wetransfer.com Open in urlscan Pro
54.216.161.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbE...
Effective URL:
https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d872020092...
Submission Tags: falconsandbox
Submission: On August 13 via api (August 13th 2021, 4:01:40 pm UTC) from US

Summary HTTP 39 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 39 HTTP transactions. The main IP is 54.216.161.59, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is wetransfer.com.
TLS certificate: Issued by Amazon on August 6th 2021. Valid for: a year.

This is the only time wetransfer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	185.64.213.245 185.64.213.245	50152 (IMED) (IMED)
3	54.216.161.59 54.216.161.59	16509 (AMAZON-02) (AMAZON-02)
12	13.225.78.126 13.225.78.126	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:9e00:6:bbf2:440:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1	65.9.73.43 65.9.73.43	16509 (AMAZON-02) (AMAZON-02)
4	54.229.252.67 54.229.252.67	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	34.198.115.132 34.198.115.132	14618 (AMAZON-AES) (AMAZON-AES)
39	11

10 185.64.213.245 (Royal Wootton Bassett, United Kingdom)

ASN50152 (IMED, GB)
PTR: intermedia.co.uk

url.emailprotection.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.216.161.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-161-59.eu-west-1.compute.amazonaws.com

wetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.225.78.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-126.fra2.r.cloudfront.net

prod-cdn.wetransfer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:9e00:6:bbf2:440:21 (United States)

ASN16509 (AMAZON-02, US)

d19ptbnuzhibkh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.43 (United States)

ASN16509 (AMAZON-02, US)

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.229.252.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-252-67.eu-west-1.compute.amazonaws.com

snowplow.wetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.115.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-115-132.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	wetransfer.net prod-cdn.wetransfer.net	1 MB
10	emailprotection.link url.emailprotection.link	444 KB
7	wetransfer.com wetransfer.com snowplow.wetransfer.com	9 KB
4	launchdarkly.com app.launchdarkly.com events.launchdarkly.com	685 B
3	googletagmanager.com www.googletagmanager.com	161 KB
1	google-analytics.com www.google-analytics.com	71 B
1	profitwell.com public.profitwell.com	17 KB
1	cloudfront.net d19ptbnuzhibkh.cloudfront.net	30 KB
39	8

	Domain	Requested by
12	prod-cdn.wetransfer.net	wetransfer.com prod-cdn.wetransfer.net
10	url.emailprotection.link	url.emailprotection.link
4	snowplow.wetransfer.com	d19ptbnuzhibkh.cloudfront.net
3	www.googletagmanager.com	wetransfer.com www.googletagmanager.com
3	wetransfer.com	url.emailprotection.link prod-cdn.wetransfer.net
2	events.launchdarkly.com	prod-cdn.wetransfer.net
2	app.launchdarkly.com	prod-cdn.wetransfer.net
1	www.google-analytics.com	www.googletagmanager.com
1	public.profitwell.com	url.emailprotection.link
1	d19ptbnuzhibkh.cloudfront.net	wetransfer.com
39	10

This site contains links to these domains. Also see Links.

Domain
wetransfer.zendesk.com
about.wetransfer.com

Subject Issuer	Validity	Valid
*.emailprotection.link GeoTrust RSA CA 2018	`2020-07-16` - `2022-08-15`	2 years	crt.sh
wetransfer.com Amazon	`2021-08-06` - `2022-09-04`	a year	crt.sh
wetransfer.net Amazon	`2021-07-13` - `2022-08-11`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.profitwell.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
snowplow.wetransfer.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
events.launchdarkly.com Amazon	`2020-10-19` - `2021-11-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Frame ID: 4CCF3F30D650319F176A43A6C976D011
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bC... Page URL
https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3... Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Page Statistics

39
Requests

100 %
HTTPS

36 %
IPv6

8
Domains

10
Subdomains

11
IPs

4
Countries

2121 kB
Transfer

4467 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://wetransfer.zendesk.com/
Title: help center

Search URL Search Domain Scan URL

URL: https://about.wetransfer.com/products
Title: Products

Search URL Search Domain Scan URL

URL: https://about.wetransfer.com/
Title: Company

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~ Page URL
https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
url.emailprotection.link/ 6 KB
4 KB 531ms
119ms Document
text/html 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 Royal Wootton Bassett, United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 46dac939c003b95c2bbf15a17e83f94b01077e9ba9c0f39d1718bfa9e21b9d2d

Request headers

Host: url.emailprotection.link
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Fri, 13 Aug 2021 16:01:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 200
OK new_style.css
url.emailprotection.link/new/css/ 8 KB
2 KB 27ms
26ms Stylesheet
text/css 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/css/new_style.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 Royal Wootton Bassett, United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: url.emailprotection.link
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Connection: keep-alive
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:01:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Jun 2021 11:22:22 GMT
Server: nginx
ETag: W/"60c3476e-1e80"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK new_screenshot.js Show response
url.emailprotection.link/new/js/ 2 KB
1 KB 75ms
25ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/new_screenshot.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 Royal Wootton Bassett, United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: bf4a1706b6c99a83385825c28dc843a77ca1069b359e8424591c7a8d74995918

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: url.emailprotection.link
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Connection: keep-alive
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:01:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Jun 2021 11:22:22 GMT
Server: nginx
ETag: W/"60c3476e-751"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK tooltipster.css
url.emailprotection.link/new/css/ 10 KB
3 KB 54ms
25ms Stylesheet
text/css 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/css/tooltipster.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 Royal Wootton Bassett, United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: url.emailprotection.link
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Connection: keep-alive
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:01:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Jun 2021 11:22:22 GMT
Server: nginx
ETag: W/"60c3476e-2965"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery-1.9.1.js Show response
url.emailprotection.link/new/js/libs/ 262 KB
91 KB 98ms
47ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/libs/jquery-1.9.1.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 Royal Wootton Bassett, United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: url.emailprotection.link
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Connection: keep-alive
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:01:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Jun 2021 11:22:22 GMT
Server: nginx
ETag: W/"60c3476e-4185d"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.tooltipster.min.js Show response
url.emailprotection.link/new/js/libs/ 20 KB
6 KB 77ms
25ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/libs/jquery.tooltipster.min.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 Royal Wootton Bassett, United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 185914162ef4c337e3511bd6ca8ba9de9a66fb4e47e9c79ee7a937e35bb53f69

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: url.emailprotection.link
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Connection: keep-alive
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:01:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Jun 2021 11:22:22 GMT
Server: nginx
ETag: W/"60c3476e-4ebf"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK new_scanning.js Show response
url.emailprotection.link/new/js/ 1 KB
830 B 80ms
29ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/new_scanning.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 Royal Wootton Bassett, United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 5ae8dd61472a0d692473f9edb91066a0c2edb1f523b97e06ee3e428fe4ae6c7d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: url.emailprotection.link
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Connection: keep-alive
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:01:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Jun 2021 11:22:22 GMT
Server: nginx
ETag: W/"60c3476e-526"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK scanning_70.gif
url.emailprotection.link/new/images/ 30 KB
30 KB 48ms
46ms Image
image/gif 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.emailprotection.link/new/images/scanning_70.gif
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 Royal Wootton Bassett, United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: url.emailprotection.link
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Connection: keep-alive
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:01:22 GMT
Last-Modified: Fri, 11 Jun 2021 11:22:22 GMT
Server: nginx
ETag: "60c3476e-78dd"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30941

GET
H/1.1 200
OK logo_160_19.svg
url.emailprotection.link/new/images/ 1 KB
982 B 26ms
25ms Image
image/svg+xml 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.emailprotection.link/new/images/logo_160_19.svg
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 Royal Wootton Bassett, United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 7d8d729017c5d5d7e51c687274fb47335f0727eb4efc009adb5f1e2a2c9ad49e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: url.emailprotection.link
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Connection: keep-alive
Referer: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:01:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Jun 2021 11:22:22 GMT
Server: nginx
ETag: W/"60c3476e-52c"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK notosans-regular.ttf
url.emailprotection.link/new/fonts/ 306 KB
306 KB 28ms
27ms Font
application/octet-stream 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/fonts/notosans-regular.ttf
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/css/new_style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 Royal Wootton Bassett, United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://url.emailprotection.link
Accept-Encoding: gzip, deflate, br
Host: url.emailprotection.link
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://url.emailprotection.link/new/css/new_style.css
Connection: keep-alive
Origin: https://url.emailprotection.link
Referer: https://url.emailprotection.link/new/css/new_style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:01:22 GMT
Last-Modified: Fri, 11 Jun 2021 11:22:22 GMT
Server: nginx
ETag: "60c3476e-4c738"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 313144

GET
H2 404 Primary Request 679502 Show response
wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/ 21 KB
6 KB 127ms
62ms Document
text/html 54.216.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email

Requested by

Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/js/new_scanning.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.161.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-161-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

899f29fa64ecd6b645f6e8e03882c454dd728e10104d1946ecd051decce2d1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: wetransfer.com
:scheme: https
:path: /downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://url.emailprotection.link/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://url.emailprotection.link/

Response headers

date: Fri, 13 Aug 2021 16:01:23 GMT
content-type: text/html; charset=utf-8
content-length: 5821
cache-control: no-cache, no-store
content-encoding: gzip
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
set-cookie: _wt_snowplowid.38f1=3c668b46-b25b-46fc-a7ff-f3f48246aa22.1628870483.0.1628870483.; domain=.wetransfer.com; path=/; expires=Sun, 13 Aug 2023 16:01:23 GMT; secure
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-opaque: 8b28781bda2b3411dcc98641538d70db1e10560a-xjmcd-40821
x-permitted-cross-domain-policies: none
x-request-id: 82eed610b6f53fb665d97968e5c3bda6
x-runtime: 0.027655
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains;

GET
H2 200 runtime~application-2e8b90e6d8508cdfef1e.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/ 6 KB
3 KB 65ms
23ms Script
application/javascript 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/runtime~application-2e8b90e6d8508cdfef1e.es6.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d02203c0906f75f90053c2f2a42cdaaefa0d10e36c166b1d623162d3d6eb24e

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 07:52:56 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:34:52 GMT
server: AmazonS3
age: 202108
etag: W/"f0214560c71652a7e6caa9578c44047e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: a9dzPkA9xV4ZVMLtFOAHG4TvbAz16_mGuCCXFL82qMBo33Aw_Xaiyw==

GET
H2 200 application-b6cc7180879ec8e026dd.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/ 813 KB
213 KB 63ms
24ms Script
application/javascript 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/application-b6cc7180879ec8e026dd.es6.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0223471e0ed1dcfff9d67ad6c09b04b14b2fdde3ea751d781b19500876be1687

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 07:52:56 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:34:52 GMT
server: AmazonS3
age: 202108
etag: W/"257f20f4eca7fb1e48910cc11f9374cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: -ZgtjFT1Qp0vkC_lYMPcR2onRxEJFA_t4fEOz1sVU0Kg2kcW6yyBgg==

GET
H2 200 vendor-6592e8dca117e878a500.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/ 989 KB
300 KB 77ms
39ms Script
application/javascript 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-6592e8dca117e878a500.es6.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b8965137d2cfbac4df39827ebfe99370b7a509cd5344bbfcb400f6bd73c2006

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 13:01:58 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 12:20:22 GMT
server: AmazonS3
age: 356366
etag: W/"b2c21987ee02c4c25627d9273f64ae5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: PaYOVmpXyXXC_b3ulQiiTvVt7GS5aDtDVi6fGEBJ5A1hO0VTBpFNvQ==

GET
H2 200 ActiefGrotesque_W_Regular-1f437876.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ 30 KB
31 KB 55ms
17ms Font
font/woff 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6

Request headers

Origin: https://wetransfer.com
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:25:45 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 3116139
x-cache: Hit from cloudfront
content-length: 31120
last-modified: Thu, 08 Jul 2021 09:27:34 GMT
server: AmazonS3
etag: "57cbbfdafc43e0deecc75a309dd042c6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://wetransfer.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Oi2z7s_w2erPUiu_vN4DFpNWBo24zGWCoyjWcLKvuwDdVXXwINKy1w==

GET
H2 200 ActiefGrotesque_W_Medium-293e86f0.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ 31 KB
32 KB 62ms
24ms Font
font/woff 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555

Request headers

Origin: https://wetransfer.com
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 19:15:55 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 8801129
x-cache: Hit from cloudfront
content-length: 32124
last-modified: Mon, 03 May 2021 14:40:31 GMT
server: AmazonS3
etag: "868aedeefe7669e8a4f7196f7df5d058"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://wetransfer.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: o7kwiaAhmI28P0eBWIdHlwhC1y0QQ3CRUqv5JtabxBP430A9Z-KFoQ==

GET
H2 200 GT-Super-WT-Super-1b214df1.woff
prod-cdn.wetransfer.net/packs/media/gt-super-wt/ 42 KB
43 KB 64ms
26ms Font
font/woff 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73

Request headers

Origin: https://wetransfer.com
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 12:39:00 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2604144
x-cache: Hit from cloudfront
content-length: 43188
last-modified: Wed, 14 Jul 2021 12:13:32 GMT
server: AmazonS3
etag: "55576599a2d772f9297c5036d355b1fb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://wetransfer.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: QMeYyLuMCoNf574BIO-l_JDHB1UHaOclykXLUDdAisMKcRMBUp6Tzg==

GET
H2 200 application-c2038279.chunk.css
prod-cdn.wetransfer.net/packs/css/ 366 KB
49 KB 50ms
15ms Stylesheet
text/css 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/css/application-c2038279.chunk.css
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a00e97edf0727ef2654fc6fe04f91f28356483b4c5b1f926c0003df19eb30e9b

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 09:03:52 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 08:15:35 GMT
server: AmazonS3
age: 1234652
etag: W/"b486280e2eab85a4a5ecb63b01103f2d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: -FlqG_KV5d7KonllejCVnLXqMIS9DTWJPNnvnm16rcXdiak0oKxKTg==

GET
H2 200 en-0d65947306b8b68f172b.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/runtime~locale/ 1 KB
1 KB 78ms
44ms Script
application/javascript 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/runtime~locale/en-0d65947306b8b68f172b.es6.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ad7d4f79b26cee0a72de1a1cfba6f5c24dafc44f1999bb3acbabf155738e653

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 23:43:21 GMT
content-encoding: gzip
last-modified: Fri, 11 Jun 2021 13:40:28 GMT
server: AmazonS3
age: 5415483
etag: W/"17e97b3ba4bb354fb2bdd008fab99947"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: unPZ7axThhnmfzQHQPVb8lhGBzoebrPqxw4h7ggYAxBUZH-o3-01gg==

GET
H2 200 en-09db187b0548c3501b37.es6.js Show response
prod-cdn.wetransfer.net/packs/esm/locale/ 132 KB
39 KB 78ms
45ms Script
application/javascript 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/packs/esm/locale/en-09db187b0548c3501b37.es6.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f09da7c4b3bd2634520589296bf1e82b83945ffc14e5d3c09fb66c1c2d83559

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 07:57:23 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 20:03:51 GMT
server: AmazonS3
age: 115441
etag: W/"d83a77c0a2498cd0d6cfe7f983feb2a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Q0_ZKcip7WVbHwYNN8SpQle6e4G_zAlq2_Xf4SSTd_eMQtBFrS3UvQ==

GET
H2 200 advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js Show response
prod-cdn.wetransfer.net/assets/ 349 B
704 B 82ms
48ms Script
application/javascript 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/assets/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 20:13:12 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified: Mon, 05 Jul 2021 08:47:50 GMT
server: AmazonS3
age: 3354492
etag: "019dafef616906d42b64043fce694aa3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 349
x-amz-cf-id: i15ur9O1mQpU5gXRN-34SiHKLAxoj800QnWUizMsGIwa9XgCFRe_9w==

GET
H2 200 sp.js Show response
d19ptbnuzhibkh.cloudfront.net/2.10.2/ 96 KB
30 KB 71ms
14ms Script
application/javascript 2600:9000:2204:9e00:6:bbf2:440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Requested by: Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:9e00:6:bbf2:440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 00:11:45 GMT
content-encoding: gzip
last-modified: Tue, 30 Apr 2019 15:14:08 GMT
server: AmazonS3
age: 8178579
etag: "c7b65b3f4e8761897af9a3ca5d76682e"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57d.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
content-length: 29895
x-amz-cf-id: MXEaQNWgxciP0h5ZihMc_UHdTIgxWG6L7XPolRqSMKBZDjnfr9e3rw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
36 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4

Requested by

Host: wetransfer.com
URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f737b65e03589a42197b96e38619417cba7a92623b5a0a295bff3ef192f72373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:01:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36289
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 16:01:23 GMT

OPTIONS
H2 200 5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ 0
0 32ms
9ms Preflight 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e

Protocol

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Origin: https://wetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 300
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Fri, 13 Aug 2021 16:01:23 GMT
via: 1.1 varnish
x-served-by: cache-fra19181-FRA
x-cache: HIT
x-cache-hits: 140
x-timer: S1628870484.776480,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23

GET
H2 200 5b82f23280914154b163996e Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 10ms
9ms XHR
application/json 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-6592e8dca117e878a500.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-User-Agent: JSClient/2.9.7
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Fri, 13 Aug 2021 16:01:23 GMT
content-length: 26
x-served-by: cache-fra19181-FRA
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1628870484.786626,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 79

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 53 KB
17 KB 62ms
20ms Script
application/x-javascript 65.9.73.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 520b93c4e8209f19c7b89ac2610c6556143291c9277d39966f72abaa163485d9

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UjaKewhZptc9LDPEisOi5JDl4O1zdU1o
content-encoding: gzip
last-modified: Tue, 27 Jul 2021 17:20:56 GMT
server: AmazonS3
age: 73851
etag: W/"ae9c3c6cbcf5763725c4878190ac0d54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control: public,max-age=86400
date: Thu, 12 Aug 2021 19:30:33 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 4k-QJdXAZN4mPP7PC4xk-3-Sbh7wXCrXso3LLZQcbzq5StKVtlR89Q==

POST
H2 200 graphql Show response
wetransfer.com/api/ 432 B
1 KB 42ms
42ms Fetch
application/json 54.216.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wetransfer.com/api/graphql

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-6592e8dca117e878a500.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.161.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-161-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2dea2c457e7ebe78f16f545640552c6ccb630d5e76f6b1891e46759130635d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://wetransfer.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: _wt_snowplowid.38f1=3c668b46-b25b-46fc-a7ff-f3f48246aa22.1628870483.0.1628870483.
content-length: 369
:path: /api/graphql
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: wetransfer.com
referer: https://wetransfer.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Fri, 13 Aug 2021 16:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: https://wetransfer.com
access-control-max-age: 60
strict-transport-security: max-age=15552000; includeSubDomains;
x-opaque: 8b28781bda2b3411dcc98641538d70db1e10560a-slkx5-43085
content-length: 297
x-xss-protection: 1; mode=block
x-request-id: e7c654be850fd8998ebde9febd7167b3
x-runtime: 0.008051
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
etag: W/"ea9c24a25cc2883b3bc44f5187b01e29"
x-download-options: noopen
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers
cache-control: no-cache, no-store
set-cookie: _wt_snowplowid.38f1=3c668b46-b25b-46fc-a7ff-f3f48246aa22.1628870483.0.1628870483; domain=.wetransfer.com; path=/; expires=Sun, 13 Aug 2023 16:01:23 GMT; secure
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie-wall-art-792f76ae.png
prod-cdn.wetransfer.net/packs/media/images/ 746 KB
747 KB 14ms
13ms Image
image/png 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-cdn.wetransfer.net/packs/media/images/cookie-wall-art-792f76ae.png
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-c2038279.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4a7c1d8e5a4ca0525b599787d31efeec1edd20e3dd6aa620f669a590263faaa

Request headers

Referer: https://prod-cdn.wetransfer.net/packs/css/application-c2038279.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:06:56 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 13:28:28 GMT
server: AmazonS3
age: 14003668
etag: "421ffa97f475166ba26ce232615a7817"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 763841
x-amz-cf-id: aTK19A-RsePxODLm2al2EcCqvyMOj6dWcnwyE4a3MjJ_sdH3HzduHQ==

GET
H2 200 pricing Show response
wetransfer.com/api/v4/nu_subscriptions/ 1 KB
657 B 48ms
44ms XHR
application/json 54.216.161.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wetransfer.com/api/v4/nu_subscriptions/pricing?country_code=DE&plan_tier=plus

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-6592e8dca117e878a500.es6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.161.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-161-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5a7ff092591610ea04f9f2b3409f95f38f40906fc3414028e61aea01c5db199b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains;
X-Frame-Options	deny

Request headers

:path: /api/v4/nu_subscriptions/pricing?country_code=DE&plan_tier=plus
pragma: no-cache
cookie: _wt_snowplowid.38f1=3c668b46-b25b-46fc-a7ff-f3f48246aa22.1628870483.0.1628870483
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: wetransfer.com
referer: https://wetransfer.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.006466
date: Fri, 13 Aug 2021 16:01:24 GMT
content-encoding: gzip
x-frame-options: deny
etag: W/"5c346463d470628d6a7c8ff85f1adbd5"
vary: Accept-Encoding, Origin
content-type: application/json
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=15552000; includeSubDomains;
x-opaque: 8b28781bda2b3411dcc98641538d70db1e10560a-nhhk6-39950
content-length: 314
x-request-id: d3f143b50eb8dae00842269192bab41e

OPTIONS
H2 200 tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 0
0 93ms
29ms Preflight 54.229.252.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 54.229.252.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-252-67.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://wetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 16:01:24 GMT
content-length: 0
access-control-allow-origin: https://wetransfer.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

GET
H2 200 core-shape-d22f0e47.svg
prod-cdn.wetransfer.net/packs/media/transfer_window/ 485 B
835 B 18ms
18ms Image
image/svg+xml 13.225.78.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-cdn.wetransfer.net/packs/media/transfer_window/core-shape-d22f0e47.svg
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-c2038279.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a41cab3374674fb912cc0e0b9a02db73b57d22f72d0fa09f7608ad6104991d5a

Request headers

Referer: https://prod-cdn.wetransfer.net/packs/css/application-c2038279.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 14:07:16 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 13:52:21 GMT
server: AmazonS3
age: 14262849
etag: "9c5640120e49affc48fe61cda0b5b08d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 485
x-amz-cf-id: K1t_ehI_jhni74RLMOtWHOarsPJC5bxoTgiDuONMmPB0z5Qt4D9Vnw==

POST
H2 200 tp2 Show response
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 2 B
337 B 95ms
31ms XHR
text/plain 54.229.252.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d19ptbnuzhibkh.cloudfront.net
URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.252.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-252-67.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://wetransfer.com
date: Fri, 13 Aug 2021 16:01:24 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 208 KB
64 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2074059816db935ba89ee577dd3317ac51a69322cc4d4f6a75e07b5168e3f123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:01:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65888
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 16:01:24 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-56VSY4EVER&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f759ea6fc55002ee3605680819c82cdcf9c707cd598994406c6aa1a779766f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:01:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62888
x-xss-protection: 0
expires: Fri, 13 Aug 2021 16:01:24 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
71 B 13ms
13ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-56VSY4EVER&gtm=2oe8b0&_p=2093222452&sr=1600x1200&ul=en-us&cid=2115224286.1628870484&_s=1&dl=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fe357db3ba482e3c555a0330e3f5cd5c620200924174934%2Fb277e8546a7b92e72c3c58c374981d8720200924175027%2F679502%3Futm_campaign%3DWT_email_tracking%26utm_content%3Dgeneral%26utm_medium%3Ddownload_button%26utm_source%3Dnotify_recipient_email&dr=https%3A%2F%2Furl.emailprotection.link%2F&dt=WeTransfer&sid=1628870484&sct=1&seg=0&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-56VSY4EVER&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:01:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wetransfer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 0
0 30ms
30ms Preflight 54.229.252.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 54.229.252.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-252-67.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://wetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 16:01:24 GMT
content-length: 0
access-control-allow-origin: https://wetransfer.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 2 B
336 B 31ms
31ms XHR
text/plain 54.229.252.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d19ptbnuzhibkh.cloudfront.net
URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.252.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-252-67.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://wetransfer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://wetransfer.com
date: Fri, 13 Aug 2021 16:01:24 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

POST
H/1.1 202
Accepted 5b82f23280914154b163996e Show response
events.launchdarkly.com/events/bulk/ 0
509 B 144ms
143ms XHR
application/json 34.198.115.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-6592e8dca117e878a500.es6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.115.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-115-132.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wetransfer.com/
X-LaunchDarkly-Event-Schema: 3
X-LaunchDarkly-User-Agent: JSClient/2.9.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 13 Aug 2021 16:01:26 GMT
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length: 0
Access-Control-Expose-Headers: Date

OPTIONS
H/1.1 204
No Content 5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ 0
0 314ms
101ms Preflight
application/json 34.198.115.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e

Protocol

HTTP/1.1

Server

34.198.115.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-115-132.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Origin: https://wetransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Fri, 13 Aug 2021 16:01:26 GMT
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Access-Control-Max-Age: 300
Strict-Transport-Security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wetransfer.com/	1970-01-20 13:59:02	Name: _wt_snowplowid.38f1 Value: 3c668b46-b25b-46fc-a7ff-f3f48246aa22.1628870483.1.1628870484.1628870483.1899f93d-1330-4ff4-b693-72120b4951e9
.wetransfer.com/	1970-01-19 22:37:26	Name: _gcl_au Value: 1.1.970996972.1628870484
.wetransfer.com/	1970-01-19 20:27:52	Name: _wt_snowplowses.38f1 Value: *

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
d19ptbnuzhibkh.cloudfront.net
events.launchdarkly.com
prod-cdn.wetransfer.net
public.profitwell.com
snowplow.wetransfer.com
url.emailprotection.link
wetransfer.com
www.google-analytics.com
www.googletagmanager.com
13.225.78.126
151.101.14.217
185.64.213.245
2600:9000:2204:9e00:6:bbf2:440:21
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:827::2008
34.198.115.132
54.216.161.59
54.229.252.67
65.9.73.43
0223471e0ed1dcfff9d67ad6c09b04b14b2fdde3ea751d781b19500876be1687
0f09da7c4b3bd2634520589296bf1e82b83945ffc14e5d3c09fb66c1c2d83559
185914162ef4c337e3511bd6ca8ba9de9a66fb4e47e9c79ee7a937e35bb53f69
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73
2074059816db935ba89ee577dd3317ac51a69322cc4d4f6a75e07b5168e3f123
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2dea2c457e7ebe78f16f545640552c6ccb630d5e76f6b1891e46759130635d1e
3b8965137d2cfbac4df39827ebfe99370b7a509cd5344bbfcb400f6bd73c2006
46dac939c003b95c2bbf15a17e83f94b01077e9ba9c0f39d1718bfa9e21b9d2d
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
520b93c4e8209f19c7b89ac2610c6556143291c9277d39966f72abaa163485d9
5a7ff092591610ea04f9f2b3409f95f38f40906fc3414028e61aea01c5db199b
5ae8dd61472a0d692473f9edb91066a0c2edb1f523b97e06ee3e428fe4ae6c7d
5d02203c0906f75f90053c2f2a42cdaaefa0d10e36c166b1d623162d3d6eb24e
7ad7d4f79b26cee0a72de1a1cfba6f5c24dafc44f1999bb3acbabf155738e653
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
7d8d729017c5d5d7e51c687274fb47335f0727eb4efc009adb5f1e2a2c9ad49e
899f29fa64ecd6b645f6e8e03882c454dd728e10104d1946ecd051decce2d1db
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069
a00e97edf0727ef2654fc6fe04f91f28356483b4c5b1f926c0003df19eb30e9b
a41cab3374674fb912cc0e0b9a02db73b57d22f72d0fa09f7608ad6104991d5a
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8
bf4a1706b6c99a83385825c28dc843a77ca1069b359e8424591c7a8d74995918
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86
d4a7c1d8e5a4ca0525b599787d31efeec1edd20e3dd6aa620f669a590263faaa
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f737b65e03589a42197b96e38619417cba7a92623b5a0a295bff3ef192f72373
f759ea6fc55002ee3605680819c82cdcf9c707cd598994406c6aa1a779766f58

wetransfer.com Open in urlscan Pro 54.216.161.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

36 %IPv6

8 Domains

10 Subdomains

11 IPs

4 Countries

2121 kBTransfer

4467 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wetransfer.com Open in urlscan Pro
54.216.161.59 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

36 %
IPv6

8
Domains

10
Subdomains

11
IPs

4
Countries

2121 kB
Transfer

4467 kB
Size

3
Cookies

39 HTTP transactions
0 data transactions