server: CloudFront
Via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
X-Amz-Cf-Id: -R_GKOtZgaTNJnMvYzZ4NI5MThvZ0KHZ4j0k_RWuAsXuqhcusp-6CA==
X-Amz-Cf-Pop: FRA56-P4
X-Cache: Redirect from cloudfront

GET
H2 200 Primary Request / Show response
wetransfer.com/ 30 KB
8 KB 165ms
69ms Document
text/html 108.128.146.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wetransfer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.146.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-146-55.eu-west-1.compute.amazonaws.com

Software

Resource Hash

688e5acfb324a7c61f46fbf0038f59bd5f36992cc4e46a428301f0737abb11c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wetransfer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 7259
content-type: text/html; charset=utf-8
date: Wed, 10 Aug 2022 20:02:27 GMT
etag: W/"757660df2c0bd4051236750847d2447f"
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains;
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-opaque: 045c0097014f89b188434d2cc3664b95bb12d533-m4vdl-88973
x-permitted-cross-domain-policies: none
x-request-id: ab66fc0e1dce18f9ac238d24a3368098
x-runtime: 0.035538
x-xss-protection: 1; mode=block

GET
H2 200 runtime~application-eadd8b99d1b7504ffe2b.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/ 7 KB
3 KB 73ms
37ms Script
application/javascript 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/runtime~application-eadd8b99d1b7504ffe2b.es6.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d6afc3fcb3d3a915def5495bc9d39311e334b79ebfbd7388fbb942352d432a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:18:05 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:50:12 GMT
server: AmazonS3
age: 24263
etag: W/"37670309e9f0bc22994aadc56a162ccf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: mr4QLfYRSi0RZd43TiZp5okLu8qqKJW21VQ0Wf8gftDGpomMU_gQLA==

GET
H2 200 application-411af4277b901e20f039.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/ 949 KB
245 KB 130ms
95ms Script
application/javascript 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/application-411af4277b901e20f039.es6.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed7f5306f76eab6732f17ea5bbe2bba1366ec5973eb8fab4be9ab3723c765509

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:18:05 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:50:12 GMT
server: AmazonS3
age: 24263
etag: W/"f4cc8236887dd89591c00d8d75e38fbf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: 28UfNw0WNc4G-mJPWpBPVtO0OWyem4V3BMvHJBu4KGscyjLhTsYdkQ==

GET
H2 200 vendor-38696fefb6e24c891690.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/ 2 MB
571 KB 74ms
39ms Script
application/javascript 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d18bcef4fc2611e20b985560b488c1bce6512de094b845ce8ef2b39caf854519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:17:53 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 09:51:12 GMT
server: AmazonS3
age: 114274
etag: W/"e060af45bb9e0fd1ebfccee043a54d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: x-bNHj2UZZqxgZkfTvp0o_U3zItOoPgNFa6NJdqq3KxV8yD-0LHjBw==

GET
H2 200 ActiefGrotesque_W_Regular-1f437876.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ 30 KB
31 KB 59ms
24ms Font
font/woff 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6

Request headers

Referer: https://wetransfer.com/
Origin: https://wetransfer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 04:05:53 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 5673395
x-cache: Hit from cloudfront
content-length: 31120
last-modified: Fri, 03 Jun 2022 11:49:18 GMT
server: AmazonS3
etag: "57cbbfdafc43e0deecc75a309dd042c6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://wetransfer.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: dgBnaXJUMe8wNc85PzkxlM2Nayln-co_jRmZ4_unv5Z9szeJ1UcZLg==

GET
H2 200 ActiefGrotesque_W_Medium-293e86f0.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ 31 KB
32 KB 67ms
32ms Font
font/woff 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555

Request headers

Referer: https://wetransfer.com/
Origin: https://wetransfer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 02:56:42 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 5763946
x-cache: Hit from cloudfront
content-length: 32124
last-modified: Fri, 03 Jun 2022 11:49:18 GMT
server: AmazonS3
etag: "868aedeefe7669e8a4f7196f7df5d058"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://wetransfer.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: J41JwldJCH28OJkFZ6KJ6LXZ2-o374NdI5-gnY2iKB8kfIk-MlBBsQ==

GET
H2 200 GT-Super-WT-Super-1b214df1.woff
prod-cdn.wetransfer.net/packs/media/gt-super-wt/ 42 KB
43 KB 73ms
38ms Font
font/woff 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73

Request headers

Referer: https://wetransfer.com/
Origin: https://wetransfer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 15:04:12 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 28789096
x-cache: Hit from cloudfront
content-length: 43188
last-modified: Fri, 10 Sep 2021 15:12:00 GMT
server: AmazonS3
etag: "55576599a2d772f9297c5036d355b1fb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://wetransfer.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: bxT9PBi798aX4OoWmqJH_Y1y2Nqes76espxD03aIwXe9aSE5nZwD4Q==

GET
H2 200 application-bcaaef40.chunk.css
prod-cdn.wetransfer.net/packs/css/ 422 KB
57 KB 60ms
25ms Stylesheet
text/css 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/css/application-bcaaef40.chunk.css
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aa998eeed2d7828191665d579c29311ef87f9bea7d194a24b08b14cde6ff92a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:18:05 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 13:05:51 GMT
server: AmazonS3
age: 24263
etag: W/"8413bd0a7b9befb413d700630cb8d8ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: 1ndjJhyCoOgcA4D_CDH9DB-yD-JLQiXcmNFhMtyFMG002ImzR4t8nw==

GET
H2 200 de-95cf094f889bad6da50b.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/runtime~locale/ 1 KB
1 KB 128ms
94ms Script
application/javascript 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/runtime~locale/de-95cf094f889bad6da50b.es6.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cfcde69c520d4f6429ceaf8e2d86fa2bdc4f6d3f8b64552e45d321c5661c31c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:14:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 12:46:39 GMT
server: AmazonS3
age: 3653286
etag: W/"827fd308be44e275084c3415f0082d95"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: YFe1XKCXpHbSE_0LeuS_2XeYOVadKXzOxL5is0WO06Sy5wPMO15IiQ==

GET
H2 200 de-14a24632dcdaabd41fa7.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/locale/ 201 KB
61 KB 151ms
117ms Script
application/javascript 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/locale/de-14a24632dcdaabd41fa7.es6.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d9055a09f2a51cacae99e47206cbb1b14950254ed9b51230670cbbc1e136c9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 12:17:57 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 09:51:11 GMT
server: AmazonS3
age: 114271
etag: W/"748e5c4ec7235acbf13ba00efd1d0798"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: jz_A8JxEgCXaT8y2NmAq-IM3TWOhskM_sk8VBsUn1q02iKeOCm4yVQ==

GET
H2 200 adtrack-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js Show response
prod-cdn.wetransfer.net/assets/ 349 B
706 B 156ms
122ms Script
application/javascript 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/assets/adtrack-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 09:20:19 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Thu, 16 Sep 2021 07:50:50 GMT
server: AmazonS3
age: 28377728
etag: "019dafef616906d42b64043fce694aa3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-length: 349
x-amz-cf-id: IsIMsUH6YWV2GfU739NNI8tTgZDjiD453-NBVfLODtQ_9V1feh_kKw==

GET
H2 200 sp.js Show response
cdnjs.cloudflare.com/ajax/libs/snowplow/2.17.3/ 77 KB
24 KB 34ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/snowplow/2.17.3/sp.js

Requested by

Host: wetransfer.com
URL: https://wetransfer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13314834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23792
timing-allow-origin: *
last-modified: Tue, 16 Feb 2021 22:52:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "602c4cbd-1359f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SN2hvxqCtWjyvJ1%2BHczABweaVgjdMvu0VIeObEIThxdnXFp8HHbxChHG3tv081%2FiRSBeMInNXwaSjrohzOwSYYnDofjAtVytTACSzjxDGgpBAhwzwXhKhpU1apRDKMwYXU%2BZhTtEWdvY06MGONjMdfP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 738b544b480f690d-FRA
expires: Mon, 31 Jul 2023 20:02:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
64 KB 154ms
73ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4

Requested by

Host: wetransfer.com
URL: https://wetransfer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87d010a97b50d334d21137b271946bea17ccff6033cebff691712881c41ebd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65128
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 18:38:11 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Aug 2022 20:02:27 GMT

OPTIONS
H2 200 5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ Frame 0
0 132ms
9ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://wetransfer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 10 Aug 2022 20:02:27 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 93
x-served-by: cache-hhn4035-HHN
x-timer: S1660161748.901561,VS0,VE0

GET
H2 200 5b82f23280914154b163996e Show response
app.launchdarkly.com/sdk/goals/ 2 B
180 B 7ms
6ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wetransfer.com/
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.9.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Wed, 10 Aug 2022 20:02:27 GMT
content-length: 26
x-served-by: cache-hhn4035-HHN
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1660161748.909703,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 272

GET
H2 200 72-e55bc2f5fea2eeab278e.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/ 397 B
755 B 7ms
7ms Script
application/javascript 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/72-e55bc2f5fea2eeab278e.es6.js
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/runtime~application-eadd8b99d1b7504ffe2b.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbcdcb3c106b1df68521e489bcb46feedf49f52bb816c5f1f3f0cfd62c20b4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:33:21 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Mon, 08 Aug 2022 12:19:21 GMT
server: AmazonS3
age: 199747
etag: "87777e261b7e4834785c9ea82ce5cd3f"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-length: 397
x-amz-cf-id: dQKoQ8GsZXu7x8YO2hHt3Xi_vpEUPE-N1U7pJDOxQwDMCgc9oYVkYw==

GET
H2 200 purposes-de.json Show response
wetransfer.com/consent/ 32 KB
5 KB 59ms
59ms XHR
application/json 108.128.146.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wetransfer.com/consent/purposes-de.json

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.146.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-146-55.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c0edb81e5fea502efa7b013401798cc0200860c5d55cae169dc50489345c9a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:27 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
last-modified: Wed, 10 Aug 2022 11:42:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains;
content-type: application/json

GET
H2 404 purposes-DE.json Show response
wetransfer.com/consent/ 836 B
738 B 60ms
60ms XHR
text/html 108.128.146.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wetransfer.com/consent/purposes-DE.json

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.146.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-146-55.eu-west-1.compute.amazonaws.com

Software

Resource Hash

507b2bfcff0d119933b122c3e234937edc43abfaa8da81122256008c5e138ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-runtime: 0.001515
date: Wed, 10 Aug 2022 20:02:27 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; includeSubDomains;
x-opaque: 045c0097014f89b188434d2cc3664b95bb12d533-ft757-89643
content-length: 470
x-request-id: 0fe0dfa2da9fd4ee97dfd201b9b6da5d

GET
H2 404 purposes-DE.json Show response
wetransfer.com/consent/ 836 B
738 B 58ms
58ms XHR
text/html 108.128.146.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wetransfer.com/consent/purposes-DE.json

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.146.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-146-55.eu-west-1.compute.amazonaws.com

Software

Resource Hash

507b2bfcff0d119933b122c3e234937edc43abfaa8da81122256008c5e138ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-runtime: 0.001380
date: Wed, 10 Aug 2022 20:02:27 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; includeSubDomains;
x-opaque: 045c0097014f89b188434d2cc3664b95bb12d533-p6v5v-88872
content-length: 470
x-request-id: 277bd6b52bad698f587427f27de0feab

GET
H2 200 FreightSans-Pro-Medium-1243d73c.woff
prod-cdn.wetransfer.net/packs/media/freightsans/ 54 KB
55 KB 10ms
9ms Font
font/woff 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/media/freightsans/FreightSans-Pro-Medium-1243d73c.woff
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-bcaaef40.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad

Request headers

Referer: https://prod-cdn.wetransfer.net/packs/css/application-bcaaef40.chunk.css
Origin: https://wetransfer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 19 May 2022 04:36:40 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 7226748
x-cache: Hit from cloudfront
content-length: 55500
last-modified: Mon, 16 May 2022 08:15:47 GMT
server: AmazonS3
etag: "ad8147768c14e6e7ecc52ab7550f74d1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://wetransfer.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: 08qwF0Wze17YvXIKDc4PfQS29tJGwLDt-Jwtos0GPgXwMpCLrbCBJQ==

GET
H2 200 FreightSans-Pro-Semibold-b548f89b.woff
prod-cdn.wetransfer.net/packs/media/freightsans/ 58 KB
59 KB 15ms
14ms Font
font/woff 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/media/freightsans/FreightSans-Pro-Semibold-b548f89b.woff
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-bcaaef40.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781

Request headers

Referer: https://prod-cdn.wetransfer.net/packs/css/application-bcaaef40.chunk.css
Origin: https://wetransfer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 07:59:40 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 21470568
x-cache: Hit from cloudfront
content-length: 59464
last-modified: Fri, 03 Dec 2021 12:38:29 GMT
server: AmazonS3
etag: "10e5a40bf97498cd39965488ce760603"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://wetransfer.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: h6SLIW_tT9hlP5FJUAVhOe_RQJTaVpKO4NZRjA-5dnf4ZNoj2O2wUA==

GET
H2 200 GT-Super-WT-Regular-4aad923e.woff
prod-cdn.wetransfer.net/packs/media/gt-super-wt/ 43 KB
43 KB 20ms
20ms Font
font/woff 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Regular-4aad923e.woff
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-bcaaef40.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f95dc7465b90788f8d5cb452b298bb4e6639cec58821888da9be25f353035a8c

Request headers

Referer: https://prod-cdn.wetransfer.net/packs/css/application-bcaaef40.chunk.css
Origin: https://wetransfer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 21 May 2022 02:53:58 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 7060110
x-cache: Hit from cloudfront
content-length: 43796
last-modified: Thu, 19 May 2022 17:36:20 GMT
server: AmazonS3
etag: "5321545e6fd1cec2eb1ee4b745f450a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://wetransfer.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-amz-cf-id: ZQ_umHVVTCmjYUnPo5etQknrWp6t6dHnkmzaCURROE3_daFEwtzl4g==

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 182ms
20ms Script
application/x-javascript 18.66.15.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1
Requested by: Host: wetransfer.org
URL: https://wetransfer.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-13.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 09:02:26 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
server: AmazonS3
age: 39602
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
via: 1.1 780489eb078b12b535ed56179d4e97fe.cloudfront.net (CloudFront)
cache-control: public,max-age=86400
x-amz-cf-pop: VIE50-P1
content-type: application/x-javascript
x-amz-cf-id: IsTHquK9FaJkzQDoRvwiCwn9fJSlTpe56YQhOddsRMYvVABj83vwkA==

POST
H2 200 graphql Show response
wetransfer.com/api/ 857 B
1 KB 66ms
65ms Fetch
application/json 108.128.146.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wetransfer.com/api/graphql

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.146.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-146-55.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f68aa884e711f65abccf4404e2e6b6c25d0e2de365cda85c8a74bcb09db6a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wetransfer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json

Response headers

date: Wed, 10 Aug 2022 20:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-max-age: 0
strict-transport-security: max-age=15552000; includeSubDomains;
x-opaque: 045c0097014f89b188434d2cc3664b95bb12d533-l9wwf-87221
content-length: 545
x-xss-protection: 1; mode=block
x-request-id: 6b7e87e00db25e606db312d68ef36ffc
x-runtime: 0.008297
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
etag: W/"187620aa347d77d34ca9b863cfc06f4a"
x-download-options: noopen
vary: Accept-Encoding, Origin
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wetransfer.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate

GET
H2 200 cookie-wall-trees-5134ae83.png
prod-cdn.wetransfer.net/packs/media/images/ 509 KB
510 KB 14ms
14ms Image
image/png 108.138.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-cdn.wetransfer.net/packs/media/images/cookie-wall-trees-5134ae83.png
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-bcaaef40.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67836b0db963caed2064f4829efcc4d0d73369dbe4a71f4cdfc85c04835744a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-cdn.wetransfer.net/packs/css/application-bcaaef40.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:43:17 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Tue, 31 Aug 2021 15:17:41 GMT
server: AmazonS3
age: 29693951
etag: "5dd551d541f9c72bfa4ed8621d46908d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-length: 521659
x-amz-cf-id: bS2EasxkftF9YGD8kxDEat_XsQjavdt3kfhQ3cnhMBC3zmiHa9SdMg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
90 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c2792e11229c896a53b921fcdcb6ab67ccdbb727d7986bf44fbae28d4f7b648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91669
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 18:38:11 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Aug 2022 20:02:28 GMT

GET
H/1.1 200
OK login-status Show response
auth-session-caching.wetransfer.net/v1/ 23 B
437 B 30ms
30ms XHR
application/json 34.242.86.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-session-caching.wetransfer.net/v1/login-status

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.86.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-86-125.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

858b8a6408a3c9a457c831ce91d3dcc273e12ae41991523890f87e58ce4fc5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://wetransfer.com/
X-Unique-Id: afb037f8-d0e4-4b5f-8dc2-d9edb4772f0b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:28 GMT
ETag: W/"17-6KfFE322UJ8oECONJYza9lB9eAM"
X-Powered-By: Express
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://wetransfer.com
Connection: keep-alive
RateLimit-Reset: 35
RateLimit-Limit: 1500
Strict-Transport-Security: max-age=31536000; includeSubDomains
RateLimit-Remaining: 1499
Content-Length: 23

OPTIONS
H/1.1 204
No Content login-status
auth-session-caching.wetransfer.net/v1/ Frame 0
0 128ms
29ms Preflight 34.242.86.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-session-caching.wetransfer.net/v1/login-status

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.86.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-86-125.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-unique-id
Access-Control-Request-Method: GET
Origin: https://wetransfer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://wetransfer.com
Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Aug 2022 20:02:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express
access-control-allow-headers: x-unique-id

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
37ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3628
date: Wed, 10 Aug 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 10 Aug 2022 21:02:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 93ms
42ms Script
text/javascript 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1574122&mt_adid=250688&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x9 config:1.0.0 /
Resource Hash: 5e5b7a820cb6cbeed20fff76ecfb4d19bc80108bad263189fd0f84e17062046d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:28 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x9 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1485
Expires: Wed, 10 Aug 2022 20:02:27 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 4CF1 6 KB
2 KB 91ms
57ms Document
text/html 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&no_iframe=1&mt_adid=250688&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1574122&mt_adid=250688&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x26 config:1.0.0 /
Resource Hash: e60cd281221d7942f314410b958ff278445959c4d47a55211ae75468cdd3ac81

Request headers

Referer: https://wetransfer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2045
Content-Type: text/html
Date: Wed, 10 Aug 2022 20:02:28 GMT
Expires: Wed, 10 Aug 2022 20:02:27 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master zrh-pixel-x26 config:1.0.0
Vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
525 B 46ms
45ms Image
image/gif 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:28 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 10 Aug 2022 20:02:27 GMT

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 511ms
168ms Preflight 52.33.249.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.33.249.191 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-249-191.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://wetransfer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 10 Aug 2022 20:02:28 GMT
strict-transport-security: max-age=15768000

OPTIONS
H2 200 tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ Frame 0
0 180ms
30ms Preflight 52.49.70.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.70.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-70-141.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wetransfer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://wetransfer.com
access-control-max-age: 5
content-length: 0
date: Wed, 10 Aug 2022 20:02:28 GMT
server: nginx

GET
H2 200 tiers Show response
wetransfer.com/api/v4/nu_subscriptions/ 5 KB
875 B 55ms
55ms XHR
application/json 108.128.146.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wetransfer.com/api/v4/nu_subscriptions/tiers?country_code=DE&planTier=plus

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.146.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-146-55.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1d6dfd9254f4378bb52307b4ef598f9e21056a9cdb0b8e8dbb611b1579960164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains;
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://wetransfer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-runtime: 0.023438
date: Wed, 10 Aug 2022 20:02:28 GMT
content-encoding: gzip
x-frame-options: deny
etag: W/"19f04f4da5c6d58707e1221e00e31866"
vary: Accept-Encoding, Origin
content-type: application/json
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15552000; includeSubDomains;
x-opaque: 045c0097014f89b188434d2cc3664b95bb12d533-b6fcs-87488
content-length: 532
x-request-id: 3ea860463a2357569d45d79ce49fadd0

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 190ms
190ms XHR
text/html 52.33.249.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.33.249.191 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-249-191.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://wetransfer.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 10 Aug 2022 20:02:28 GMT
trace-id: Root=1-62f40ed4-147c266d1785c37b798cdd04
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 tp2 Show response
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 2 B
328 B 93ms
28ms XHR
text/plain 52.49.70.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/snowplow/2.17.3/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.70.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-70-141.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://wetransfer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://wetransfer.com
date: Wed, 10 Aug 2022 20:02:28 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 60 B
206 B 204ms
204ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ef24f05afadc6e2a064984383a77cf7562cf8d3de960a574f524b3e0d4031bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS41LjMiLCJkZXZpY2VfaWQiOiJ0M2tHUFQ3M2phdEd1NDJ3M1NGVlptIiwidXNlcl9wcm9wZXJ0aWVzIjp7IklzIEludGVybmFsIjpmYWxzZX19
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9
Authorization: Api-Key client-eOWm0wyG7UQC8u3SXqkg11Qnh4vUpARA

Response headers

date: Wed, 10 Aug 2022 20:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-amzn-trace-id: Root=1-62f40ed4-3c5819874c46c20259d16872
x-served-by: cache-hhn4046-HHN
vary: Origin, Origin
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wetransfer.com
access-control-allow-credentials: true
accept-ranges: bytes
x-timer: S1660161748.479040,VS0,VE197
content-length: 73
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 212ms
183ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://wetransfer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://wetransfer.com
access-control-max-age: 1800
date: Wed, 10 Aug 2022 20:02:28 GMT
vary: Origin
x-amzn-trace-id: Root=1-62f40ed4-058ddc5309d6db262adbf7a3
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4046-HHN
x-timer: S1660161748.295153,VS0,VE176

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 112ms
38ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=487855118&t=pageview&_s=1&dl=https%3A%2F%2Fwetransfer.com%2F&dr=https%3A%2F%2Fwetransfer.org%2F&ul=en-us&de=UTF-8&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUAB~&cid=873779449.1660161748&tid=UA-11792855-4&_gid=775082382.1660161748&gtm=2wg880K878LCS&cd8=wetransfer&cd14=wetransfer.com&cd20=GTM-K878LCS%20%7C%20Version%20110%20%7C%20%20Environment%20%20%7C%20Debug%20false&cd21=https%3A%2F%2Fwetransfer.com%2F&cd33=0&cd34=undefined&cd35=undefined&cd36=undefined&cd37=undefined&cd38=undefined&cd40=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&cd41=1&cd42=24&cd43=https%3A%2F%2Fwetransfer.org%2F&npa=1&z=425273212

Requested by

Host: wetransfer.com
URL: https://wetransfer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 17:31:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9076
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 4CF1 43 B
517 B 53ms
53ms Image
image/gif 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=0:27&mt_cb=470835&mop_top=
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&no_iframe=1&mt_adid=250688&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x28 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&no_iframe=1&mt_adid=250688&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:28 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 10 Aug 2022 20:02:27 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 4CF1 43 B
525 B 41ms
40ms Image
image/gif 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&no_iframe=1&mt_adid=250688&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x28 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&no_iframe=1&mt_adid=250688&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:28 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 10 Aug 2022 20:02:27 GMT

POST
H2 200 tp2 Show response
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 2 B
327 B 27ms
27ms XHR
text/plain 52.49.70.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/snowplow/2.17.3/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.70.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-70-141.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://wetransfer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://wetransfer.com
date: Wed, 10 Aug 2022 20:02:28 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ Frame 0
0 31ms
30ms Preflight 52.49.70.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.70.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-70-141.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wetransfer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://wetransfer.com
access-control-max-age: 5
content-length: 0
date: Wed, 10 Aug 2022 20:02:28 GMT
server: nginx

POST
H2 200 / Show response
api.amplitude.com/ 7 B
204 B 186ms
186ms XHR
text/html 52.33.249.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.33.249.191 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-249-191.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://wetransfer.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 10 Aug 2022 20:02:29 GMT
trace-id: Root=1-62f40ed5-1e129acc7e18c21b652f96d8
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 182ms
182ms Preflight 52.33.249.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.33.249.191 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-249-191.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://wetransfer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 10 Aug 2022 20:02:29 GMT
strict-transport-security: max-age=15768000

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 4CF1 0
239 B 90ms
16ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4ee362f4-0ed4-4c00-93c4-d8274556734b&expires=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=TuNi9A7UTACTxNgnRVZzSw
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm=&google_hm=TuNi9A7UTACTxNgnRVZzSw&google_tc=
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESECkTxuzDz3pD57gV66yafCA&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=TuNi9A7UTACTxNgnRVZzSw

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=TuNi9A7UTACTxNgnRVZzSw

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 20:02:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 10 Aug 2022 20:02:30 GMT
Server: MT3 4475 c1dc35a master hkg-pixel-x11 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=TuNi9A7UTACTxNgnRVZzSw
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 10 Aug 2022 20:02:29 GMT

POST
H2 202 5b82f23280914154b163996e Show response
events.launchdarkly.com/events/bulk/ 0
344 B 138ms
137ms XHR
application/json 54.86.103.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-38696fefb6e24c891690.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-103-61.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wetransfer.com/
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.9.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 10 Aug 2022 20:02:30 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ Frame 0
0 306ms
98ms Preflight 54.86.103.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-103-61.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://wetransfer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Wed, 10 Aug 2022 20:02:30 GMT
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

img
sync.mathtag.com/sync/ Frame 4CF1
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fmt_exid%3D13%26mt_mminit%3D1%26mt_exuid%3D%24UID
https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8947551656747804899

43 B
429 B

249ms
248ms

Image
image/gif

103.229.206.240
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8947551656747804899
Protocol: HTTP/1.1
Server: 103.229.206.240 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4475 c1dc35a master hkg-pixel-x5 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:31 GMT
Server: MT3 4475 c1dc35a master hkg-pixel-x5 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 10 Aug 2022 20:02:30 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Aug 2022 20:02:31 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7e486f5b-1f52-421f-a087-2b14e927086d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=8947551656747804899
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 4CF1 0
225 B 84ms
17ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA=&piggybackCookie=uid:4ee362f4-0ed4-4c00-93c4-d8274556734b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:31 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 4CF1 43 B
273 B 78ms
20ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4ee362f4-0ed4-4c00-93c4-d8274556734b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 20:02:31 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 4CF1
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b

43 B
441 B

36ms
35ms

Image
image/gif

52.17.103.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b
Protocol: H2
Server: 52.17.103.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-103-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Aug 2022 20:02:31 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b
date: Wed, 10 Aug 2022 20:02:31 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4CF1
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b&C=1

43 B
945 B

60ms
41ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 738b5462dc579153-FRA
pragma: no-cache
date: Wed, 10 Aug 2022 20:02:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FR1en46opl98Z6e41W7n%2BPGxHw6OTjT%2B05KH8F1hlZzePBIHZhKGuz9En76lXgr2fhW7ctCF%2BT3A%2Br1nNpbKwfy9kBGubNQZz6ad5i6125pcoxyruKhQ4uof9EliN8I5ihRGxL46af4iw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Aug 2022 20:02:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecE4JP%2FEqx3kKdAJAT2bIB92cwgpB489n%2BobaXJQqbnXP144aoVzLIQhy58hNCzd9kCRxWmXdeHzglRHAkd9UGGur0EPC6aBT23fYPKhSA%2FfnNVGBem2MtcQJB30j6pF%2BK874Vq9KQf8xw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=3&external_user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b&C=1
cache-control: no-cache
cf-ray: 738b54626fa8920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55938/ Frame 4CF1
Redirect Chain

https://ups.analytics.yahoo.com/ups/55938/sync?uid=4ee362f4-0ed4-4c00-93c4-d8274556734b&_origin=1
https://ups.analytics.yahoo.com/ups/55938/sync?uid=4ee362f4-0ed4-4c00-93c4-d8274556734b&_origin=1&verify=true

0
121 B

11ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55938/sync?uid=4ee362f4-0ed4-4c00-93c4-d8274556734b&_origin=1&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:31 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55938/sync?uid=4ee362f4-0ed4-4c00-93c4-d8274556734b&_origin=1&verify=true
date: Wed, 10 Aug 2022 20:02:31 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 4448
stags.bluekai.com/site/ Frame 4CF1 62 B
445 B 262ms
188ms Image
image/gif 104.96.159.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/4448?id=4ee362f4-0ed4-4c00-93c4-d8274556734b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.159.57 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-159-57.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:31 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H/1.1

200
OK

sync
t.visx.net/ul_cb/ Frame 4CF1
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=80&user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=4ee362f4-0ed4-4c00-93c4-d8274556734b&expires=30
https://t.visx.net/sync?tp_id=1&tp_uid=0c554be0-fc62-4a01-b00f-24c28aa94680&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=0c554be0-fc62-4a01-b00f-24c28aa94680&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=

43 B
601 B

36ms
36ms

Image
image/gif

35.210.91.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=0c554be0-fc62-4a01-b00f-24c28aa94680&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
Protocol: HTTP/1.1
Server: 35.210.91.196 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS: 196.91.210.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=0c554be0-fc62-4a01-b00f-24c28aa94680&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
Date: Wed, 10 Aug 2022 20:02:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 4CF1 43 B
656 B 52ms
48ms Image
image/gif 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=10:27&mt_cb=871463&mop_top=9:1660158011|4:1660158011|13:1660158011|3:1660158011|5:1660158011|276:1660158011|15:1660158011|21:1660158011|10010:1660158011|46:1660158011|
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&no_iframe=1&mt_adid=250688&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:31 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 10 Aug 2022 20:02:30 GMT

GET
H2 451 361087.gif
idsync.rlcdn.com/ Frame 4CF1 0
98 B 145ms
40ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/361087.gif?partner_uid=4ee362f4-0ed4-4c00-93c4-d8274556734b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

img
pixel.mathtag.com/sync/ Frame 4CF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm
https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEJ_pjMEntVatROcQhy0iB4g&google_cver=1

43 B
405 B

56ms
56ms

Image
image/gif

184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEJ_pjMEntVatROcQhy0iB4g&google_cver=1
Protocol: HTTP/1.1
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:31 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 10 Aug 2022 20:02:30 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Aug 2022 20:02:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEJ_pjMEntVatROcQhy0iB4g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 4CF1
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=4ee362f4-0ed4-4c00-93c4-d8274556734b
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=4ee362f4-0ed4-4c00-93c4-d8274556734b

95 B
113 B

77ms
42ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=4ee362f4-0ed4-4c00-93c4-d8274556734b

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:31 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=4ee362f4-0ed4-4c00-93c4-d8274556734b
date: Wed, 10 Aug 2022 20:02:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 4CF1 43 B
731 B 430ms
54ms Image
image/gif 2.23.97.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=4ee362f4-0ed4-4c00-93c4-d8274556734b&redirectId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.19 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Aug 2022 20:02:31 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1660161751761044-504
Expires: Wed, 10 Aug 2022 20:02:31 GMT

GET
H/1.1 204
No Content merge
ce.lijit.com/ Frame 4CF1 0
311 B 381ms
19ms Image
text/plain 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=4ee362f4-0ed4-4c00-93c4-d8274556734b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Aug 2022 20:02:31 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Expires: Fri, 20 Mar 2009 00:00:00 GMT
X-MERGE: GDPR Optout true
X-Sovrn-Pod: ad_ap7ams1
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 4CF1 43 B
163 B 387ms
18ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=25&partneruserid=4ee362f4-0ed4-4c00-93c4-d8274556734b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:31 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

14876172
se.semasio.net/sync/1/ Frame 4CF1
Redirect Chain

https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=4ee362f4-0ed4-4c00-93c4-d8274556734b&sInitiator=external
https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=4ee362f4-0ed4-4c00-93c4-d8274556734b&sInitiator=external
https://se.semasio.net/sync/1/14876172?sExtCookieId=4ee362f4-0ed4-4c00-93c4-d8274556734b&sInitiator=external&gdpr=&gdpr_consent=

0
415 B

1167ms
1038ms

Image
text/plain

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/14876172?sExtCookieId=4ee362f4-0ed4-4c00-93c4-d8274556734b&sInitiator=external&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 20:02:31 GMT
uip-status: Ok
frontend-id: 04
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Aug 2022 20:02:31 GMT
frontend-id: 3
location: https://se.semasio.net/sync/1/14876172?sExtCookieId=4ee362f4-0ed4-4c00-93c4-d8274556734b&sInitiator=external&gdpr=&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 4CF1
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=6653&uid=4ee362f4-0ed4-4c00-93c4-d8274556734b
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=4ee362f4-0ed4-4c00-93c4-d8274556734b&__user_check__=1&sync_id=5e5ef136-18e7-11ed-bd7e-125b01370206

43 B
549 B

25ms
25ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6653&uid=4ee362f4-0ed4-4c00-93c4-d8274556734b&__user_check__=1&sync_id=5e5ef136-18e7-11ed-bd7e-125b01370206
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:31 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 120
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 10 Aug 2022 20:02:31 GMT
Server: nginx
Location: /partner?adv_id=6653&uid=4ee362f4-0ed4-4c00-93c4-d8274556734b&__user_check__=1&sync_id=5e5ef136-18e7-11ed-bd7e-125b01370206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 93
Connection: keep-alive
Content-Length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 4CF1 95 B
456 B 301ms
32ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=4ee362f4-0ed4-4c00-93c4-d8274556734b&env=mWeb&zpartnerid=979&zdid=979
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://pixel.mathtag.com
access-control-allow-credentials: true
cf-ray: 738b5464c96abb5c-FRA
access-control-allow-headers: *
content-length: 95

GET
H2

204

/
loadm.exelator.com/load/ Frame 4CF1
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=101&buid=4ee362f4-0ed4-4c00-93c4-d8274556734b&j=0
https://loadm.exelator.com/load/?p=204&g=101&buid=4ee362f4-0ed4-4c00-93c4-d8274556734b&j=0&xl8blockcheck=1

0
767 B

14ms
14ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=101&buid=4ee362f4-0ed4-4c00-93c4-d8274556734b&j=0&xl8blockcheck=1
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 10 Aug 2022 20:02:31 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=101&buid=4ee362f4-0ed4-4c00-93c4-d8274556734b&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 4CF1 43 B
814 B 51ms
51ms Image
image/gif 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=20:27&mt_cb=424048&mop_top=9:1660158011|4:1660158011|13:1660158011|3:1660158011|5:1660158011|276:1660158011|15:1660158011|21:1660158011|10010:1660158011|46:1660158011|10017:1660158011|10074:1660158011|10072:1660158011|44:1660158011|17:1660158011|39:1660158011|10041:1660158011|30:1660158011|10092:1660158011|10008:1660158011|
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&no_iframe=1&mt_adid=250688&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:31 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 10 Aug 2022 20:02:30 GMT

GET
H2

200

tpui
ih.adscale.de/adscale-ih/ Frame 4CF1
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=4ee362f4-0ed4-4c00-93c4-d8274556734b
https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&nut&uu=0862efe80a70454e827c981657a9b789

49 B
333 B

34ms
34ms

Image
image/gif

52.57.41.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&nut&uu=0862efe80a70454e827c981657a9b789
Protocol: H2
Server: 52.57.41.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-41-188.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:31 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

location: https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&nut&uu=0862efe80a70454e827c981657a9b789
date: Wed, 10 Aug 2022 20:02:31 GMT
content-length: 0

GET
H3

200

sync
ad.sxp.smartclip.net/ Frame 4CF1
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b
https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&ang_testid=1

42 B
60 B

81ms
42ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&ang_testid=1
Protocol: H3
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:31 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Wed, 10 Aug 2022 20:02:31 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 4CF1
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=mediamath
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath

0
338 B

1134ms
28ms

Image
text/plain

54.229.124.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath
Protocol: H2
Server: 54.229.124.21 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:33 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1660161753
x-served-by: beacon-n012-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath
date: Wed, 10 Aug 2022 20:02:32 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a007-ash-prod.krxd.net

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 4CF1
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4ee362f4-0ed4-4c00-93c4-d8274556734b
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4ee362f4-0ed4-4c00-93c4-d8274556734b&ct=y

49 B
546 B

62ms
62ms

Image
image/gif

54.216.202.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4ee362f4-0ed4-4c00-93c4-d8274556734b&ct=y
Protocol: H2
Server: 54.216.202.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-202-57.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 20:02:31 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.145
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Aug 2022 20:02:31 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4ee362f4-0ed4-4c00-93c4-d8274556734b&ct=y
cache-control: no-cache
x-server: 10.45.20.132
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 4CF1
Redirect Chain

https://dpm.demdex.net/ibs:dpid=269&dpuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b

42 B
942 B

37ms
37ms

Image
image/gif

3.248.52.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b

Protocol

HTTP/1.1

Server

3.248.52.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-52-119.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v038-019009321.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EHm68PWGTXY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v038-04c8fac1a.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: TgddjP/lSu0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=4ee362f4-0ed4-4c00-93c4-d8274556734b
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

/
pixel.mathtag.com/sync/img/ Frame 4CF1
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132948&mt=4ee362f4-0ed4-4c00-93c4-d8274556734b
https://d.agkn.com/pixel/10751/?che=1660161751902&ip=185.213.155.162&l1=https%3A%2F%2Fpixel.mathtag.com%2Fsync%2Fimg%2F%3Fmt_exid%3D10009%26mt_exuid%3D
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=

43 B
405 B

42ms
42ms

Image
image/gif

184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=
Protocol: HTTP/1.1
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:32 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 10 Aug 2022 20:02:31 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Aug 2022 20:02:31 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 9.gif
id5-sync.com/s/3/ Frame 4CF1 43 B
1 KB 72ms
12ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/3/9.gif?puid=4ee362f4-0ed4-4c00-93c4-d8274556734b

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:02:30 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 4CF1 43 B
927 B 56ms
55ms Image
image/gif 184.51.9.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=27:27&mt_cb=360857&check=4ee362f4-0ed4-4c00-93c4-d8274556734b&mop_top=9:1660158011|4:1660158011|13:1660158011|3:1660158011|5:1660158011|276:1660158011|15:1660158011|21:1660158011|10010:1660158011|46:1660158011|10017:1660158011|10074:1660158011|10072:1660158011|44:1660158011|17:1660158011|39:1660158011|10041:1660158011|30:1660158011|10092:1660158011|10008:1660158011|26:1660158011|50:1660158011|10031:1660158011|10040:1660158011|10004:1660158011|10009:1660158011|10089:1660158011|
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-44.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=4ee362f4-0ed4-4c00-93c4-d8274556734b&no_iframe=1&mt_adid=250688&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 10 Aug 2022 20:02:31 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 10 Aug 2022 20:02:30 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wetransfer.com/	1970-01-20 13:54:57	Name: auth_session_uuid Value: afb037f8-d0e4-4b5f-8dc2-d9edb4772f0b
.wetransfer.com/	1970-01-20 07:18:57	Name: _gcl_au Value: 1.1.470448639.1660161748
.mathtag.com/	1970-01-20 14:35:16	Name: uuid Value: 4ee362f4-0ed4-4c00-93c4-d8274556734b
.mathtag.com/	1970-01-20 05:52:33	Name: mt_misc Value: mt_bt:1
.wetransfer.com/	1970-01-20 05:09:23	Name: _wt_snowplowses.0497 Value: *
.wetransfer.com/	1970-01-20 14:45:21	Name: _wt_snowplowid.0497 Value: de62e9e9-62b2-43b4-b6b4-279caef02092.1660161747.1.1660161748.1660161747.e6284a8f-7bbe-4341-ba30-4bf64a115fc9
.wetransfer.com/	1970-01-20 13:54:57	Name: amp_874b77 Value: t3kGPT73jatGu42w3SFVZm...1ga4ljr8i.1ga4ljr9e.2.1.3
.wetransfer.com/	1970-01-20 14:45:21	Name: _ga Value: GA1.2.873779449.1660161748
.wetransfer.com/	1970-01-20 05:10:48	Name: _gid Value: GA1.2.775082382.1660161748
.wetransfer.com/	1970-01-20 13:54:57	Name: sp Value: 202bb211-e3ca-459e-807c-94c1bd34245a
.doubleclick.net/	1970-01-20 14:30:57	Name: IDE Value: AHWqTUlA1wa2EHJ-iG6MDdpSVBFveLVVFH0-cxHlWjmzVxvB0llDx1xEeuFBpMjq_aM
.yahoo.com/	1970-01-20 13:55:19	Name: A3 Value: d=AQABBNcO9GICEKleld7h0cNcdLkUn2ek17cFEgEBAQFg9WL9YgAAAAAA_eMAAA&S=AQAAAiA6ZeHPBLXSKVrRrjQxBNY
.analytics.yahoo.com/	1970-01-20 13:54:57	Name: IDSYNC Value: 175u~26ik
.adnxs.com/	1970-01-20 07:18:57	Name: uuid2 Value: 8947551656747804899
.casalemedia.com/	1970-01-20 13:54:57	Name: CMID Value: YvQO1-QLH2ZxjSTlQcjtUwAA
.casalemedia.com/	1970-01-20 07:18:57	Name: CMPS Value: 1145
.casalemedia.com/	1970-01-20 07:18:57	Name: CMPRO Value: 1145
.360yield.com/	1970-01-20 07:18:57	Name: tuuid Value: 798a7bce-a34e-4467-ae39-5c5c9e09ac92
.360yield.com/	1970-01-20 07:18:57	Name: tuuid_lu Value: 1660161751
.bidswitch.net/	1970-01-20 13:54:57	Name: tuuid Value: 0c554be0-fc62-4a01-b00f-24c28aa94680
.bidswitch.net/	1970-01-20 13:54:57	Name: c Value: 1660161751
.bidswitch.net/	1970-01-20 13:54:57	Name: tuuid_lu Value: 1660161751
.360yield.com/	1970-01-20 07:18:57	Name: um Value: !5,NoKX2jxvPLPzNhhs51E5Kt31RZS71-h3P1Dbq1xTw-.50ZybXBcDbIOhfa2Y5.HM2Ms=,1667937751
.360yield.com/	1970-01-20 07:18:57	Name: umeh Value: !5,0,1722369751,-1
.tapad.com/	1970-01-20 06:35:45	Name: TapAd_TS Value: 1660161751486
.tapad.com/	1970-01-20 06:35:45	Name: TapAd_DID Value: 907003f2-6679-4fe3-adac-535f1fbf8d96
.casalemedia.com/	1970-01-20 07:18:57	Name: CMTS Value: 5173
.tapad.com/	1970-01-20 06:35:45	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-20 08:02:09	Name: EE Value: "7b414f5713f504c0d5e04f70fbdc3cba"
.adscale.de/	1970-01-20 13:51:37	Name: uu Value: 0862efe80a70454e827c981657a9b789
.adscale.de/	1970-01-20 13:51:37	Name: cct Value: 1660161751807
t.visx.net/	1970-01-20 13:54:57	Name: tuuid Value: 505d5c6f-80a1-44dd-8830-c4656e032b45
t.visx.net/	1970-01-20 13:54:57	Name: c Value: 1660161751
t.visx.net/	1970-01-20 13:54:57	Name: tuuid_lu Value: 1660161751
.exelator.com/	1970-01-20 08:02:09	Name: ud Value: "eJxrXxzq6XKLQcE8ycTQJM3U3NA4zdTAJNkgxTTVwCTN3CAtKSXZODkpcXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAZEl%252BUWb6IhfXxUUpaQyLSopPBR90WQsAsjwqlQ%253D%253D"
.sxp.smartclip.net/	1970-01-20 05:52:33	Name: uuid Value: 0222124f-d70e-f462-6874-b8b44e241514
.spotxchange.com/	1970-01-20 05:49:40	Name: audience Value: 5e5ef0f4-18e7-11ed-bd7e-125b01370206
.zeotap.com/	1970-01-20 13:54:57	Name: zc Value: 922b9158-24ac-435c-52e5-e4f6464927c9
.semasio.net/	1970-01-20 13:54:57	Name: SEUNCY Value: 34653ED8A0D339BA
.ih.adscale.de/	1970-01-20 13:51:37	Name: tu Value: 4#3546748448#39~4ee362f4-0ed4-4c00-93c4-d8274556734b~461156~0~0
t.visx.net/	1970-01-20 13:54:57	Name: um2 Value: !1,0c554be0-fc62-4a01-b00f-24c28aa94680,429411751
ads.stickyadstv.com/	1970-01-20 06:35:45	Name: uid-bp-529 Value: 4ee362f4-0ed4-4c00-93c4-d8274556734b
ads.stickyadstv.com/	1970-01-20 05:52:33	Name: UID Value: 3cbf95431769e1b257313061e0bcdaff
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 44b168de8e799e20bd5b462344ac8fb
.sxp.smartclip.net/	1970-01-20 05:52:33	Name: dspuuid Value: 40.4ee362f4-0ed4-4c00-93c4-d8274556734b
.sxp.smartclip.net/	1970-01-20 05:52:33	Name: psyn Value: 19214.40
.mathtag.com/	1970-01-20 05:52:33	Name: mt_mop Value: 4:1660158011\|21:1660158011\|10008:1660158011\|10004:1660158011\|10089:1660158011\|10009:1660158011\|10010:1660158011\|39:1660158011\|10040:1660158011\|13:1660158011\|10017:1660158011\|10031:1660158011\|10074:1660158011\|50:1660158011\|26:1660158011\|9:1660158011\|15:1660158011\|44:1660158011\|10092:1660158011\|10041:1660158011\|10072:1660158011\|3:1660158011\|17:1660158011\|30:1660158011\|5:1660158011\|276:1660158011\|46:1660158011
.agkn.com/	1970-01-20 13:54:57	Name: ab Value: 0001%3AmjZgl%2FZD7ccmvvjKMax2F6XxXxP%2BVec9
.id5-sync.com/	1970-01-20 05:09:22	Name: cf Value:
.id5-sync.com/	1970-01-20 05:09:22	Name: cip Value:
.id5-sync.com/	1970-01-20 05:09:22	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:09:22	Name: car Value:
.id5-sync.com/	1970-01-20 05:09:22	Name: gdpr Value:
.id5-sync.com/	1970-01-20 05:09:22	Name: callback Value:
.crwdcntrl.net/	1970-01-20 11:38:09	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 11:38:09	Name: _cc_id Value: 19e56a730ac8ff6feab3d6c3cd58bb29
.demdex.net/	1970-01-20 09:28:33	Name: demdex Value: 04788982588695047783807945299277002306
.dpm.demdex.net/	1970-01-20 09:28:33	Name: dpm Value: 04788982588695047783807945299277002306
.agkn.com/	1970-01-20 13:54:57	Name: u Value: C\|0AAAAAAAAKobLWAAAAAAA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wetransfer.com/consent/purposes-DE.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://wetransfer.com/consent/purposes-DE.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/361087.gif?partner_uid=4ee362f4-0ed4-4c00-93c4-d8274556734b Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad.360yield.com
ad.sxp.smartclip.net
ads.stickyadstv.com
api.amplitude.com
api.lab.amplitude.com
app.launchdarkly.com
auth-session-caching.wetransfer.net
beacon.krxd.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
d.agkn.com
dpm.demdex.net
dsum-sec.casalemedia.com
eu-u.openx.net
events.launchdarkly.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
loadm.exelator.com
mwzeom.zeotap.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
prod-cdn.wetransfer.net
public.profitwell.com
rtb-csync.smartadserver.com
se.semasio.net
snowplow.wetransfer.com
stags.bluekai.com
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
t.visx.net
uip.semasio.net
ups.analytics.yahoo.com
usermatch.krxd.net
wetransfer.com
wetransfer.org
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
103.229.206.240
104.18.18.126
104.96.159.57
108.128.146.55
108.138.7.88
141.95.98.64
142.250.185.194
151.101.194.217
151.101.66.132
18.156.0.31
18.198.69.109
18.66.15.13
184.51.9.44
185.64.190.80
185.86.137.132
185.89.211.116
185.94.180.126
2.23.97.19
216.52.2.39
2606:4700:10::ac43:db6
2606:4700::6811:180e
2a00:1450:4001:809::200e
2a00:1450:4001:82b::2008
3.122.47.104
3.248.52.119
3.64.108.197
34.224.201.190
34.242.86.125
34.98.64.218
35.186.194.101
35.210.91.196
35.227.248.159
35.244.174.68
52.17.103.74
52.222.236.84
52.33.249.191
52.49.70.141
52.57.41.188
52.57.93.199
54.216.202.57
54.229.124.21
54.86.103.61
69.173.144.139
77.243.60.138
054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1aa998eeed2d7828191665d579c29311ef87f9bea7d194a24b08b14cde6ff92a
1d6dfd9254f4378bb52307b4ef598f9e21056a9cdb0b8e8dbb611b1579960164
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
507b2bfcff0d119933b122c3e234937edc43abfaa8da81122256008c5e138ca1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e5b7a820cb6cbeed20fff76ecfb4d19bc80108bad263189fd0f84e17062046d
67836b0db963caed2064f4829efcc4d0d73369dbe4a71f4cdfc85c04835744a5
688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad
688e5acfb324a7c61f46fbf0038f59bd5f36992cc4e46a428301f0737abb11c6
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6d9055a09f2a51cacae99e47206cbb1b14950254ed9b51230670cbbc1e136c9c
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
858b8a6408a3c9a457c831ce91d3dcc273e12ae41991523890f87e58ce4fc5f1
87d010a97b50d334d21137b271946bea17ccff6033cebff691712881c41ebd0e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
9c2792e11229c896a53b921fcdcb6ab67ccdbb727d7986bf44fbae28d4f7b648
9d6afc3fcb3d3a915def5495bc9d39311e334b79ebfbd7388fbb942352d432a0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbcdcb3c106b1df68521e489bcb46feedf49f52bb816c5f1f3f0cfd62c20b4f0
c0edb81e5fea502efa7b013401798cc0200860c5d55cae169dc50489345c9a87
cfcde69c520d4f6429ceaf8e2d86fa2bdc4f6d3f8b64552e45d321c5661c31c4
d18bcef4fc2611e20b985560b488c1bce6512de094b845ce8ef2b39caf854519
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e60cd281221d7942f314410b958ff278445959c4d47a55211ae75468cdd3ac81
ed7f5306f76eab6732f17ea5bbe2bba1366ec5973eb8fab4be9ab3723c765509
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef24f05afadc6e2a064984383a77cf7562cf8d3de960a574f524b3e0d4031bd0
f68aa884e711f65abccf4404e2e6b6c25d0e2de365cda85c8a74bcb09db6a20f
f95dc7465b90788f8d5cb452b298bb4e6639cec58821888da9be25f353035a8c

wetransfer.com Open in urlscan Pro 108.128.146.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

78 %HTTPS

9 %IPv6

37 Domains

45 Subdomains

39 IPs

11 Countries

1958 kBTransfer

5012 kBSize

59 Cookies

2 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wetransfer.com Open in urlscan Pro
108.128.146.55 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

78 %
HTTPS

9 %
IPv6

37
Domains

45
Subdomains

39
IPs

11
Countries

1958 kB
Transfer

5012 kB
Size

59
Cookies

79 HTTP transactions
0 data transactions