wetransfer.com
Open in
urlscan Pro
34.250.122.178
Public Scan
Submitted URL: https://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2F745d85571b8399fbb84412914936706620220613190849%2...
Effective URL: https://wetransfer.com/downloads/745d85571b8399fbb84412914936706620220613190849/94e9e259f5128198a400564b1deee6a32022061...
Submission: On June 14 via manual from US — Scanned from US
Effective URL: https://wetransfer.com/downloads/745d85571b8399fbb84412914936706620220613190849/94e9e259f5128198a400564b1deee6a32022061...
Submission: On June 14 via manual from US — Scanned from US
Summary
This website contacted 53 IPs
in 5 countries
across 43 domains to perform 142 HTTP transactions.
The main IP is 34.250.122.178, located in
Dublin, Ireland and
belongs to AMAZON-02, US.
The main domain is wetransfer.com.
The Cisco Umbrella rank of the primary domain is 15458.
TLS certificate: Issued by Amazon on August 6th 2021. Valid for: a year.
This is the only time wetransfer.com was scanned on urlscan.io!
TLS certificate: Issued by Amazon on August 6th 2021. Valid for: a year.
This is the only time wetransfer.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
23.103.209.28
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| usg02.safelinks.protection.office365.us |
3
34.250.122.178
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-122-178.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-122-178.eu-west-1.compute.amazonaws.com
| wetransfer.com |
18
13.225.63.92
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-92.ewr53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-92.ewr53.r.cloudfront.net
| prod-cdn.wetransfer.net |
2
2607:f8b0:4006:80e::2008
(Mullica Hill, United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
11
2620:1ec:c11::200
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| bat.bing.com | |
| c.bing.com |
3
2a03:2880:f012:8:face:b00c:0:1
(Secaucus, United States)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
1
54.230.163.127
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-127.ewr53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-127.ewr53.r.cloudfront.net
| public.profitwell.com |
3
142.250.80.98
(United States)
ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
| www.googleadservices.com | |
| cm.g.doubleclick.net |
2
52.12.72.198
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-72-198.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-72-198.us-west-2.compute.amazonaws.com
| a.ad.gt |
1
2607:f8b0:4006:80f::2002
(Mullica Hill, United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
6
2607:f8b0:4006:81f::200e
(Mullica Hill, United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
54.231.171.9
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
| redditstatic.s3.amazonaws.com |
4
23.216.132.67
(Piscataway, United States)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-132-67.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-132-67.deploy.static.akamaitechnologies.com
| analytics.tiktok.com |
4
2a03:2880:f112:83:face:b00c:0:25de
(Secaucus, United States)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
4
2620:1ec:21::14
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| px.ads.linkedin.com | |
| www.linkedin.com |
2
54.154.92.83
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-92-83.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-92-83.eu-west-1.compute.amazonaws.com
| auth-session-caching.wetransfer.net |
1
44.239.82.163
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-82-163.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-82-163.us-west-2.compute.amazonaws.com
| id.halo.ad.gt |
1
34.211.155.203
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-155-203.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-155-203.us-west-2.compute.amazonaws.com
| p.ad.gt |
2
68.67.160.134
(Brooklyn, United States)
ASN29990 (ASN-APPNEX, US)
PTR: 670.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 670.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
| secure.adnxs.com |
8
44.224.79.192
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-79-192.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-79-192.us-west-2.compute.amazonaws.com
| ids.ad.gt |
1
15.197.193.217
(United States)
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
| match.adsrvr.org |
2
54.88.154.11
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-154-11.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-154-11.compute-1.amazonaws.com
| ad.360yield.com |
2
52.40.109.212
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-109-212.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-109-212.us-west-2.compute.amazonaws.com
| dpm.demdex.net |
2
20.120.124.64
(Tappahannock, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| m.clarity.ms |
1
44.238.81.176
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-81-176.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-81-176.us-west-2.compute.amazonaws.com
| pixels.ad.gt |
4
99.81.213.128
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-213-128.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-213-128.eu-west-1.compute.amazonaws.com
| snowplow.wetransfer.com |
1
13.226.39.69
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-69.ewr53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-69.ewr53.r.cloudfront.net
| static.fbot.me |
5
3.223.156.232
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-156-232.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-156-232.compute-1.amazonaws.com
| e-10220.adzerk.net |
1
13.225.63.24
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-24.ewr53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-24.ewr53.r.cloudfront.net
| campaign.fbot.me |
2
52.23.26.103
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-26-103.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-26-103.compute-1.amazonaws.com
| public.fbot.me |
5
13.225.214.44
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-44.ewr50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-44.ewr50.r.cloudfront.net
| backgrounds.wetransfer.net |
2
54.175.135.218
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-135-218.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-135-218.compute-1.amazonaws.com
| pixel.adsafeprotected.com |
3
2600:9000:21dd:ea00:8:48e:53c0:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| static.adsafeprotected.com |
1
2600:9000:21da:5000:1e:a43d:b640:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| secure-gl.imrworldwide.com |
1
54.85.64.84
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-64-84.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-64-84.compute-1.amazonaws.com
| z4a57uy5x7mxrqaplzlka0o2p9cov1655218694.darnuid.imrworldwide.com |
1
34.199.105.77
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-105-77.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-105-77.compute-1.amazonaws.com
| bs.serving-sys.com |
9
184.29.129.187
(Edison, United States)
ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-187.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-187.deploy.static.akamaitechnologies.com
| z.moatads.com | |
| px.moatads.com |
9
2600:1f13:800:7782:859c:b9f:89d9:fa61
(Boardman, United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| dt.adsafeprotected.com |
1
52.2.233.34
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-233-34.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-233-34.compute-1.amazonaws.com
| resources.xg4ken.com |
2
54.85.21.47
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-21-47.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-21-47.compute-1.amazonaws.com
| events.launchdarkly.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 25 |
wetransfer.net
prod-cdn.wetransfer.net — Cisco Umbrella Rank: 22389 auth-session-caching.wetransfer.net — Cisco Umbrella Rank: 29795 backgrounds.wetransfer.net — Cisco Umbrella Rank: 20626 |
1 MB |
| 14 |
adsafeprotected.com
1 redirects
pixel.adsafeprotected.com — Cisco Umbrella Rank: 548 static.adsafeprotected.com — Cisco Umbrella Rank: 532 dt.adsafeprotected.com — Cisco Umbrella Rank: 475 |
97 KB |
| 13 |
ad.gt
1 redirects
a.ad.gt — Cisco Umbrella Rank: 4754 id.halo.ad.gt — Cisco Umbrella Rank: 4957 p.ad.gt — Cisco Umbrella Rank: 5451 ids.ad.gt — Cisco Umbrella Rank: 4820 pixels.ad.gt — Cisco Umbrella Rank: 5797 |
33 KB |
| 11 |
bing.com
1 redirects
bat.bing.com — Cisco Umbrella Rank: 389 c.bing.com — Cisco Umbrella Rank: 229 |
25 KB |
| 9 |
moatads.com
z.moatads.com — Cisco Umbrella Rank: 413 px.moatads.com — Cisco Umbrella Rank: 408 |
105 KB |
| 7 |
wetransfer.com
wetransfer.com — Cisco Umbrella Rank: 15458 snowplow.wetransfer.com — Cisco Umbrella Rank: 20615 |
11 KB |
| 6 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 595 m.clarity.ms — Cisco Umbrella Rank: 5769 c.clarity.ms — Cisco Umbrella Rank: 1161 |
27 KB |
| 6 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60 |
22 KB |
| 5 |
adzerk.net
e-10220.adzerk.net — Cisco Umbrella Rank: 23073 |
6 KB |
| 5 |
linkedin.com
5 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 370 www.linkedin.com — Cisco Umbrella Rank: 527 px4.ads.linkedin.com — Cisco Umbrella Rank: 5965 |
4 KB |
| 4 |
fbot.me
static.fbot.me — Cisco Umbrella Rank: 22100 campaign.fbot.me — Cisco Umbrella Rank: 22218 public.fbot.me — Cisco Umbrella Rank: 29697 |
356 KB |
| 4 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 91 |
676 B |
| 4 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1066 |
70 KB |
| 4 |
criteo.com
1 redirects
dynamic.criteo.com — Cisco Umbrella Rank: 4438 gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2507 |
8 KB |
| 4 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 125 cm.g.doubleclick.net — Cisco Umbrella Rank: 217 |
3 KB |
| 4 |
launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 1874 events.launchdarkly.com — Cisco Umbrella Rank: 1385 |
524 B |
| 3 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158 |
194 KB |
| 2 |
imrworldwide.com
1 redirects
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1278 z4a57uy5x7mxrqaplzlka0o2p9cov1655218694.darnuid.imrworldwide.com |
926 B |
| 2 |
demdex.net
2 redirects
dpm.demdex.net — Cisco Umbrella Rank: 212 |
2 KB |
| 2 |
360yield.com
2 redirects
ad.360yield.com — Cisco Umbrella Rank: 651 |
686 B |
| 2 |
smartadserver.com
1 redirects
sync.smartadserver.com — Cisco Umbrella Rank: 1545 |
633 B |
| 2 |
pubmatic.com
2 redirects
image2.pubmatic.com — Cisco Umbrella Rank: 1024 |
625 B |
| 2 |
adnxs.com
2 redirects
secure.adnxs.com — Cisco Umbrella Rank: 435 |
2 KB |
| 2 |
adsymptotic.com
1 redirects
p.adsymptotic.com — Cisco Umbrella Rank: 561 |
540 B |
| 2 |
google.com
www.google.com — Cisco Umbrella Rank: 9 |
611 B |
| 2 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 953 |
7 KB |
| 2 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 554 |
574 B |
| 2 |
t.co
t.co — Cisco Umbrella Rank: 466 |
413 B |
| 2 |
ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 681 |
27 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96 |
145 KB |
| 1 |
xg4ken.com
resources.xg4ken.com — Cisco Umbrella Rank: 5078 |
4 KB |
| 1 |
serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1172 |
648 B |
| 1 |
reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1614 |
157 B |
| 1 |
rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 762 |
214 B |
| 1 |
contextweb.com
1 redirects
bh.contextweb.com — Cisco Umbrella Rank: 612 |
556 B |
| 1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384 |
265 B |
| 1 |
criteo.net
static.criteo.net — Cisco Umbrella Rank: 605 |
14 KB |
| 1 |
amazonaws.com
redditstatic.s3.amazonaws.com — Cisco Umbrella Rank: 3431 |
8 KB |
| 1 |
redditstatic.com
1 redirects
www.redditstatic.com — Cisco Umbrella Rank: 1422 |
168 B |
| 1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133 |
15 KB |
| 1 |
profitwell.com
public.profitwell.com — Cisco Umbrella Rank: 9632 |
9 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 246 |
24 KB |
| 1 |
office365.us
1 redirects
usg02.safelinks.protection.office365.us — Cisco Umbrella Rank: 88180 |
706 B |
| 142 | 43 |
| Domain | Requested by | |
|---|---|---|
| 18 | prod-cdn.wetransfer.net |
wetransfer.com
prod-cdn.wetransfer.net backgrounds.wetransfer.net |
| 10 | bat.bing.com |
prod-cdn.wetransfer.net
bat.bing.com wetransfer.com |
| 9 | dt.adsafeprotected.com |
wetransfer.com
|
| 8 | px.moatads.com |
wetransfer.com
|
| 8 | ids.ad.gt |
1 redirects
wetransfer.com
|
| 6 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 5 | backgrounds.wetransfer.net |
prod-cdn.wetransfer.net
backgrounds.wetransfer.net |
| 5 | e-10220.adzerk.net |
prod-cdn.wetransfer.net
wetransfer.com |
| 4 | snowplow.wetransfer.com |
prod-cdn.wetransfer.net
|
| 4 | www.facebook.com |
wetransfer.com
|
| 4 | analytics.tiktok.com |
wetransfer.com
analytics.tiktok.com |
| 3 | static.adsafeprotected.com |
pixel.adsafeprotected.com
wetransfer.com backgrounds.wetransfer.net |
| 3 | px.ads.linkedin.com | 3 redirects |
| 3 | connect.facebook.net |
prod-cdn.wetransfer.net
connect.facebook.net |
| 3 | wetransfer.com |
prod-cdn.wetransfer.net
|
| 2 | events.launchdarkly.com |
prod-cdn.wetransfer.net
|
| 2 | c.clarity.ms | 1 redirects |
| 2 | pixel.adsafeprotected.com |
1 redirects
backgrounds.wetransfer.net
|
| 2 | public.fbot.me |
prod-cdn.wetransfer.net
|
| 2 | gum.criteo.com |
1 redirects
static.criteo.net
|
| 2 | m.clarity.ms |
www.clarity.ms
prod-cdn.wetransfer.net |
| 2 | dpm.demdex.net | 2 redirects |
| 2 | ad.360yield.com | 2 redirects |
| 2 | sync.smartadserver.com |
1 redirects
wetransfer.com
|
| 2 | cm.g.doubleclick.net |
1 redirects
wetransfer.com
|
| 2 | image2.pubmatic.com | 2 redirects |
| 2 | secure.adnxs.com | 2 redirects |
| 2 | www.clarity.ms |
bat.bing.com
|
| 2 | auth-session-caching.wetransfer.net |
prod-cdn.wetransfer.net
|
| 2 | p.adsymptotic.com |
1 redirects
wetransfer.com
|
| 2 | www.google.com |
wetransfer.com
|
| 2 | snap.licdn.com |
www.googletagmanager.com
|
| 2 | analytics.twitter.com |
wetransfer.com
|
| 2 | t.co |
wetransfer.com
|
| 2 | a.ad.gt |
wetransfer.com
p.ad.gt |
| 2 | static.ads-twitter.com |
www.googletagmanager.com
|
| 2 | app.launchdarkly.com |
prod-cdn.wetransfer.net
|
| 2 | www.googletagmanager.com |
wetransfer.com
www.googletagmanager.com |
| 1 | resources.xg4ken.com |
wetransfer.com
|
| 1 | c.bing.com | 1 redirects |
| 1 | z.moatads.com |
prod-cdn.wetransfer.net
|
| 1 | bs.serving-sys.com |
wetransfer.com
|
| 1 | z4a57uy5x7mxrqaplzlka0o2p9cov1655218694.darnuid.imrworldwide.com |
wetransfer.com
|
| 1 | secure-gl.imrworldwide.com | 1 redirects |
| 1 | campaign.fbot.me |
prod-cdn.wetransfer.net
|
| 1 | mug.criteo.com |
wetransfer.com
|
| 1 | static.fbot.me |
prod-cdn.wetransfer.net
|
| 1 | pixels.ad.gt |
p.ad.gt
|
| 1 | alb.reddit.com |
wetransfer.com
|
| 1 | token.rubiconproject.com |
wetransfer.com
|
| 1 | bh.contextweb.com | 1 redirects |
| 1 | match.adsrvr.org |
wetransfer.com
|
| 1 | p.ad.gt |
a.ad.gt
|
| 1 | id.halo.ad.gt |
a.ad.gt
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | static.criteo.net |
dynamic.criteo.com
|
| 1 | px4.ads.linkedin.com | 1 redirects |
| 1 | www.linkedin.com | 1 redirects |
| 1 | dynamic.criteo.com |
www.googletagmanager.com
|
| 1 | redditstatic.s3.amazonaws.com |
wetransfer.com
|
| 1 | www.redditstatic.com | 1 redirects |
| 1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 1 | www.googleadservices.com |
www.googletagmanager.com
|
| 1 | public.profitwell.com |
wetransfer.com
|
| 1 | cdnjs.cloudflare.com |
wetransfer.com
|
| 1 | usg02.safelinks.protection.office365.us | 1 redirects |
| 142 | 66 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| wetransfer.zendesk.com |
| about.wetransfer.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| wetransfer.com Amazon |
2021-08-06 - 2022-09-04 |
a year | crt.sh |
| wetransfer.net Amazon |
2022-06-13 - 2023-07-12 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
| app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-12-24 - 2023-01-25 |
a year | crt.sh |
| www.bing.com Microsoft RSA TLS CA 01 |
2022-06-10 - 2022-12-10 |
6 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-03-23 - 2022-06-21 |
3 months | crt.sh |
| *.profitwell.com Amazon |
2021-08-02 - 2022-08-31 |
a year | crt.sh |
| www.googleadservices.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
| ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-21 - 2022-07-26 |
a year | crt.sh |
| *.ad.gt Amazon |
2022-05-10 - 2023-06-08 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
| t.co DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-22 - 2023-02-22 |
a year | crt.sh |
| *.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-22 - 2023-02-22 |
a year | crt.sh |
| snap.licdn.com DigiCert SHA2 Secure Server CA |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
| *.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-11 - 2022-07-07 |
3 months | crt.sh |
| *.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-12-13 - 2023-01-13 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
| *.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-11 - 2022-07-13 |
3 months | crt.sh |
| www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-27 - 2023-02-27 |
a year | crt.sh |
| halo.ad.gt Amazon |
2022-04-04 - 2023-05-03 |
a year | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
| *.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-04-04 |
a year | crt.sh |
| *.reddit.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-17 - 2022-08-16 |
6 months | crt.sh |
| *.google.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
| a.clarity.ms Microsoft Azure TLS Issuing CA 02 |
2022-06-07 - 2023-06-02 |
a year | crt.sh |
| snowplow.wetransfer.com Amazon |
2022-03-19 - 2023-04-17 |
a year | crt.sh |
| *.fbot.me Amazon |
2022-05-29 - 2023-06-27 |
a year | crt.sh |
| *.adzerk.net Amazon |
2021-12-06 - 2023-01-02 |
a year | crt.sh |
| fw.adsafeprotected.com Amazon |
2022-04-28 - 2023-05-27 |
a year | crt.sh |
| static.adsafeprotected.com Amazon |
2021-09-05 - 2022-10-04 |
a year | crt.sh |
| bs.serving-sys.com Amazon |
2022-04-20 - 2023-05-19 |
a year | crt.sh |
| moatads.com DigiCert SHA2 Secure Server CA |
2021-11-27 - 2022-11-29 |
a year | crt.sh |
| dt.adsafeprotected.com Amazon |
2021-11-19 - 2022-12-18 |
a year | crt.sh |
| *.xg4ken.com Go Daddy Secure Certificate Authority - G2 |
2021-09-17 - 2022-10-19 |
a year | crt.sh |
| events.launchdarkly.com Amazon |
2021-09-19 - 2022-10-17 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://wetransfer.com/downloads/745d85571b8399fbb84412914936706620220613190849/94e9e259f5128198a400564b1deee6a320220613190849/c5d947
Frame ID: 2787E2C4452BEAB1A5509FA19ECB21F2
Requests: 104 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=wetransfer.com&origin=onetag&gdpr=1&gdpr_consent=CPajhsAPajhsAPnACAENAxCAAEIAEEJAEAABGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZqAAAAA.JGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZq
Frame ID: 6B5497ABD8ABB1081AFC5C2FF9D5ADCD
Requests: 2 HTTP requests in this frame
Frame:
https://backgrounds.wetransfer.net/creator/chanel/2205-mda/ctp/2_XAQtbn/us-b/index.html?cacheId=lydkga_0_229726917&_origin=https://wetransfer.com
Frame ID: D921604151BC14770FB182C8DCFE9287
Requests: 28 HTTP requests in this frame
Frame:
https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: FDABB014DA0FF333CC3B26D8B28585B9
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
WeTransfer - Send Large Files & Share Photos Online - Up to 2GB FreePage URL History Show full URLs
-
https://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2F745d85571b8399fbb84412914936...
HTTP 302
https://wetransfer.com/downloads/745d85571b8399fbb84412914936706620220613190849/94e9e259f5128198a40... Page URL
Detected technologies
Criteo
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //static\.criteo\.net/js/ld/ld\.js
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
Linkedin Insight Tag
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Moat
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- moatads\.com
Profitwell
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- public\.profitwell\.com/js/profitwell\.js
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Sizmek
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:<a [^>]*href="[^/]*//[^/]*serving-sys\.com/|<img [^>]*src="[^/]*//[^/]*serving-sys\.com/)
- serving-sys\.com/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://wetransfer.zendesk.com/
Title: help center
Title: help center
Search URL Search Domain Scan URL
URL: https://about.wetransfer.com/
Title: Company
Title: Company
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2F745d85571b8399fbb84412914936706620220613190849%2F94e9e259f5128198a400564b1deee6a320220613190849%2Fc5d947&data=05%7C01%7CRNPAIGE%40fbi.gov%7C23a85460ec0d488bb26f08da4d7063ea%7C022914a9b95f4b7bbace551ce1a04071%7C0%7C0%7C637907444391540191%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000%7C%7C%7C&sdata=RNU308yYidP2reSwSQD2RO2WPe3DRzBmJd9htetyBL4%3D&reserved=0]
HTTP 302
https://wetransfer.com/downloads/745d85571b8399fbb84412914936706620220613190849/94e9e259f5128198a400564b1deee6a320220613190849/c5d947 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://www.redditstatic.com/ads/pixel.js HTTP 302
- https://redditstatic.s3.amazonaws.com/ads/pixel.js
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1207732&time=1655218693397&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2F745d85571b8399fbb84412914936706620220613190849%2F94e9e259f5128198a400564b1deee6a320220613190849%2Fc5d947 HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1207732&time=1655218693397&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2F745d85571b8399fbb84412914936706620220613190849%2F94e9e259f5128198a400564b1deee6a320220613190849%2Fc5d947&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1207732%26time%3D1655218693397%26url%3Dhttps%253A%252F%252Fwetransfer.com%252Fdownloads%252F745d85571b8399fbb84412914936706620220613190849%252F94e9e259f5128198a400564b1deee6a320220613190849%252Fc5d947%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1207732&time=1655218693397&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2F745d85571b8399fbb84412914936706620220613190849%2F94e9e259f5128198a400564b1deee6a320220613190849%2Fc5d947&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1207732&time=1655218693397&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2F745d85571b8399fbb84412914936706620220613190849%2F94e9e259f5128198a400564b1deee6a320220613190849%2Fc5d947&cookiesTest=true&liSync=true&e_ipv6=AQLqn2WOK16sbAAAAYFiuOYMmy1gX2kqbRTeWYybIuTSmZbj-bbWlLMXE2O-t2W-HmxEruIn70QF3O96ldWR0Bf0DQ7ozA HTTP 302
- https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3a8a44b8-edd1-4598-995c-4ece63ff15bf HTTP 302
- https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3a8a44b8-edd1-4598-995c-4ece63ff15bf&_expected_cookie=cd8f274cddf1933f0f2e07e445b8002a
- https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001655218693-APCJ69H5-XJ78&adnxs_id=$UID HTTP 307
- https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001655218693-APCJ69H5-XJ78%26adnxs_id%3D%24UID HTTP 302
- https://ids.ad.gt/api/v1/match?id=AU1D-0100-001655218693-APCJ69H5-XJ78&adnxs_id=437022742072708735
- https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001655218693-APCJ69H5-XJ78 HTTP 302
- https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001655218693-APCJ69H5-XJ78 HTTP 302
- https://ids.ad.gt/api/v1/pbm_match?pbm=344FCF63-771A-4599-8802-EAE749E60527&id=AU1D-0100-001655218693-APCJ69H5-XJ78
- https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001655218693-APCJ69H5-XJ78 HTTP 302
- https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001655218693-APCJ69H5-XJ78&google_gid=CAESEBmCmraRi2I0vqyPvxoRi4s&google_cver=1&google_ula=450542624,0
- https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001655218693-APCJ69H5-XJ78 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1NTIxODY5My1BUENKNjlINS1YSjc4
- https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001655218693-APCJ69H5-XJ78 HTTP 302
- https://ids.ad.gt/api/v1/ppnt_match?uid=ICU4A50xXWFp&ev=1&pid=562316&id=AU1D-0100-001655218693-APCJ69H5-XJ78
- https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001655218693-APCJ69H5-XJ78%26sas_uid%3D%5bsas_uid%5d&gdpr=1&gdpr_consent=CPajhsAPajhsAPnACAENAxCAAEIAEEJAEAABGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZqAAAAA.JGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZq HTTP 302
- https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001655218693-APCJ69H5-XJ78&sas_uid=[sas_uid]&gdpr=1&gdpr_consent=CPajhsAPajhsAPnACAENAxCAAEIAEEJAEAABGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZqAAAAA.JGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZq&cklb=1
- https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001655218693-APCJ69H5-XJ78%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
- https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001655218693-APCJ69H5-XJ78%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
- https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001655218693-APCJ69H5-XJ78&impr_uid=e2f51c37-0372-4d9a-9df9-ff428ba68014
- https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001655218693-APCJ69H5-XJ78&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001655218693-APCJ69H5-XJ78 HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001655218693-APCJ69H5-XJ78&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001655218693-APCJ69H5-XJ78 HTTP 302
- https://ids.ad.gt/api/v1/adb_match?adb=47727460432032738712128009413249476458&id=AU1D-0100-001655218693-APCJ69H5-XJ78
- https://gum.criteo.com/sid/json?origin=onetag&domain=wetransfer.com&sn=ChromeSyncframe&so=0&topUrl=wetransfer.com&cw=1&lsw=1&topicsavail=0 HTTP 302
- https://mug.criteo.com/sid?cpp=iYwobnxEdWVGZnhWWWhVVlBBR3l1K2xCZlNWRDEwR3RVNzloU2U4Yk9jdVNZb2VKSWhORjRBVGp1aldQK0RObTRyckxEMG9vR2ZlMWJaWWR3OVBuVHdWMUZnQjlMNFM0Q2QyTU1HcTlHSGpvOU41b3drNE5hakZZdUxac0tkRDZldmR4NXlycHExczBoTnlYdTVkNzVtQTdvMWljNERRdXFIU2NFNmZ6S2YvQWVYcVkyZkNZYTJIaWFBSGxpOXl1QnlpN3h4SzFqUTJjUE1DUkNwZVBLL2doc1pQNVdmUU1vSlpqL205Q00zN1NuUitTSktRNW5ia2lIRGZ6RXZOWVY1TFN3NkdnUlRtWkVjTGVSMjUzUXJXMUxaZz09fA&cppv=2
- https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn336253&cr=1087362085&ce=wetransfer&pc=1078054565&ci=nlsnci190&am=3&at=view&rt=banner&st=image&r=1655218694205 HTTP 302
- https://z4a57uy5x7mxrqaplzlka0o2p9cov1655218694.darnuid.imrworldwide.com/dar?url=
- https://pixel.adsafeprotected.com/rfw/st/1063569/63612266/skeleton.js?adsafe_url=https%3A%2F%2Fwetransfer.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fbackgrounds.wetransfer.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fchanel%2F2205-mda%2Fctp%2F2_XAQtbn%2Fus-b%2Findex.html%3FcacheId%3Dlydkga_0_229726917%26_origin%3Dhttps%3A%2F%2Fwetransfer.com&adsafe_type=d&adsafe_jsinfo=,id:1d6c34cf-993a-0dac-8b03-d5ce61881107,c:fwAkHI,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-cf4f965df-wflzp,rg:va,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:106,fm:t8KcXrA+11%7C12%7C13%7C14%7C15%7C16*.1063569-63612266,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:141,oid:6a94c389-ebf2-11ec-8950-720ae8c0dec0,v:19.8.319,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
- https://static.adsafeprotected.com/skeleton.js
- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F2C03C9B88964BC5A852B369D5F5AA4A&RedC=c.clarity.ms&MXFR=3D9DBD87F42D60E725F5AC44F02D6E0B HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F2C03C9B88964BC5A852B369D5F5AA4A&MUID=38D8AA9037146BFC216EBB53360D6A46
142 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
c5d947
wetransfer.com/downloads/745d85571b8399fbb84412914936706620220613190849/94e9e259f5128198a400564b1deee6a320220613190849/ Redirect Chain
|
31 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runtime~application-444df2a691a890316a7e.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application-1010b83f57bf25ba26e6.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
943 KB 243 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendor-81239c5c0be9af7273b2.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
2 MB 630 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ActiefGrotesque_W_Regular-1f437876.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ |
30 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ActiefGrotesque_W_Medium-293e86f0.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ |
31 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GT-Super-WT-Super-1b214df1.woff
prod-cdn.wetransfer.net/packs/media/gt-super-wt/ |
42 KB 43 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application-a370aeb8.chunk.css
prod-cdn.wetransfer.net/packs/css/ |
418 KB 57 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en-95cf094f889bad6da50b.es6.js
prod-cdn.wetransfer.net/packs/esm/runtime~locale/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en-faf5e9aa1321d9e959e3.es6.js
prod-cdn.wetransfer.net/packs/esm/locale/ |
172 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adtrack-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
prod-cdn.wetransfer.net/assets/ |
349 B 707 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sp.js
cdnjs.cloudflare.com/ajax/libs/snowplow/2.17.3/ |
77 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
199 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ |
2 B 180 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
71-2ff63878306f2c4473fc.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
397 B 754 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
100 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FreightSans-Pro-Medium-1243d73c.woff
prod-cdn.wetransfer.net/packs/media/freightsans/ |
54 KB 55 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FreightSans-Pro-Semibold-b548f89b.woff
prod-cdn.wetransfer.net/packs/media/freightsans/ |
58 KB 59 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GT-Super-WT-Regular-4aad923e.woff
prod-cdn.wetransfer.net/packs/media/gt-super-wt/ |
43 KB 43 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
profitwell.js
public.profitwell.com/js/ |
35 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
graphql
wetransfer.com/api/ |
791 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uwt.js
static.ads-twitter.com/ |
49 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
289 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
367
a.ad.gt/api/v1/u/matches/ |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
17116643.js
bat.bing.com/p/action/ |
0 120 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 177 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1904796869803472
connect.facebook.net/signals/config/ |
290 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
t.co/i/ |
43 B 336 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
analytics.twitter.com/i/ |
43 B 355 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pixel.js
redditstatic.s3.amazonaws.com/ads/ Redirect Chain
|
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ld.js
dynamic.criteo.com/js/ld/ |
523 B 644 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
125 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
oct.js
static.ads-twitter.com/ |
49 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
56335302.js
bat.bing.com/p/action/ |
219 B 478 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 122 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/778938880/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
p.adsymptotic.com/d/px/ Redirect Chain
|
43 B 142 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login-status
auth-session-caching.wetransfer.net/v1/ |
23 B 436 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ld.js
static.criteo.net/js/ld/ |
42 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
login-status
auth-session-caching.wetransfer.net/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
t.co/i/ |
43 B 77 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
analytics.twitter.com/i/ |
43 B 219 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
56335302
www.clarity.ms/tag/uet/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
2 B 439 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
367
id.halo.ad.gt/api/v1/partner/ |
52 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
367
p.ad.gt/api/v1/p/ |
31 KB 10 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 473 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic
match.adsrvr.org/track/cmf/ |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pbm_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 470 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 470 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ppnt_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 381 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
getuid
sync.smartadserver.com/ Redirect Chain
|
0 75 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
token
token.rubiconproject.com/ |
0 214 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
impr_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 379 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adb_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 376 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rp.gif
alb.reddit.com/ |
42 B 157 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
identify.js
analytics.tiktok.com/i18n/pixel/ |
114 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config.js
analytics.tiktok.com/i18n/pixel/ |
882 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clarity.js
m.clarity.ms/s/0.6.34/ |
53 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 720 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
halo_match
ids.ad.gt/api/v1/ |
43 B 473 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
syncframe
gum.criteo.com/ Frame 6B54 |
14 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
a.ad.gt/api/v1/ |
0 102 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
getpixels
pixels.ad.gt/api/v1/ |
0 52 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1853083501571805
connect.facebook.net/signals/config/ |
291 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ecommerce.js
www.google-analytics.com/plugins/ua/ |
1 KB 763 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tiers
wetransfer.com/api/v4/nu_subscriptions/ |
5 KB 961 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
friendbuy.js
static.fbot.me/ |
336 KB 336 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wallpaper-37af2cf4.chunk.css
prod-cdn.wetransfer.net/packs/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wallpaper-73227d41331aa3fa432e.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ |
2 B 329 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sid
mug.criteo.com/ Frame 6B54 Redirect Chain
|
428 B 634 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core-shape-d22f0e47.svg
prod-cdn.wetransfer.net/packs/media/transfer_window/ |
485 B 837 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
v2
e-10220.adzerk.net/api/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
v2
e-10220.adzerk.net/api/ |
17 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
campaigns.js
campaign.fbot.me/ea8fdecc-2af3-40b5-8c3c-5c939cb460b0/ |
184 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
xhr
public.fbot.me/events/ea8fdecc-2af3-40b5-8c3c-5c939cb460b0/profile/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
xhr
public.fbot.me/events/ea8fdecc-2af3-40b5-8c3c-5c939cb460b0/profile/ |
518 B 728 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
v2
e-10220.adzerk.net/api/ |
14 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
v2
e-10220.adzerk.net/api/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.html
backgrounds.wetransfer.net/creator/chanel/2205-mda/ctp/2_XAQtbn/us-b/ Frame D921 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wallpaper-api-v2.js
prod-cdn.wetransfer.net/packs/js/ Frame D921 |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundle.1a8760e61a6473310ad3.js
backgrounds.wetransfer.net/creator/chanel/2205-mda/ctp/2_XAQtbn/us-b/ Frame D921 |
206 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame D921 |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.fd3576881aba7ac9d526.png
backgrounds.wetransfer.net/creator/chanel/2205-mda/ctp/2_XAQtbn/ Frame D921 |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
skeleton.js
pixel.adsafeprotected.com/rjss/st/1063569/63612266/ Frame D921 |
46 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
background.5f9ae63556c1dc2c405d.jpg
backgrounds.wetransfer.net/creator/chanel/2205-mda/ctp/2_XAQtbn/ Frame D921 |
120 KB 121 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
44 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.gr.19.8.319.js
static.adsafeprotected.com/ Frame D921 |
192 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ |
2 B 328 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
i.gif
e-10220.adzerk.net/ |
43 B 665 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dar
z4a57uy5x7mxrqaplzlka0o2p9cov1655218694.darnuid.imrworldwide.com/ Redirect Chain
|
0 70 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adServer.bs
bs.serving-sys.com/Serving/ |
42 B 648 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
moatad.js
z.moatads.com/wetransferadzerk716769425458/ Frame D921 |
301 KB 103 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
creatives-cache-polyfill.js
backgrounds.wetransfer.net/polyfills/ Frame D921 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
skeleton.js
static.adsafeprotected.com/ Frame D921 Redirect Chain
|
17 B 466 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sca.17.5.12.js
static.adsafeprotected.com/ Frame FDAB |
80 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame D921 |
43 B 216 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame D921 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame D921 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
px.moatads.com/ Frame D921 |
43 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
px.moatads.com/ Frame D921 |
43 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 442 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
38 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ktag.js
resources.xg4ken.com/js/v2/ |
9 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
px.moatads.com/ Frame D921 |
43 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame D921 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
0
bat.bing.com/actionp/ |
0 121 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
56335302.js
bat.bing.com/p/action/ |
219 B 433 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 122 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
0
bat.bing.com/actionp/ |
0 122 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
56335302
www.clarity.ms/tag/uet/ |
1 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame D921 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
m.clarity.ms/ |
0 92 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame D921 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame D921 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
px.moatads.com/ Frame D921 |
43 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
px.moatads.com/ Frame D921 |
43 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
px.moatads.com/ Frame D921 |
43 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ |
0 344 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame D921 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame D921 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
px.moatads.com/ Frame D921 |
43 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
px.moatads.com/ Frame D921 |
43 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=95&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A127%3A127%3A296%3A54&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=76&cd=0&ah=76&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=1286133792&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=95&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A127%3A127%3A296%3A54&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=76&cd=0&ah=76&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=1286133792&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=265&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=0&ad=89&cn=0&gk=89&gl=0&ik=89&ic=89&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=76&cd=76&ah=76&am=76&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=758659993&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=265&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=0&ad=89&cn=0&gk=89&gl=0&ik=89&ic=89&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=76&cd=76&ah=76&am=76&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=758659993&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=1271&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=1&ad=1096&cn=89&gn=1&gk=1096&gl=89&ik=1096&ic=1096&ez=1&co=1096&cp=1061&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1061&cd=76&ah=1061&am=76&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=2113016514&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=1271&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=1&ad=1096&cn=89&gn=1&gk=1096&gl=89&ik=1096&ic=1096&ez=1&co=1096&cp=1061&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1061&cd=76&ah=1061&am=76&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=2113016514&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=1273&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=1&ad=1096&cn=1096&gn=1&gk=1096&gl=1096&ik=1096&ic=1096&ez=1&co=1096&cp=1061&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1061&cd=1061&ah=1061&am=1061&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=64791223&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=1273&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=1&ad=1096&cn=1096&gn=1&gk=1096&gl=1096&ik=1096&ic=1096&ez=1&co=1096&cp=1061&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1061&cd=1061&ah=1061&am=1061&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=64791223&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=1274&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=1&ad=1096&cn=1096&gn=1&gk=1096&gl=1096&ik=1096&ic=1096&ez=1&co=1096&cp=1061&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1061&cd=1061&ah=1061&am=1061&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=1156612310&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=1274&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=1&ad=1096&cn=1096&gn=1&gk=1096&gl=1096&ik=1096&ic=1096&ez=1&co=1096&cp=1061&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1061&cd=1061&ah=1061&am=1061&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=1156612310&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=5288&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=1&ad=5113&cn=1096&gn=1&gk=5113&gl=1096&ik=5113&ic=5113&ez=1&co=1096&cp=1061&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5078&cd=1061&ah=5078&am=1061&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=456905412&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=5288&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=1&ad=5113&cn=1096&gn=1&gk=5113&gl=1096&ik=5113&ic=5113&ez=1&co=1096&cp=1061&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5078&cd=1061&ah=5078&am=1061&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=456905412&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=5490&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=1&ad=5316&cn=5113&gn=1&gk=5316&gl=5113&ik=5316&ic=5316&ez=1&co=1096&cp=1061&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5278&cd=5078&ah=5278&am=5078&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=673359125&cs=0){kind=link}
%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CO%24%3D!!t%258%5Bh3M%3BIy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-1cQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2B55EaqlrhXAQNSUx2HEE4%3D&rs=1-hKV3bHpQg2TbHQ%3D%3D&sc=1&os=1-dQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=1200&w=1600&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1655218694675&de=435865512965&cu=1655218694675&m=5490&ar=bba88fd8b49-clean&iw=6900b3f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1200&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A127%3A127%3A296%3A54&aa=1&ad=5316&cn=5113&gn=1&gk=5316&gl=5113&ik=5316&ic=5316&ez=1&co=1096&cp=1061&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5278&cd=5078&ah=5278&am=5078&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=428758%3A76770886%3A229726917%3A238022312&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=198853&na=673359125&cs=0){kind=link}
Verdicts & Comments Add Verdict or Comment
103 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| webpackJsonp object| _i18n_ undefined| __session__ object| GlobalSnowplowNamespace function| __snowplow__ object| dataLayer undefined| __trackjs__ object| __recaptcha__ object| recaptchaOptions object| __launch_darkly__ object| __curated_wallpapers__ boolean| __ads_enabled__ string| asset_host boolean| modernBrowser undefined| polyfillScript object| __stripe__ boolean| __sus_bot__ object| __auth0_config__ string| accountAppUrl string| portalsUrl string| profitWellPublicAPIToken object| __wallpaper_bundle__ function| applyFocusVisiblePolyfill function| __tcfapi object| pbjs object| _pbjsGlobals object| DD_RUM function| Velocity object| uetq function| fbq function| _fbq function| onRecaptchaLoaded function| onRecaptchaCallback function| profitwell object| Snowplow object| google_tag_manager object| google_tag_data function| twq function| UET function| UET_init function| UET_push object| ueto_e0bb553d01 function| setImmediate function| clearImmediate function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| regeneratorRuntime object| twttr string| GoogleAnalyticsObject function| ga function| rdt string| _linkedin_data_partner_id string| TiktokAnalyticsObject object| ttq object| ueto_62e380cf4d function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData object| Criteo object| auvars object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| clarity boolean| __halo__loaded__ string| __sync__call__ object| au object| criteo_q function| docReady object| autag object| friendbuyAPI string| __fb_cmt__ function| ktag object| Ktag_Constants object| Ktag_Toggles object| Ktag_Amp_Helpers object| Ktag_Helpers object| Ktag_Functions function| setup object| ueto_c1fc4a3f3787 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| wetransfer.com/downloads/745d85571b8399fbb84412914936706620220613190849/94e9e259f5128198a400564b1deee6a320220613190849 | Name: __wtcm Value: CPajhsAPajhsAPnACAENAxCAAEIAEEJAEAABGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZqAAAAA.JGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZq |
|
| .wetransfer.com/downloads/745d85571b8399fbb84412914936706620220613190849/94e9e259f5128198a400564b1deee6a320220613190849 | Name: wt_privacy Value: %7B%22v%22%3A%223%3A20190527%22%2C%22f%22%3A1%2C%22a%22%3A1%2C%22t%22%3A1%7D |
|
| .wetransfer.com/downloads/745d85571b8399fbb84412914936706620220613190849/94e9e259f5128198a400564b1deee6a320220613190849 | Name: wt_first_visit Value: 1655218693066 |
|
| .wetransfer.com/downloads/745d85571b8399fbb84412914936706620220613190849/94e9e259f5128198a400564b1deee6a320220613190849 | Name: __wtccpa Value: 1YYY |
|
| bs.serving-sys.com/Serving | Name: S_1078054565 Value: 4165190535038842361 |
|
| .bing.com/ | Name: MUID Value: 38D8AA9037146BFC216EBB53360D6A46 |
|
| .bat.bing.com/ | Name: MR Value: 0 |
|
| .wetransfer.com/ | Name: _gcl_au Value: 1.1.2091637966.1655218693 |
|
| .wetransfer.com/ | Name: auth_session_uuid Value: 72aba677-c341-4d55-902e-d8aad84e2bd7 |
|
| .wetransfer.com/ | Name: _fbp Value: fb.1.1655218693373.1485685048 |
|
| .facebook.com/ | Name: fr Value: 08c8AtBgYsH4FkIMr..BiqKIF...1.0.BiqKIF. |
|
| .wetransfer.com/ | Name: _ga Value: GA1.2.1686961395.1655218693 |
|
| .wetransfer.com/ | Name: _gid Value: GA1.2.1243739968.1655218693 |
|
| .wetransfer.com/ | Name: _gat_UA-11792855-4 Value: 1 |
|
| .t.co/ | Name: muc_ads Value: c65625e4-0994-406c-a6e4-9114f2f3b9ae |
|
| .linkedin.com/ | Name: li_sugr Value: 3a8a44b8-edd1-4598-995c-4ece63ff15bf |
|
| .ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&35719c7c-09e0-4f4a-87f2-a0f59e6fc93e" |
|
| .linkedin.com/ | Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2506:u=1:x=1:i=1655218693:t=1655305093:v=2:sig=AQFtB69iCScwGmw3jgc_iwshATk4kd4g" |
|
| .ad.gt/ | Name: au_idmatch Value: eyJhcG4iOiAxNjU1MjE4NjkzNDEzLCAidHRkIjogMTY1NTIxODY5MzQxMywgInB1YiI6IDE2NTUyMTg2OTM0MTMsICJhZHgiOiAxNjU1MjE4NjkzNDEzLCAiZ29vIjogMTY1NTIxODY5MzQxMywgInBwbnQiOiAxNjU1MjE4NjkzNDEzLCAic21hcnQiOiAxNjU1MjE4NjkzNDEzLCAicnViIjogMTY1NTIxODY5MzQxMywgImltcHIiOiAxNjU1MjE4NjkzNDEzLCAiYWRvIjogMTY1NTIxODY5MzQxMywgImJlZXMiOiAxNjU1MjE4NjkzNDEzLCAib3BlbngiOiAxNjU1MjE4NjkzNDEzLCAibWVkaWFtYXRoIjogMTY1NTIxODY5MzQxMywgInNvbiI6IDE2NTUyMTg2OTM0MTMsICJ0YWJvb2xhIjogMTY1NTIxODY5MzQxMywgInVucnVseSI6IDE2NTUyMTg2OTM0MTN9 |
|
| .wetransfer.com/ | Name: _au_1d Value: AU1D-0100-001655218693-APCJ69H5-XJ78 |
|
| .twitter.com/ | Name: personalization_id Value: "v1_hTo+n2GqxcXXoGlPcFIIsw==" |
|
| .wetransfer.com/ | Name: _au_last_seen_apn Value: 1655218693459 |
|
| .wetransfer.com/ | Name: _au_last_seen_ttd Value: 1655218693459 |
|
| .wetransfer.com/ | Name: _au_last_seen_pub Value: 1655218693459 |
|
| .wetransfer.com/ | Name: _au_last_seen_adx Value: 1655218693459 |
|
| .wetransfer.com/ | Name: _au_last_seen_goo Value: 1655218693459 |
|
| .wetransfer.com/ | Name: _au_last_seen_ppnt Value: 1655218693459 |
|
| .linkedin.com/ | Name: UserMatchHistory Value: AQJQmT1FD-bbIAAAAYFiuOVs8sUGFaoRyhcflR5dCMLylsZ7m0t-pjlY6w4mD9ZTVwO2fnQoLXcRMg |
|
| .linkedin.com/ | Name: AnalyticsSyncHistory Value: AQK755y4jf6F-AAAAYFiuOVsoaHHZz0558Bo2Xv7_QNPMQLXdFDV5M1odgFXClnFAN2Lf2JGKpRmQmzrJ4acSA |
|
| .wetransfer.com/ | Name: _au_last_seen_smart Value: 1655218693459 |
|
| .wetransfer.com/ | Name: _au_last_seen_rub Value: 1655218693459 |
|
| .wetransfer.com/ | Name: _au_last_seen_impr Value: 1655218693459 |
|
| .wetransfer.com/ | Name: _au_last_seen_ado Value: 1655218693459 |
|
| .wetransfer.com/ | Name: _rdt_uuid Value: 1655218693509.e9da5b21-42a0-4948-8072-e459f9c65fcf |
|
| .adnxs.com/ | Name: uuid2 Value: 437022742072708735 |
|
| .linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
| .www.linkedin.com/ | Name: bscookie Value: "v=1&202206141458135c3fd9f9-c1e7-4cde-8a60-eb7b1757a133AQHYjY8q88P9LPpkhdVKhuSKhgTlFJpv" |
|
| .pubmatic.com/ | Name: KTPCACOOKIE Value: true |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnl0hSx0JlRPZT0RyuxMIOTMWhiDB46fVu1NKQc0tcX6fD-RWatfTwE8uqGcSU |
|
| .contextweb.com/ | Name: V Value: ICU4A50xXWFp |
|
| bh.contextweb.com/ | Name: INGRESSCOOKIE Value: c8696d3c7c2e53ad |
|
| .pubmatic.com/ | Name: KADUSERCOOKIE Value: 344FCF63-771A-4599-8802-EAE749E60527 |
|
| www.clarity.ms/ | Name: CLID Value: 354a8f9031f3410ebf367e719e9cb3cb.20220614.20230614 |
|
| .tiktok.com/ | Name: _ttp Value: 2AZYhUQci3uz4yQOW8z33u81olI |
|
| .wetransfer.com/ | Name: _tt_enable_cookie Value: 1 |
|
| .wetransfer.com/ | Name: _ttp Value: 63a04fc8-42d2-47ac-905f-8b7b8a928c0a |
|
| .ad.gt/ | Name: last_seeng_hosted Value: 1655218693737 |
|
| .ad.gt/ | Name: au_id Value: AU1D-0100-001655218693-APCJ69H5-XJ78 |
|
| .ad.gt/ | Name: g_hosted Value: |
|
| .ad.gt/ | Name: last_seenadx Value: 1655218693737 |
|
| .ad.gt/ | Name: first_seenadx Value: 1655218693738 |
|
| .ad.gt/ | Name: last_seenpbm Value: 1655218693738 |
|
| .ad.gt/ | Name: first_seenpbm Value: 1655218693738 |
|
| .ad.gt/ | Name: last_seenpulsepoint Value: 1655218693738 |
|
| .adsymptotic.com/ | Name: U Value: cd8f274cddf1933f0f2e07e445b8002a |
|
| .360yield.com/ | Name: tuuid Value: e2f51c37-0372-4d9a-9df9-ff428ba68014 |
|
| .360yield.com/ | Name: tuuid_lu Value: 1655218693 |
|
| .wetransfer.com/ | Name: _clck Value: 50jjo2|1|f2b|0 |
|
| .ad.gt/ | Name: last_seenadnxs Value: 1655218693775 |
|
| .ad.gt/ | Name: first_seenadnxs Value: 1655218693775 |
|
| .ad.gt/ | Name: last_seenhaloid Value: 1655218693807 |
|
| .ad.gt/ | Name: first_seenhaloid Value: 1655218693807 |
|
| .criteo.com/ | Name: uid Value: 3b7055a4-5af1-4fc5-b561-eb65f9820880 |
|
| .ad.gt/ | Name: last_seenimprove Value: 1655218693900 |
|
| .wetransfer.com/ | Name: _wt_snowplowses.0497 Value: * |
|
| wetransfer.com/ | Name: _dd_s Value: rum=0&expire=1655219593994 |
|
| .demdex.net/ | Name: demdex Value: 47727460432032738712128009413249476458 |
|
| .wetransfer.com/ | Name: cto_bundle Value: J0AVml9vOUNTYmViamhhM1IzYTlQaWI1S0NLamt5NTFEdDVYMHVtWiUyRjhzT29KdXdjTGUzRGZDcm9EVHd5TFRmQ3U1WW1aeE9aNXZxczBtSUdQRHZXeU9QalJrTEElMkZpU1dPVEc0RkVQOGJ4TEJQUXIzdUFOaTlxRlNEQkV1UXZkeCUyRkRLaWU2ayUyQndMV3Rod0lHejczQlU4U05DdyUzRCUzRA |
|
| .wetransfer.com/ | Name: _wt_snowplowid.0497 Value: 3f4e8f7b-8309-4018-a22b-a24d46288876.1655218692.0.1655218694.undefined.0beea82f-1bd7-437a-8f54-4a377a8667d9 |
|
| .dpm.demdex.net/ | Name: dpm Value: 47727460432032738712128009413249476458 |
|
| .ad.gt/ | Name: last_seenadb Value: 1655218694350 |
|
| .wetransfer.com/ | Name: sp Value: e8a239f2-10b6-44a4-a6fd-6761de4d01ae |
|
| e-10220.adzerk.net/ | Name: azk Value: sp-3f4e8f7b-8309-4018-a22b-a24d46288876 |
|
| e-10220.adzerk.net/ | Name: azk-ss Value: true |
|
| .serving-sys.com/ | Name: A6 Value: 10PZgBx0q21007MB000000000 |
|
| .serving-sys.com/ | Name: u2 Value: 3e6ae5f5-48f4-4440-8876-de2793102ed44Hl090 |
|
| .imrworldwide.com/ | Name: IMRID Value: 6ab4f5a1-ebf2-11ec-bc44-d907803bb3cf |
|
| .wetransfer.com/ | Name: _uetsid Value: 69d756c0ebf211ec889b3b794f62edb0 |
|
| .wetransfer.com/ | Name: _uetvid Value: 69d79fb0ebf211ec95dd671f0cb8dcfa |
|
| .c.bing.com/ | Name: MR Value: 0 |
|
| .c.bing.com/ | Name: SRM_B Value: 38D8AA9037146BFC216EBB53360D6A46 |
|
| .c.clarity.ms/ | Name: SM Value: C |
|
| .clarity.ms/ | Name: MUID Value: 38D8AA9037146BFC216EBB53360D6A46 |
|
| .c.clarity.ms/ | Name: MR Value: 0 |
|
| .c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
| .wetransfer.com/ | Name: _clsk Value: ix4c5l|1655218695204|1|0|m.clarity.ms/collect |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=15552000; includeSubDomains; |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.ad.gt
ad.360yield.com
alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
app.launchdarkly.com
auth-session-caching.wetransfer.net
backgrounds.wetransfer.net
bat.bing.com
bh.contextweb.com
bs.serving-sys.com
c.bing.com
c.clarity.ms
campaign.fbot.me
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dt.adsafeprotected.com
dynamic.criteo.com
e-10220.adzerk.net
events.launchdarkly.com
googleads.g.doubleclick.net
gum.criteo.com
id.halo.ad.gt
ids.ad.gt
image2.pubmatic.com
m.clarity.ms
match.adsrvr.org
mug.criteo.com
p.ad.gt
p.adsymptotic.com
pixel.adsafeprotected.com
pixels.ad.gt
prod-cdn.wetransfer.net
public.fbot.me
public.profitwell.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
redditstatic.s3.amazonaws.com
resources.xg4ken.com
secure-gl.imrworldwide.com
secure.adnxs.com
snap.licdn.com
snowplow.wetransfer.com
static.ads-twitter.com
static.adsafeprotected.com
static.criteo.net
static.fbot.me
stats.g.doubleclick.net
sync.smartadserver.com
t.co
token.rubiconproject.com
usg02.safelinks.protection.office365.us
wetransfer.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
z.moatads.com
z4a57uy5x7mxrqaplzlka0o2p9cov1655218694.darnuid.imrworldwide.com
104.18.98.194
104.244.42.197
104.244.42.67
104.36.115.109
13.107.42.14
13.225.214.44
13.225.63.24
13.225.63.92
13.226.39.69
142.250.80.98
146.75.32.157
15.197.193.217
151.101.1.140
151.101.2.217
184.29.129.187
198.148.27.139
199.187.193.166
20.110.81.91
20.120.124.64
23.103.209.28
23.216.132.67
2600:141b:13::17d7:82d9
2600:1f13:800:7782:859c:b9f:89d9:fa61
2600:9000:21da:5000:1e:a43d:b640:93a1
2600:9000:21dd:ea00:8:48e:53c0:93a1
2606:4700::6811:190e
2607:f8b0:4004:c09::9b
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2004
2620:100:a001::c
2620:1ec:21::14
2620:1ec:27::cafe:1868
2620:1ec:c11::200
2a02:2638:1::3
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::396
3.223.156.232
34.199.105.77
34.211.155.203
34.250.122.178
44.224.79.192
44.238.81.176
44.239.82.163
52.12.72.198
52.2.233.34
52.23.26.103
52.40.109.212
54.154.92.83
54.175.135.218
54.230.163.127
54.231.171.9
54.85.21.47
54.85.64.84
54.88.154.11
68.67.160.134
69.173.151.100
74.119.119.139
74.119.119.142
99.81.213.128
05448e9440e5f8a66395d7d66a9bfcb9614a80e4e181f6347cd742ec36725ca6
054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
059a7d9f8c7ed2d1cd282f4bc7b32e904ead11fb6bd105de97a9ccc1611837a5
0b300b972329f2a5a8e199dac4db8b11b3b6c204828d571bf285256e567b8f28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d5bf286e1ae9b85f24f211a8892c3578c69a436138bc1223eda06f4c0b0d5c7
0f2f7ac0226143a9c77410f5f08e97f8a8d52ba37b0bd005bd130d4cab7854ce
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
136ca1d6e86defc90cb43af3526bffa7e5128c232092c407c93fc7f9e58c2de0
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1c4fa10f4c9120614fc4945e172d3ebd0ae3c5747421514b2e01a05237b0bf5b
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
26263a7e86ece29654dadcef5ccf3890d3fae9720c0dece8e70271172755d737
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2911d85b6fd16bcfa2818eda2ad8130a8f1c64355c27158832d8d67361b1d927
2a7e07b83f567cdb5d3880edb32f57340f0b6114b01e5f87e9ef02e6c346eeb1
385a74e47e6e4b14b5383cf291ea1523e9be64587c225f0c11fcd8167b5557f2
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
41381032da4729eab40ac49323190eb8bf4e5d399804aa911ab7974c2230ecd6
424d678f9731b16738a675db71f6e86b16e92ea85a9a786cad2d7925d702da4d
43177738930abf9099816f31f0db21661e7a40924900012986a1b12056a5db02
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
480e40e62c4c0a82dbb952be3e5cdbce2787e393617b447edc3a276be4e234ac
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51fb323a6d5958e5460632e5cbb27a18eb70df23c1982665a561e570febc8f02
59195cd3063807619d5991db11e5fcb50930e853a9ee9a018fb6c00ba6732dce
5af3fb5de2d7c699758b99ee5fa037ae18c463a1e1222bb0d80bc39463d628c2
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6498ffbfc174f0d93120cf89d889732e3f3ee9bd0b76bff35073ebb44b53d97b
66e88b0f4a91ad87e3423a253ccebc888b1f244fbb737fca830b4729146f2d03
67d575b5290b694bd786040f2ccd80363f409bc22f4cf12ee30e6b9fb69fcd0c
688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad
6d969188f80e65e3d9c2ec2711ace1184733ce6a7bcdb6d10681960c5979335c
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
7b5bdd7945bd9a11d2d24728415769a9e0ffe02a75cf8b87ef5ccab939c4c608
8139a0195074013172e591b4430321821d10522647646397e5bb6ec46dfe321f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
858b8a6408a3c9a457c831ce91d3dcc273e12ae41991523890f87e58ce4fc5f1
8b24551f3c041157a88f5e489c4c144bb4341215aa0e09a42f78803ad3e491e9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
954a2d79acd929adaaea1295088745aa7ea64fc0a2226b7452412b17dd34c8d2
98a31fa8bc6612b753bf15b4c6fd22259186c158fd156c29724e4f90b3bc3dc8
996ebdfa7bb7764ab063dbb8cb6be298062d23a6b1c6fefde1238f6cb5bbc105
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a41cab3374674fb912cc0e0b9a02db73b57d22f72d0fa09f7608ad6104991d5a
a7290a40d6ed75837c643f362b63bc038da704fb9422c1a894d1d43a49876c48
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad169515a36117f2ba3142daf9fa291259a97fe5d7809c8b63e85657aa054a53
af381b83bd2f0d19796bf95fb855abff107cc332fc331404908ed5a1a1a845f5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b13e8f56e638d96f185c3874dee84d41452c5026179e1b1260fa54cd32afe50f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
bc2423e596543ace7c96964b0b19e1fd1b084e072bf24f3d0d38c506d04b7bcf
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c6d3cae5088b8b58986fa106045599ba4f89122e5911e539498a0cbd61e56d78
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb1a3a09cad44e98b7196ca601a02a073d84faeb830ee2c8262f4fc6eaa06328
cc3e0177ecf68fb8d9c969cf28718b687b82b0afab5d678b778ad261c8a0e1b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcde69c520d4f6429ceaf8e2d86fa2bdc4f6d3f8b64552e45d321c5661c31c4
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
d9d514698510ce26a6ee97639d1e85562b24f6d2decbcb0671c4b8bbc0d60fb8
da293668686c3bf24090eb16735f275b8cae6319282131ea8340f663cb4b6973
dae2deb34784ab1c70d1a416055f42f7ce95c84ac28a49d1964badee4a756573
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
e0f2500e491efdcfb4d4fb4954d63d3e22ca097abb930b4878eb1d3fa7bd2138
e1aa0fe1a680395d90617094d538a7e0172deeee8cc51cd0dde3be8d717af5a6
e2db6493cc4a606dd658a7859c64d725083e1c463b38005a761bab49d9cf27d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5158d61e6382f02f3738705216c739185b4541eba4b94c2182a18dc456b7789
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef49f74079a41f213b738ff3e7aa205f8e3706c4ba2ba870ef097e01cb6b2566
f0a40a60f4c926484966cd1146aae01e819e01e6c4407b88749ab7b6c800bbdd
f95dc7465b90788f8d5cb452b298bb4e6639cec58821888da9be25f353035a8c