urlscan.io logo urlscan.io
SecurityTrails logo

emroosh.wetransfer.com Open in urlscan Pro
34.248.171.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/ayfsCZ6RRAI7YyvXTzJPBb?domain=emroosh.wetransfer.com
Effective URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be472022020...
Submission: On February 07 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 4 countries across 36 domains to perform 102 HTTP transactions. The main IP is 34.248.171.101, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is emroosh.wetransfer.com.
TLS certificate: Issued by Amazon on August 6th 2021. Valid for: a year.
This is the only time emroosh.wetransfer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.117 30031 (MIMECAST-)
5 34.248.171.101 16509 (AMAZON-02)
15 52.85.61.47 16509 (AMAZON-02)
1 13.225.66.179 16509 (AMAZON-02)
2 142.251.40.136 15169 (GOOGLE)
2 151.101.66.217 54113 (FASTLY)
10 13.107.21.200 8068 (MICROSOFT...)
3 157.240.3.29 32934 (FACEBOOK)
1 54.230.162.91 16509 (AMAZON-02)
1 142.250.65.194 15169 (GOOGLE)
2 146.75.32.157 54113 (FASTLY)
1 54.149.174.3 16509 (AMAZON-02)
1 99.84.125.86 16509 (AMAZON-02)
3 104.244.42.195 13414 (TWITTER)
3 104.244.42.69 13414 (TWITTER)
7 142.250.65.174 15169 (GOOGLE)
1 151.101.129.140 54113 (FASTLY)
2 23.60.96.162 20940 (AKAMAI-ASN1)
5 184.51.149.162 20940 (AKAMAI-ASN1)
1 74.119.119.142 19750 (AS-CRITEO)
1 142.250.65.226 15169 (GOOGLE)
4 18.200.37.115 16509 (AMAZON-02)
1 52.11.43.158 16509 (AMAZON-02)
1 52.89.209.136 16509 (AMAZON-02)
2 2 68.67.181.202 29990 (ASN-APPNEX)
1 9 52.42.90.222 16509 (AMAZON-02)
2 2 15.197.193.217 16509 (AMAZON-02)
2 2 8.28.7.83 62713 (AS-PUBMATIC)
2 3 142.250.64.98 15169 (GOOGLE)
1 151.101.129.44 54113 (FASTLY)
3 3 199.127.204.142 26120 (RHYTHMONE)
1 1 74.121.140.14 30419 (MEDIAMATH...)
1 99.84.42.87 16509 (AMAZON-02)
4 4 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.102.194 13335 (CLOUDFLAR...)
2 142.251.4.157 15169 (GOOGLE)
1 151.101.65.140 54113 (FASTLY)
3 142.251.40.100 15169 (GOOGLE)
4 157.240.3.35 32934 (FACEBOOK)
1 44.237.47.166 16509 (AMAZON-02)
2 2 34.98.64.218 15169 (GOOGLE)
1 178.250.0.130 44788 (ASN-CRITE...)
2 74.119.119.139 19750 (AS-CRITEO)
1 54.197.97.27 14618 (AMAZON-AES)
2 54.236.74.161 14618 (AMAZON-AES)
102 37
2    205.139.111.117 (United States)

ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com
protect-us.mimecast.com
5    34.248.171.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-171-101.eu-west-1.compute.amazonaws.com
emroosh.wetransfer.com
15    52.85.61.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-47.ewr53.r.cloudfront.net
prod-cdn.wetransfer.net
1    13.225.66.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-66-179.ewr53.r.cloudfront.net
d19ptbnuzhibkh.cloudfront.net
2    142.251.40.136 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f8.1e100.net
www.googletagmanager.com
2    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
10    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    157.240.3.29 (Seattle, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sea1.fbcdn.net
connect.facebook.net
1    54.230.162.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-91.ewr53.r.cloudfront.net
public.profitwell.com
1    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
www.googleadservices.com
2    146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    54.149.174.3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-174-3.us-west-2.compute.amazonaws.com
a.ad.gt
1    99.84.125.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-86.ewr52.r.cloudfront.net
auth.wetransfer.com
3    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
7    142.250.65.174 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f14.1e100.net
www.google-analytics.com
1    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    23.60.96.162 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-60-96-162.deploy.static.akamaitechnologies.com
snap.licdn.com
5    184.51.149.162 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-149-162.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    74.119.119.142 (United States)

ASN19750 (AS-CRITEO, US)
dynamic.criteo.com
1    142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
googleads.g.doubleclick.net
4    18.200.37.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-37-115.eu-west-1.compute.amazonaws.com
snowplow.wetransfer.com
1    52.11.43.158 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-43-158.us-west-2.compute.amazonaws.com
aufp.io
1    52.89.209.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-209-136.us-west-2.compute.amazonaws.com
p.ad.gt
2    68.67.181.202 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
9    52.42.90.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
ids.ad.gt
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    142.250.64.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net
cm.g.doubleclick.net
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
3    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    99.84.42.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-87.ewr52.r.cloudfront.net
previews-te.wetransfer.net
4    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    104.18.102.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    142.251.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: gm-in-f157.1e100.net
stats.g.doubleclick.net
1    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
3    142.251.40.100 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f4.1e100.net
www.google.com
4    157.240.3.35 (Seattle, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-sea1.facebook.com
www.facebook.com
1    44.237.47.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-47-166.us-west-2.compute.amazonaws.com
pixels.ad.gt
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
1    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    54.197.97.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-97-27.compute-1.amazonaws.com
resources.xg4ken.com
2    54.236.74.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-74-161.compute-1.amazonaws.com
events.launchdarkly.com
Apex Domain
Subdomains		 Transfer
16 wetransfer.net
prod-cdn.wetransfer.net — Cisco Umbrella Rank: 27519
previews-te.wetransfer.net — Cisco Umbrella Rank: 180487
1 MB
12 ad.gt
a.ad.gt — Cisco Umbrella Rank: 5184
p.ad.gt — Cisco Umbrella Rank: 5806
ids.ad.gt — Cisco Umbrella Rank: 4690
pixels.ad.gt — Cisco Umbrella Rank: 5709
17 KB
10 bing.com
bat.bing.com — Cisco Umbrella Rank: 385
22 KB
10 wetransfer.com
emroosh.wetransfer.com
auth.wetransfer.com — Cisco Umbrella Rank: 34472
snowplow.wetransfer.com — Cisco Umbrella Rank: 20883
15 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
23 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
3 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1300
102 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
980 B
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 546
www.linkedin.com — Cisco Umbrella Rank: 647
3 KB
4 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 1854
events.launchdarkly.com — Cisco Umbrella Rank: 1649
507 B
3 google.com
www.google.com — Cisco Umbrella Rank: 13
762 B
3 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 5180
gum.criteo.com — Cisco Umbrella Rank: 369
7 KB
3 t.co
t.co — Cisco Umbrella Rank: 487
489 B
3 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 537
644 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
203 KB
2 openx.net
u.openx.net — Cisco Umbrella Rank: 710
532 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 642
539 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
1 KB
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1032
625 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
964 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 404
2 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1098
5 KB
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 630
11 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
131 KB
2 mimecast.com
protect-us.mimecast.com — Cisco Umbrella Rank: 10078
2 KB
1 xg4ken.com
resources.xg4ken.com — Cisco Umbrella Rank: 4808
4 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
13 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1532
125 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
684 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
627 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 570
231 B
1 aufp.io
aufp.io — Cisco Umbrella Rank: 6490
3 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1463
8 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
15 KB
1 profitwell.com
public.profitwell.com — Cisco Umbrella Rank: 6299
17 KB
1 cloudfront.net
d19ptbnuzhibkh.cloudfront.net
30 KB
102 36
Domain Requested by
15 prod-cdn.wetransfer.net emroosh.wetransfer.com
prod-cdn.wetransfer.net
10 bat.bing.com prod-cdn.wetransfer.net
bat.bing.com
emroosh.wetransfer.com
9 ids.ad.gt 1 redirects emroosh.wetransfer.com
7 www.google-analytics.com www.googletagmanager.com
prod-cdn.wetransfer.net
www.google-analytics.com
5 analytics.tiktok.com www.googletagmanager.com
analytics.tiktok.com
5 emroosh.wetransfer.com prod-cdn.wetransfer.net
4 www.facebook.com emroosh.wetransfer.com
4 snowplow.wetransfer.com prod-cdn.wetransfer.net
3 www.google.com emroosh.wetransfer.com
3 px.ads.linkedin.com 3 redirects
3 cm.g.doubleclick.net 2 redirects emroosh.wetransfer.com
3 t.co emroosh.wetransfer.com
3 analytics.twitter.com static.ads-twitter.com
3 connect.facebook.net prod-cdn.wetransfer.net
connect.facebook.net
2 events.launchdarkly.com prod-cdn.wetransfer.net
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 u.openx.net 2 redirects
2 stats.g.doubleclick.net prod-cdn.wetransfer.net
2 p.adsymptotic.com 1 redirects emroosh.wetransfer.com
2 sync.1rx.io 2 redirects
2 image2.pubmatic.com 2 redirects
2 match.adsrvr.org 2 redirects
2 secure.adnxs.com 2 redirects
2 snap.licdn.com www.googletagmanager.com
2 static.ads-twitter.com www.googletagmanager.com
2 app.launchdarkly.com prod-cdn.wetransfer.net
2 www.googletagmanager.com emroosh.wetransfer.com
www.googletagmanager.com
2 protect-us.mimecast.com 2 redirects
1 resources.xg4ken.com emroosh.wetransfer.com
1 static.criteo.net dynamic.criteo.com
1 pixels.ad.gt p.ad.gt
1 alb.reddit.com emroosh.wetransfer.com
1 www.linkedin.com 1 redirects
1 previews-te.wetransfer.net emroosh.wetransfer.com
1 sync.mathtag.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 trc.taboola.com emroosh.wetransfer.com
1 p.ad.gt a.ad.gt
1 aufp.io a.ad.gt
1 googleads.g.doubleclick.net www.googleadservices.com
1 dynamic.criteo.com www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 auth.wetransfer.com prod-cdn.wetransfer.net
1 a.ad.gt emroosh.wetransfer.com
1 www.googleadservices.com www.googletagmanager.com
1 public.profitwell.com emroosh.wetransfer.com
1 d19ptbnuzhibkh.cloudfront.net emroosh.wetransfer.com
102 47

This site contains links to these domains. Also see Links.

Domain
wetransfer.zendesk.com
about.wetransfer.com
Subject Issuer Validity Valid
wetransfer.com
Amazon		 2021-08-06 -
2022-09-04		 a year crt.sh
wetransfer.net
Amazon		 2021-07-13 -
2022-08-11		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-17 -
2022-02-15		 3 months crt.sh
*.profitwell.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.ad.gt
Amazon		 2021-06-09 -
2022-07-08		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-05 -
2022-04-02		 6 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
snowplow.wetransfer.com
Amazon		 2021-04-18 -
2022-05-17		 a year crt.sh
aufp.io
Amazon		 2021-11-26 -
2022-12-24		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-05 -
2022-04-02		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.xg4ken.com
Go Daddy Secure Certificate Authority - G2		 2021-09-17 -
2022-10-19		 a year crt.sh
events.launchdarkly.com
Amazon		 2021-09-19 -
2022-10-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Frame ID: 317CC0D29BD652EDCDBF0ED3E92EFF6D
Requests: 95 HTTP requests in this frame

Frame: https://auth.wetransfer.com/authorize?audience=aud%3A%2F%2Ftransfer-api-prod.wetransfer%2F&client_id=dXWFQjiW1jxWCFG0hOVpqrk4h9vGeanc&redirect_uri=https%3A%2F%2Femroosh.wetransfer.com%2Faccount%2Fcallback&scope=openid%20profile%20email&response_type=code&response_mode=web_message&state=aUJpU0llTV9yLTdlTUc2aHRxT2FHMTVwOFRVX182ZWIucy1IUTJvRTI3dQ%3D%3D&nonce=cHBNT35uUEpVcW9RY0N%2BY3BRc0hUWG1OQURGRk93a1VGXzd4MXlkWDdpVw%3D%3D&code_challenge=RZM5PBMrKNdvyrCzL4AlV-9sENe-AW1AEAFGpPBbe8U&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTkuMyJ9
Frame ID: D443AA0D89D60A7FED80EF768D8D05CA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=emroosh.wetransfer.com&origin=onetag&gdpr=1&gdpr_consent=CPUD7SjPUD7SjPnACAENAxCAAEIAEEJAEAABGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZqAAAAA.JGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZq
Frame ID: 81776119588D146917F9D3704A45716F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WeTransfer - Send Large Files & Share Photos Online - Up to 2GB Free

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/ayfsCZ6RRAI7YyvXTzJPBb?domain=emroosh.wetransfer.com HTTP 307
    https://protect-us.mimecast.com/redirect/eNqtldtu20YQQH_F4GstaWfvaxRFBKNp49ZOazdA0qoQ9jIrMRFJmaQcu4H_vUPKbmL... HTTP 307
    https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • public\.profitwell\.com/js/profitwell\.js

Page Statistics

102
Requests

91 %
HTTPS

0 %
IPv6

36
Domains

47
Subdomains

37
IPs

4
Countries

1913 kB
Transfer

5905 kB
Size

70
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/ayfsCZ6RRAI7YyvXTzJPBb?domain=emroosh.wetransfer.com HTTP 307
    https://protect-us.mimecast.com/redirect/eNqtldtu20YQQH_F4GstaWfvaxRFBKNp49ZOazdA0qoQ9jIrMRFJmaQcu4H_vUPKbmLF6FNeBO3O_ezM8FPRxm1fnBRdVfZxjZvNi43vbnDluxpvfPLTVXNTHBebJhYn7LhoMWK57fuywuIEtBTaglaCsUFGfvhx4fvex3VZ54bcflo8nCus-25RnPxFN7nc4IWvkI6LIjTpbtrf9ovieFF0aw_jLQQvEZhjUmabs2YRDUqBJgJqqWLiXrgE6tGKKz3aGS1icECq3Gdls0Nns3HIbJCokvfJ-gCOyxydRcl1jlk7mbJ0igHw0V-V1OjMC0gyS5OY0zrZYKX0UQafeAhWJT0qt03TX33rBAjvH3fbPaAeCc5su_Flva-2_GcQCAP8_vhZmuu-ekoTwcWQBEs8WsMzg8AgZdA2gDbGgWfRSiH8IU2rfQoZs8lMqcyk5sEP6mARpIyMh-EtApXkWMbgMUkOQvCktUiQ2BOayQARNEFzIZwBB5nia8GNC6hNgOdofpsEvqZJhDZfwgRqYv01zb71NQ1G15VNPcVHk0eqToaUcpbcaGVdonhgVOBaQ8iGW7RMZQKsD6lq6zwGagwJwVkgLlnalI31mENimLg2GlSUkdqO6mQhJ5VAB6-DcMw9oWoJXhCacchKpZg0YzxbAGmi5IGl56h-mwS-pFph1_kVLmZtjpbzSdfvQsD0pF8tM_d_39MuSSVtkWHnvKrptC0TrQ1njovQ0UNIoCtPy6Y4fXM153bOAUjLjwana4wf3lz-ur-gR6G7eYx07CrfrelkFWchBk9PIDlHlAZp7qwNCTmLPgETWgdgg0mdWrKofPvhBVaEqFtPY1MNkl14T5JLPDn6rW1Wra-OhrY4Srgpb7C9I5W-6s-bXU2pF7uux7ayxVBA_CrxYb1-3oVUeLktv1iF9WOrXa0Ra390tkslTs4fdvHIDytfbkad_9vRo2pqqnFLkO5zGnv82I3EmbRGW-HknsTnHP9L6ZzIHF3uulj6ujlI5ZDaYfhDUbkdrzlzU6umHOxU7nf3uun6B4_lZoLvYZKlonSb1Qb31vd73BdNok9OwYDTudzS3yfO6LLqVkNlxfen859sd3f6-2V1W72b_6xbMX_55u2fH65XN3X47vaqPXt__fIsCte480t7t21_Wb0Ywk9X4y9F_WFwt-_pvhtDcc5AAL2p5ErJIYdduyHJuu-33clitpg9lvwRx7WRsR3zn6XmY71pfOoWs4w6xhSY9kZImlNtGU-OdjM4ZZUSYxgKxEAxwRYz-uxpid5FSfNoQ2TKD4MuAykF6u1D_aRoC-bhjYdpWS3jBJe7jsHSqOVNMmoCcvm5O5f7qkgs2PKhiyfEd0LfdQeacyfJ1Wo3Qn0d367dq4vyor7Gd-HVj_Eszq_nJI9k2VTYxv37PG1-XO2HdNs2Pc38ZNdNh70RfdePs3b_L385i9w HTTP 307
    https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&adnxs_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e%26adnxs_id%3D%24UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&adnxs_id=6692378238796471288
Request Chain 52
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=463bfde4-afaa-4cc3-8f25-f365a91d4f71&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
Request Chain 53
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=871F6BF8-F67C-41F1-A361-6DFE4E1A0BEA&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
Request Chain 54
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&google_gid=CAESEAkuwfNzEx-gMleX2IfIByI&google_cver=1&google_ula=450542624,0
Request Chain 55
  • https://ids.ad.gt/api/v1/g_hosted?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZTVmYmIwNzktNTBiZi00YWI5LTk0YTgtNDgyOTFhNmQ1Zjdl
Request Chain 57
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e%26unruly_id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e%26unruly_id%3D%5BRX_UUID%5D&cb=1644270097101 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1aa0e823-cb3b-4b3d-ade3-3f5bfd17bb19-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e%26unruly_id%3DRX-1aa0e823-cb3b-4b3d-ade3-3f5bfd17bb19-005 HTTP 302
  • https://ids.ad.gt/api/v1/unruly?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&unruly_id=RX-1aa0e823-cb3b-4b3d-ade3-3f5bfd17bb19-005
Request Chain 58
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e HTTP 302
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=d7b46201-9211-4e00-af07-99376a776f10&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
Request Chain 61
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1207732&time=1644270096989&url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1207732&time=1644270096989&url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1207732%26time%3D1644270096989%26url%3Dhttps%253A%252F%252Femroosh.wetransfer.com%252Fdownloads%252Ffe6ccdb06a73402f6802d99cb195855320220201015030%252F60c64ea9c47618bc05a021f4b020be4720220201015030%252Fd50fef%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1207732&time=1644270096989&url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&cookiesTest=true&liSync=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d16f532-3199-4dee-9fe5-f201c0fc99e9 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d16f532-3199-4dee-9fe5-f201c0fc99e9&_expected_cookie=a5a10b3b554ef5e3c630472e7629c8cf
Request Chain 72
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=6df5b315-a6b6-4004-aa6e-fef2a7cd0cd9&id=0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e

102 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request d50fef
emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/
Redirect Chain
  • https://protect-us.mimecast.com/s/ayfsCZ6RRAI7YyvXTzJPBb?domain=emroosh.wetransfer.com
  • https://protect-us.mimecast.com/redirect/eNqtldtu20YQQH_F4GstaWfvaxRFBKNp49ZOazdA0qoQ9jIrMRFJmaQcu4H_vUPKbmLF6FNeBO3O_ezM8FPRxm1fnBRdVfZxjZvNi43vbnDluxpvfPLTVXNTHBebJhYn7LhoMWK57fuywuIEtBTaglaCsUFG...
  • https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.171.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-171-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c5fc56d942050166a38594c1c7eaf215aedc85da79f83616e7db3e3d9bf54da6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 07 Feb 2022 21:41:36 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
content-encoding
gzip
etag
W/"4948c0d5275e1db51250ecef54b5e133"
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-opaque
e4171d388db276b9fd36a2f195eeb49ab453f1ff-4wbpx-16646
x-permitted-cross-domain-policies
none
x-request-id
b76cf2218776c87b02173028b6c429b6
x-runtime
0.192510
x-xss-protection
1; mode=block
strict-transport-security
max-age=15552000; includeSubDomains;

Redirect headers

Date
Mon, 07 Feb 2022 21:41:35 GMT
Content-Length
0
Connection
keep-alive
Location
https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-control
no-store
Pragma
no-cache
runtime~application-b4a42db3da6d9753b467.es6.js
prod-cdn.wetransfer.net/packs/esm/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/runtime~application-b4a42db3da6d9753b467.es6.js
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29ca5d3ea43dc8a9f8f0cd6f90905e1dc08b8ffcb5463760cf3bb9632dd32624

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 13:14:21 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:58:59 GMT
server
AmazonS3
age
462436
etag
W/"4ffe9d43adfaf61fbb95379327c9fe56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
9Hps6OrqSpsA5XFjFx8egv7uJz6PbyWZcAVmwaWi6oqvmoyEkKiGLQ==
application-9530e48f2aa83953a8d7.es6.js
prod-cdn.wetransfer.net/packs/esm/ 		912 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/application-9530e48f2aa83953a8d7.es6.js
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26c0e8641bb1718365b21f5093b5fb40feebdecb7a114ef4e0d69bc673177d91

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 13:14:21 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:58:58 GMT
server
AmazonS3
age
462436
etag
W/"6e2dd5aaf6edeff4d3ab96d3e396c5c5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
vgHjRlMwquOV9RBDOYdOdP4yVWo0OjSz0CH2610pNhy1FvR1UzZkhw==
vendor-0d04b632e1e6b0180048.es6.js
prod-cdn.wetransfer.net/packs/esm/ 		2 MB
617 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8312fa58b4e6b3e7f72d2ae610fdc6a6486d1278a873a6829896273ed1affb83

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 13:14:21 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:58:59 GMT
server
AmazonS3
age
462436
etag
W/"d0aa03a334874aec2954fa771ec574b5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
uddUtmz8zqxD1IgVjNyL0vSs9p6PhE8TJOwQmtbYk0SMVBFh1Wrfmg==
ActiefGrotesque_W_Regular-1f437876.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6

Request headers

Referer
https://emroosh.wetransfer.com/
Origin
https://emroosh.wetransfer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-length
31120
last-modified
Mon, 07 Feb 2022 18:11:22 GMT
server
AmazonS3
etag
"57cbbfdafc43e0deecc75a309dd042c6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://emroosh.wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
lgQu7PU3fjWIKvWl4sS9bER-S6k-aGybODTKKdfr29w83L5Ct54xsQ==
ActiefGrotesque_W_Medium-293e86f0.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555

Request headers

Referer
https://emroosh.wetransfer.com/
Origin
https://emroosh.wetransfer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-length
32124
last-modified
Mon, 07 Feb 2022 18:11:22 GMT
server
AmazonS3
etag
"868aedeefe7669e8a4f7196f7df5d058"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://emroosh.wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
FAy7aCUCJFtOKw3-6DaLIWVH3Y6cYah1Jq1mFLa00Y2FqBs1Vl7z8Q==
GT-Super-WT-Super-1b214df1.woff
prod-cdn.wetransfer.net/packs/media/gt-super-wt/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73

Request headers

Referer
https://emroosh.wetransfer.com/
Origin
https://emroosh.wetransfer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-length
43188
last-modified
Mon, 07 Feb 2022 18:11:23 GMT
server
AmazonS3
etag
"55576599a2d772f9297c5036d355b1fb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://emroosh.wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
yrFVOFQ2rPnW5ZwOrULBATxPWNKCgFnTWhJK5juEJsW4wQh-SEijJA==
application-315f4ffd.chunk.css
prod-cdn.wetransfer.net/packs/css/ 		408 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/css/application-315f4ffd.chunk.css
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2095684f7b41ed927c98aa36b35266f50706616fff12b294777a4b5d6e384d1c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:13:44 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 17:59:11 GMT
server
AmazonS3
age
480473
etag
W/"2452518f60218f82ce687e441f3e10e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
q2TVxZ00qFNlOLmzv8j0NYVrV3nFAoY5dpEO_19q_Z7tngWfHN5NCQ==
en-d2ebd3eb688d39c39692.es6.js
prod-cdn.wetransfer.net/packs/esm/runtime~locale/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/runtime~locale/en-d2ebd3eb688d39c39692.es6.js
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
583581f38bbf7762d091906294d9f7604d39cac488a1ed1204f371534dd92daa

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 12:01:59 GMT
content-encoding
gzip
last-modified
Wed, 12 Jan 2022 11:24:37 GMT
server
AmazonS3
age
2281178
etag
W/"b1ec537f8138337d7b182832a0237542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
ZRORXemXFb_-SbHXStkSuCGXNNUi-nB56mHb7JFrLnMy0Bkfp4uUwQ==
en-2f5e912b6d38299491b6.es6.js
prod-cdn.wetransfer.net/packs/esm/locale/ 		164 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/locale/en-2f5e912b6d38299491b6.es6.js
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01b8e009f02113cbdbf0ad9070228586f7cbd064c3213c8377ede2715eb487fa

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 16:23:29 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 15:59:51 GMT
server
AmazonS3
age
537488
etag
W/"1b0cb3ef8afe3655e52097b8ad6833ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
cftCOB2by0CcbDlrqOmI9dzWnPP6JHfgcqVqU54RhfC0_yQraVhvPA==
sp.js
d19ptbnuzhibkh.cloudfront.net/2.10.2/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.66.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-179.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 May 2021 07:07:24 GMT
content-encoding
gzip
last-modified
Tue, 30 Apr 2019 15:14:08 GMT
server
AmazonS3
age
23121253
etag
"c7b65b3f4e8761897af9a3ca5d76682e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C1
accept-ranges
bytes
content-length
29895
x-amz-cf-id
OQRCAKw6qJKlWjecmmQDX0IBVGX5-sY-Ps_tYso-RNct4J5XMRHEGg==
gtm.js
www.googletagmanager.com/ 		179 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
25fdc4dad37f03d81ab5d19cbee1e237a6cb0d2bde48b6847d0330c198fc22fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54464
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Feb 2022 21:41:36 GMT
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-launchdarkly-user-agent
Origin
https://emroosh.wetransfer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
allow
GET, OPTIONS, HEAD
content-encoding
gzip
ld-region
us-east-1
strict-transport-security
max-age=31536000
accept-ranges
bytes
date
Mon, 07 Feb 2022 21:41:36 GMT
via
1.1 varnish
x-served-by
cache-lga21983-LGA
x-cache
HIT
x-cache-hits
53
x-timer
S1644270096.347998,VS0,VE0
vary
Accept-Encoding
age
0
content-length
23
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ 		2 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.9.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
access-control-max-age
300
date
Mon, 07 Feb 2022 21:41:36 GMT
content-length
26
x-served-by
cache-lga21983-LGA
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1644270096.351326,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
5
68-5e5d03aa3859fd845df7.es6.js
prod-cdn.wetransfer.net/packs/esm/ 		271 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/68-5e5d03aa3859fd845df7.es6.js
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/runtime~application-b4a42db3da6d9753b467.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6dd399ec517214f0630b4d45639554bd57673915dff7ac35fd60306435967b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 16:23:28 GMT
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
last-modified
Tue, 01 Feb 2022 15:59:50 GMT
server
AmazonS3
age
537489
etag
"641d702b6c3db067bf0c76af64604745"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
271
x-amz-cf-id
Wr8MkiXJaOv_Vj0p8ZcGqeOkwrNnmT56aMTxtSaj-s6jcbmG-B9KcQ==
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/application-9530e48f2aa83953a8d7.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AC4186669BEB43BDB9C67BCADD32F792 Ref B: EWR311000101053 Ref C: 2022-02-07T21:41:36Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/application-9530e48f2aa83953a8d7.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.3.29 Seattle, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sea1.fbcdn.net
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
4GE2wI+n7cFyUKGsSpp1yXY3gRssSgWZl+pbrQ+LUC0SluR4vW79LPjYcw92QgpgP+yy06oBiZZGUsQqFgW+Sg==
x-fb-trip-id
1425083115
x-frame-options
DENY
date
Mon, 07 Feb 2022 21:41:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
FreightSans-Pro-Medium-1243d73c.woff
prod-cdn.wetransfer.net/packs/media/freightsans/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/freightsans/FreightSans-Pro-Medium-1243d73c.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-315f4ffd.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad

Request headers

Referer
https://prod-cdn.wetransfer.net/packs/css/application-315f4ffd.chunk.css
Origin
https://emroosh.wetransfer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-length
55500
last-modified
Mon, 07 Feb 2022 18:11:22 GMT
server
AmazonS3
etag
"ad8147768c14e6e7ecc52ab7550f74d1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://emroosh.wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
2cGDFZN9NboWtOJ578OklHSCco2WATjgxE4aAjwO-0TsLFsLCWE99A==
FreightSans-Pro-Semibold-b548f89b.woff
prod-cdn.wetransfer.net/packs/media/freightsans/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/freightsans/FreightSans-Pro-Semibold-b548f89b.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-315f4ffd.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781

Request headers

Referer
https://prod-cdn.wetransfer.net/packs/css/application-315f4ffd.chunk.css
Origin
https://emroosh.wetransfer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-length
59464
last-modified
Mon, 07 Feb 2022 18:11:22 GMT
server
AmazonS3
etag
"10e5a40bf97498cd39965488ce760603"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://emroosh.wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
qyGXvvXzjLknRvQQIhzyoLOYuB8_RS4sIBTBjDWMv3upSQjQVYVvew==
GT-Super-WT-Regular-4aad923e.woff
prod-cdn.wetransfer.net/packs/media/gt-super-wt/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Regular-4aad923e.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-315f4ffd.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f95dc7465b90788f8d5cb452b298bb4e6639cec58821888da9be25f353035a8c

Request headers

Referer
https://prod-cdn.wetransfer.net/packs/css/application-315f4ffd.chunk.css
Origin
https://emroosh.wetransfer.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-length
43796
last-modified
Mon, 07 Feb 2022 18:11:23 GMT
server
AmazonS3
etag
"5321545e6fd1cec2eb1ee4b745f450a1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://emroosh.wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
c6H2TfPMUHrZiNHJOgEzFocvdsRGjyljQle9s3Fn0rIxucdWL6e9xg==
profitwell.js
public.profitwell.com/js/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-91.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cfc42e10ab9d5f58aa89c7483b9839090bf8cd04ba9fb0d8d525a11e17ac55e3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 15:29:30 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
etag
W/"91484599154bb461309078fd68d50e16"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
4YeK8WmtKeCIYm.JbzlWoez0jdlXWFV8
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
content-type
application/x-javascript
x-amz-cf-id
3R7_6998d5jV92iBxIl8rj9q-E2e0pvmVwi-iPdSI25hS3THqAvU6Q==
wallpapers
emroosh.wetransfer.com/api/v4/channels/emroosh/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://emroosh.wetransfer.com/api/v4/channels/emroosh/wallpapers
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.171.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-171-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ffcfff47eb92e01912bad56ba6913273acce83350b7b62b11cfa3e80d2992f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Frame-Options deny

Request headers

Accept
application/json, text/plain, */*
Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime
0.018149
date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
x-frame-options
deny
etag
W/"906e843f362dae1d7ed97f376761add3"
vary
Accept-Encoding, Origin
content-type
application/json
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15552000; includeSubDomains;
x-opaque
e4171d388db276b9fd36a2f195eeb49ab453f1ff-96ctw-16165
content-length
1312
x-request-id
9272182d495ac43d9e7b82535e049798
graphql
emroosh.wetransfer.com/api/ 		432 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://emroosh.wetransfer.com/api/graphql
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.171.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-171-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4ed5ebb9cb33f3a544bfe89175bf8a26cc332dfec58641916e031596b04db820
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json

Response headers

date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-origin
https://emroosh.wetransfer.com
access-control-max-age
60
strict-transport-security
max-age=15552000; includeSubDomains;
x-opaque
e4171d388db276b9fd36a2f195eeb49ab453f1ff-9z2ks-16427
content-length
298
x-xss-protection
1; mode=block
x-request-id
9a55f3af7c2860e094d52528ab36b337
x-runtime
0.014213
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"4f082493e3f1db8786d348cad9aa2b93"
x-download-options
noopen
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
cache-control
no-cache, no-store
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
788d8f059102a07fd4202528e8debfab55072c0123aa1bae786dcc97b0f12aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14855
x-xss-protection
0
server
cafe
etag
18191735146963884293
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 21:41:36 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 01:07:27 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100068-IAD
gtm.js
www.googletagmanager.com/ 		264 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b9930b5809f98a43f9bebf205ab5800594b4ef27fc7bff6215cb3108ce93133f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79108
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Feb 2022 21:41:36 GMT
367
a.ad.gt/api/v1/u/matches/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&ref=
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.174.3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-174-3.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
fe23002b755a1b04eff899eea5230dcb1ac0144c61f9e88996b1c13fe916f29f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:36 GMT
server
nginx/1.18.0
content-length
3379
content-type
application/javascript
authorize
auth.wetransfer.com/ Frame D443 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.wetransfer.com/authorize?audience=aud%3A%2F%2Ftransfer-api-prod.wetransfer%2F&client_id=dXWFQjiW1jxWCFG0hOVpqrk4h9vGeanc&redirect_uri=https%3A%2F%2Femroosh.wetransfer.com%2Faccount%2Fcallback&scope=openid%20profile%20email&response_type=code&response_mode=web_message&state=aUJpU0llTV9yLTdlTUc2aHRxT2FHMTVwOFRVX182ZWIucy1IUTJvRTI3dQ%3D%3D&nonce=cHBNT35uUEpVcW9RY0N%2BY3BRc0hUWG1OQURGRk93a1VGXzd4MXlkWDdpVw%3D%3D&code_challenge=RZM5PBMrKNdvyrCzL4AlV-9sENe-AW1AEAFGpPBbe8U&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTkuMyJ9
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-86.ewr52.r.cloudfront.net
Software
cloudflare /
Resource Hash
776301a40f62c420a5c6098a6fdb99c7ce0d1543384a318a290e872b2d60db53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/

Response headers

content-type
text/html;charset=UTF-8
date
Mon, 07 Feb 2022 21:41:36 GMT
cf-ray
6d9fc8881ca45a33-IAD
cache-control
no-cache, no-store
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
6d9fc8881ca45a33
ot-tracer-sampled
true
ot-tracer-spanid
1e686c6e5a124232
ot-tracer-traceid
7411e77d5d22582a
pragma
no-cache
x-auth0-requestid
964329c332dd66d876dd
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1644270097
server
cloudflare
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
mh-Uh4quCxfk8jOk-eI99bRxlgEKe15AfOqILqKkVE9Sdg9xcuCdsw==
adsct
analytics.twitter.com/i/ 		31 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz1eu&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=2f544a27-197e-439a-bba8-d0fcb60304c7&tw_document_href=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
6
date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
da905d6c76a688ced9291ac3897e0447
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz1eu&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=2f544a27-197e-439a-bba8-d0fcb60304c7&tw_document_href=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
6
date
Mon, 07 Feb 2022 21:41:36 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
0683c03a469daf46f95741ad63639958d5f7682d0ced908f4188df7361448d76
content-length
43
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3637
date
Mon, 07 Feb 2022 20:40:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 07 Feb 2022 22:40:59 GMT
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 03 Nov 2021 15:08:58 GMT
server
snooserv
etag
"3fbf36d562f1d2a543a89683060265ed"
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-encoding
gzip
content-length
7632
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.60.96.162 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-60-96-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 21:41:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=24635
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
sdk.js
analytics.tiktok.com/i18n/pixel/ 		120 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7Q0FGM0MJON0LQMNGJG
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.149.162 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-149-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5ef50fdb3e0d911aacf496d7a16119aa87c72ac224b9ba6e6ada18120e73e76c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202202072141360101130062210F062FCE
vary
Accept-Encoding
x-cache
TCP_MISS from a184-51-149-158.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,184.51.149.158
x-tt-trace-host
016a8fe50383180a06417a9628d26f5546958868772376536212ae55917ed6bdda616969872246608c3300c2d6a6575827cac9cbf1c75f4d0b1778b03c9d5e8583f7c7a3fc126405683661f6f7405888703cc4995714c837508ea14067c8798395
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=11
x-akamai-request-id
a5844dc7
expires
Mon, 07 Feb 2022 21:41:36 GMT
ld.js
dynamic.criteo.com/js/ld/ 		522 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=89395
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.142 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b0d4d384778decc01315f565329ca3eb074aa9b09cb907b801e3ec5ca589e30e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
oct.js
static.ads-twitter.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 01:07:27 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100068-IAD
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/778938880/?random=1644270096664&cv=9&fst=1644270096664&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&ig=1&frm=0&url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
3201b8df1bea2184e53639e714afd6b499cb43303225cfd1122a25a0a9a0277a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1102
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7Q0FGM0MJON0LQMNGJG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.149.162 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-149-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202202072141360101130062210F062FD3
vary
Accept-Encoding
x-cache
TCP_MISS from a184-51-149-158.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,184.51.149.158
x-tt-trace-host
016a8fe50383180a06417a9628d26f5546958868772376536212ae55917ed6bdda616969872246608c3300c2d6a6575827cac9cbf1c75f4d0b1778b03c9d5e85832cb5b5a5c860fdd0635e033a38bdae99a3a585a7c3b91b8f2dbc1cd954760e9b
server-timing
inner; dur=1, cdn-cache; desc=MISS, edge; dur=0, origin; dur=12
x-akamai-request-id
a5844e0b
expires
Mon, 07 Feb 2022 21:41:36 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		712 B
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C7Q0FGM0MJON0LQMNGJG&hostname=emroosh.wetransfer.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7Q0FGM0MJON0LQMNGJG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.149.162 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-149-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4f3cead82a2256c5172bbff6054e465cb2df8a32f3012931ee463e60401bd761

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
a5844e47
date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-51-149-158.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=13
content-length
320
pragma
no-cache
server
nginx
x-tt-logid
202202072141360101130062210F062FD8
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,184.51.149.158
x-tt-trace-host
016a8fe50383180a06417a9628d26f5546958868772376536212ae55917ed6bdda616969872246608c3300c2d6a6575827cac9cbf1c75f4d0b1778b03c9d5e8583ff0eb5d18fa6c8860f058272630c44f635b626b1d42e10cdb97dc69d0c94a691
expires
Mon, 07 Feb 2022 21:41:36 GMT
17116643.js
bat.bing.com/p/action/ 		0
112 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17116643.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 21:41:36 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 36D00FD1776E436FB0E90031F83759E4 Ref B: EWR311000101053 Ref C: 2022-02-07T21:41:36Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17116643&Ver=2&mid=412bb346-245a-4148-b191-7e8066142c8d&sid=b9d1a610885e11ec9677d7bbc90694f3&vid=b9d1cc40885e11eca725f57ac8b68de8&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&p=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&r=&lt=3890&evt=pageLoad&msclkid=N&sv=1&rn=790352
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F16DD85A84CA45F28992F767C31D5A24 Ref B: EWR311000101053 Ref C: 2022-02-07T21:41:36Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
56335302.js
bat.bing.com/p/action/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56335302.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 21:41:36 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 589728871A374C61B99972D5E595ECE0 Ref B: EWR311000101053 Ref C: 2022-02-07T21:41:36Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56335302&Ver=2&mid=1d947308-f501-4efc-942f-0bfe2b81654c&sid=b9d1a610885e11ec9677d7bbc90694f3&vid=b9d1cc40885e11eca725f57ac8b68de8&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&p=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&r=&lt=3890&evt=pageLoad&msclkid=N&sv=1&rn=826851
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 651824A3E88A43C188EE63EDFBC70F6B Ref B: EWR311000101053 Ref C: 2022-02-07T21:41:36Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
570 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7Q0FGM0MJON0LQMNGJG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.149.162 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-149-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202202072141360101130062210F062FDE
x-cache
TCP_MISS from a184-51-149-158.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,184.51.149.158
x-tt-trace-host
016a8fe50383180a06417a9628d26f5546958868772376536212ae55917ed6bdda616969872246608c3300c2d6a6575827cac9cbf1c75f4d0b1778b03c9d5e8583f024b1916f633e491857d40f635b21350ad2f085690f239f31d511e6a61f95d9
server-timing
inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=17
x-akamai-request-id
a5844e83
content-length
0
expires
Mon, 07 Feb 2022 21:41:36 GMT
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.37.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-37-115.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.7 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://emroosh.wetransfer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
content-length
0
access-control-allow-origin
https://emroosh.wetransfer.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
server
akka-http/10.2.7
tiers
emroosh.wetransfer.com/api/v4/nu_subscriptions/ 		5 KB
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://emroosh.wetransfer.com/api/v4/nu_subscriptions/tiers?country_code=US&planTier=plus
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.171.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-171-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
385a74e47e6e4b14b5383cf291ea1523e9be64587c225f0c11fcd8167b5557f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Frame-Options deny

Request headers

Accept
application/json, text/plain, */*
Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime
0.026983
date
Mon, 07 Feb 2022 21:41:36 GMT
content-encoding
gzip
x-frame-options
deny
etag
W/"e31d3d2113960e3199e02f4655dd94cc"
vary
Accept-Encoding, Origin
content-type
application/json
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15552000; includeSubDomains;
x-opaque
e4171d388db276b9fd36a2f195eeb49ab453f1ff-q9fxj-16427
content-length
492
x-request-id
423865e5bd405705a80a414247fc18cf
wallpaper-f132943f.chunk.css
prod-cdn.wetransfer.net/packs/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/css/wallpaper-f132943f.chunk.css
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/runtime~application-b4a42db3da6d9753b467.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b24551f3c041157a88f5e489c4c144bb4341215aa0e09a42f78803ad3e491e9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 12:37:57 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 12:31:49 GMT
server
AmazonS3
age
1760619
etag
W/"22c80ac282130cab50ecd48d6aff7799"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
mbKWRsCcNMyXW8aChr0pe91bh599nNm8w41dlT80am0sw2DATQdINA==
wallpaper-acdd753f9a06bdddaa17.es6.js
prod-cdn.wetransfer.net/packs/esm/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/wallpaper-acdd753f9a06bdddaa17.es6.js
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/runtime~application-b4a42db3da6d9753b467.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb65ca0d4c11a085dc928bcdded223e6fa712f4bdfff319114992312623a2812

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 16:23:29 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 15:59:51 GMT
server
AmazonS3
age
537488
etag
W/"9c91fb31c05aaa2d8124fbb3b5bda1a0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
tmUxDdl2_YL7_tTi9yoZjRTjdZo2d2GsoWKRcWTacqbyGdJIbX8o2w==
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 		2 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.37.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-37-115.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.7 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://emroosh.wetransfer.com
date
Mon, 07 Feb 2022 21:41:37 GMT
access-control-allow-credentials
true
server
akka-http/10.2.7
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
content-type
text/plain; charset=UTF-8
prepare-download
emroosh.wetransfer.com/api/v4/transfers/fe6ccdb06a73402f6802d99cb195855320220201015030/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://emroosh.wetransfer.com/api/v4/transfers/fe6ccdb06a73402f6802d99cb195855320220201015030/prepare-download
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.171.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-171-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ed7dafc848ab23d029a3e4ad9b821ebe36e6805ee62a88c7c703be5add389242
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Frame-Options deny

Request headers

Accept
application/json, text/plain, */*
Referer
https://emroosh.wetransfer.com/
X-CSRF-Token
YLHD9dM5JNKYA9YcSmbxqLV6RUB4CUB/Ovm49JekDnLvl9ys5zDM8ynuQKwXYZL8IbT+pXkng97EgSXi9sz4kA==
X-Requested-With
XMLHttpRequest
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
strict-transport-security
max-age=15552000; includeSubDomains;
x-opaque
e4171d388db276b9fd36a2f195eeb49ab453f1ff-mlnld-15964
content-length
553
x-request-id
70a8d4f349a515f54d1347bf7a9d2ba3
x-runtime
0.162237
x-frame-options
deny
etag
W/"311174e591828ee64f88b782a7425c0c"
access-control-max-age
60
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://emroosh.wetransfer.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
haloid
aufp.io/api/v1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aufp.io/api/v1/haloid
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.43.158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-43-158.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 00:28:16 GMT
server
nginx/1.18.0
etag
W/"1643761696.0-6132-2958560116"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*, *
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
origin-trial
A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Tue, 08 Feb 2022 09:41:37 GMT
367
p.ad.gt/api/v1/p/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/367
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/367?url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.209.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-209-136.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
baa4bcc273d10ffc0ab585ec5c3cb3e03f701a057a6e0a54e2df9f2513e13058

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&adnxs_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e%26adnxs_id%3D%24UID
  • https://ids.ad.gt/api/v1/match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&adnxs_id=6692378238796471288
43 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&adnxs_id=6692378238796471288
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Server
52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Tue, 08 Feb 2022 09:41:37 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 21:41:36 GMT
X-Proxy-Origin
5.181.234.157; 5.181.234.157; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
f9718966-01e8-4773-b613-8febd9aa063b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&adnxs_id=6692378238796471288
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
  • https://ids.ad.gt/api/v1/t_match?tdid=463bfde4-afaa-4cc3-8f25-f365a91d4f71&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
43 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=463bfde4-afaa-4cc3-8f25-f365a91d4f71&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Server
52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Tue, 08 Feb 2022 09:41:37 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:36 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=463bfde4-afaa-4cc3-8f25-f365a91d4f71&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e
  • https://ids.ad.gt/api/v1/pbm_match?pbm=871F6BF8-F67C-41F1-A361-6DFE4E1A0BEA&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=871F6BF8-F67C-41F1-A361-6DFE4E1A0BEA&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Server
52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Tue, 08 Feb 2022 09:41:37 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=871F6BF8-F67C-41F1-A361-6DFE4E1A0BEA&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
date
Mon, 07 Feb 2022 21:41:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&google_gid=CAESEAkuwfNzEx-gMleX2IfIByI&google_cver=1&google_ula=450542624,0
43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&google_gid=CAESEAkuwfNzEx-gMleX2IfIByI&google_cver=1&google_ula=450542624,0
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Server
52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Tue, 08 Feb 2022 09:41:37 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&google_gid=CAESEAkuwfNzEx-gMleX2IfIByI&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZTVmYmIwNzktNTBiZi00YWI5LTk0YTgtNDgyOTFhNmQ1Zjdl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZTVmYmIwNzktNTBiZi00YWI5LTk0YTgtNDgyOTFhNmQ1Zjdl
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H3
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZTVmYmIwNzktNTBiZi00YWI5LTk0YTgtNDgyOTFhNmQ1Zjdl
date
Mon, 07 Feb 2022 21:41:37 GMT
server
nginx/1.18.0
content-length
473
content-type
text/html; charset=utf-8
cm
trc.taboola.com/sg/audigent/1/ 		43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
19
pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
via
1.1 varnish
server
nginx
x-timer
S1644270097.328473,VS0,VE19
x-served-by
cache-lga21936-LGA
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
unruly
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e%26unruly_id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e%26unruly_id%3D%5BRX_UUID%5D&cb=1644270097101
  • https://sync.targeting.unrulymedia.com/csync/RX-1aa0e823-cb3b-4b3d-ade3-3f5bfd17bb19-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e%26unruly_id%3D...
  • https://ids.ad.gt/api/v1/unruly?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&unruly_id=RX-1aa0e823-cb3b-4b3d-ade3-3f5bfd17bb19-005
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/unruly?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&unruly_id=RX-1aa0e823-cb3b-4b3d-ade3-3f5bfd17bb19-005
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Server
52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Tue, 08 Feb 2022 09:41:37 GMT

Redirect headers

Date
Mon, 07 Feb 2022 21:41:37 GMT
Server
Tengine
ETag
RX1aa0e823cb3b4b3dade33f5bfd17bb19005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ids.ad.gt/api/v1/unruly?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&unruly_id=RX-1aa0e823-cb3b-4b3d-ade3-3f5bfd17bb19-005
Connection
keep-alive
Content-Type
text/html
mediamath_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3De5fbb079-50bf-4ab9-94a8-48291a6d5f7e
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=d7b46201-9211-4e00-af07-99376a776f10&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/mediamath_match?user_id=d7b46201-9211-4e00-af07-99376a776f10&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Server
52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Tue, 08 Feb 2022 09:41:37 GMT

Redirect headers

Date
Mon, 07 Feb 2022 21:41:37 GMT
Server
MT3 4133 baa842e master iad-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/mediamath_match?user_id=d7b46201-9211-4e00-af07-99376a776f10&id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 07 Feb 2022 21:41:36 GMT
1904796869803472
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1904796869803472?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.3.29 Seattle, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sea1.fbcdn.net
Software
/
Resource Hash
4ab261af4a377982b4a3f38370412bc4cbf268577817857a44c7d7034204f4fc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89282
x-xss-protection
0
pragma
public
x-fb-debug
xJybwQkJVE/FpTr5IBmn6EkNnVEilCXm53fabvWmRNm+gXFib8oh95nOOnIB+6WO7yZEO3egQ88hO6amYx5J4A==
x-fb-trip-id
1425083115
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 07 Feb 2022 21:41:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
c68a6d2c-01c4-462b-86a1-2cc2406373e1-202111190659.jpg
previews-te.wetransfer.net/file/wetransfer/j1oa/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://previews-te.wetransfer.net/file/wetransfer/j1oa/c68a6d2c-01c4-462b-86a1-2cc2406373e1-202111190659.jpg?height=1050&source=frontend-assets-wallpaper&width=1680&s=198d7785002bfeedbbe9d871a8f4d64a07eccb6d&Expires=1668862106&Signature=XcwuUFBIRbbnFu1dC2BqS6ZbSFIUeLDEoks-BdzSsBqS0CLYb2fV3jlxvsJvZcoNdvYyDi6FA~TawcT5Cy7iOLW92tkc9qbKbx6gj8UKMpGBJI41qQDIrQxmQIiex3S4sqOhUg~JY7cBFE~lyqARFm1Tcad3lwcb44WAlNatGQb4dPFw75cQgnGpjSOT75~I1poLm1AmitedvACFo1Vm-IqgF~BtrKsQx9TD~5i5Ke~6v2U~EigfrKO01tYy8UwAdiTZmFkDNaVa4ZEQQ7QbiHEud~01-78JR5R4U0-3cBqJVtp7BDjZ0txu4g9Jrsx7m-EJ8Mgiwvc9OfCPQyQOQw__&Key-Pair-Id=APKAIRLQFERKGUWFG7GQ
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-87.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
82d4f2f8abbcff924bf0bd9bd52348be965f0bb1e1b675e288f868d6f28a042f
Security Headers
Name Value
Strict-Transport-Security max-age=15552001

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

transloadit-requestid
yu98dJc4efJQiqjzILReiYMys5byogsTEzMVVRREpo1qEjOCJI4tDQ==
date
Mon, 07 Feb 2022 21:41:37 GMT
via
1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
server
nginx
transloadit-assembly
ee7aa7cecd8b4822ad2b7ddb64b57410
x-amz-cf-pop
EWR52-C4
strict-transport-security
max-age=15552001
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/jpeg; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=259200, s-max-age=86400
x-cache
Miss from cloudfront
access-control-allow-headers
X-Requested-With, Content-Type, Cache-Control, Accept, Content-Length, Transloadit-Client, Authorization
x-amz-cf-id
yu98dJc4efJQiqjzILReiYMys5byogsTEzMVVRREpo1qEjOCJI4tDQ==
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1207732&time=1644270096989&url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618b...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1207732&time=1644270096989&url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618b...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1207732%26time%3D1644270096989%26url%3Dhttps%253A%252F%252Femroosh.wetransfer.com...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1207732&time=1644270096989&url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618b...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d16f532-3199-4dee-9fe5-f201c0fc99e9
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d16f532-3199-4dee-9fe5-f201c0fc99e9&_expected_cookie=a5a10b3b554ef5e3c630472e...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d16f532-3199-4dee-9fe5-f201c0fc99e9&_expected_cookie=a5a10b3b554ef5e3c630472e7629c8cf
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d9fc88edd598c39-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d16f532-3199-4dee-9fe5-f201c0fc99e9&_expected_cookie=a5a10b3b554ef5e3c630472e7629c8cf
date
Mon, 07 Feb 2022 21:41:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6d9fc88e7c4a8c39-EWR
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
collect
www.google-analytics.com/j/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=457210802&t=pageview&_s=1&dl=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&dr=&ul=en-us&de=UTF-8&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=103810395&gjid=1924386271&cid=1985635894.1644270097&tid=UA-11792855-4&_gid=878641955.1644270097&_r=1&gtm=2wg220K878LCS&cd8=wetransfer&cd14=emroosh.wetransfer.com&cd15=1644270096368&cd20=GTM-K878LCS%20%7C%20Version%20100%20%7C%20%20Environment%20%20%7C%20Debug%20false&cd21=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&cd33=0&cd34=undefined&cd35=undefined&cd36=undefined&cd37=undefined&cd38=undefined&cd40=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cd41=1&cd42=24&cd43=&cd197=7999aea5-ee7f-4b10-8441-5e6191506f0d.1644270095.0.1644270095&cd198=7999aea5-ee7f-4b10-8441-5e6191506f0d.1644270095.0.1644270095&cd199=7999aea5-ee7f-4b10-8441-5e6191506f0d.1644270095.0.1644270095&z=1723464186
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://emroosh.wetransfer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11792855-4&cid=1985635894.1644270097&jid=103810395&gjid=1924386271&_gid=878641955.1644270097&_u=YEBAAUAAAAAAAC~&z=1726846500
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 07 Feb 2022 21:41:37 GMT
content-type
text/plain
access-control-allow-origin
https://emroosh.wetransfer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
rp.gif
alb.reddit.com/ 		42 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1644270097053&id=t2_fdqrj&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=1056f3c5-258e-4ddc-90c2-f7b9e5a50f1d&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
via
1.1 varnish
server
Varnish
accept-ranges
bytes
content-length
42
retry-after
0
content-type
image/gif
/
www.google.com/pagead/1p-user-list/778938880/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/778938880/?random=1644270096664&cv=9&fst=1644267600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&frm=0&url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=463524168&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1904796869803472&ev=PageView&dl=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&rl=&if=false&ts=1644270097112&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644270097110.1096718213&it=1644270096943&coo=false&exp=p1&rqm=GET
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.3.35 Seattle, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-sea1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 07 Feb 2022 21:41:37 GMT
halo_match
ids.ad.gt/api/v1/ 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&halo_id=0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Tue, 08 Feb 2022 09:41:37 GMT
getpixels
pixels.ad.gt/api/v1/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=2b340eabff938e6eee9115ef98c8f21b&url=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.47.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-47-166.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 21:41:37 GMT
server
nginx/1.18.0
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
1853083501571805
connect.facebook.net/signals/config/ 		309 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1853083501571805?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.3.29 Seattle, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sea1.fbcdn.net
Software
/
Resource Hash
4d868cbe9a56cf8996187133e02d685a0eea3664bc48fad0b063ece84e2f95e0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
90736
x-xss-protection
0
pragma
public
x-fb-debug
hmjAQ0Zhg/1yg7KFrwsHAT7lKEStnjHVRly56hh6mnMWDyTOXUQBMUr4l/lJ3G78nryY3cA/V3vtAiAzQcnf7Q==
x-fb-trip-id
1425083115
x-frame-options
DENY
date
Mon, 07 Feb 2022 21:41:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 20:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 07 Feb 2022 21:51:32 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
1718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 07 Feb 2022 22:12:59 GMT
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm...
  • https://ids.ad.gt/api/v1/openx?openx_id=6df5b315-a6b6-4004-aa6e-fef2a7cd0cd9&id=0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1e...
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=6df5b315-a6b6-4004-aa6e-fef2a7cd0cd9&id=0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Server
52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Tue, 08 Feb 2022 09:41:37 GMT

Redirect headers

date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ids.ad.gt/api/v1/openx?openx_id=6df5b315-a6b6-4004-aa6e-fef2a7cd0cd9&id=0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
ld.js
static.criteo.net/js/ld/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=89395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 12:51:58 GMT
server
nginx
etag
W/"61b8936e-9faf"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Feb 2022 21:41:37 GMT
adsct
analytics.twitter.com/i/ 		31 B
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o7l54&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0941dac6-57a9-4f64-9c59-7068f407d493&tw_document_href=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
7
date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
da905d6c76a688ced9291ac3897e0447
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o7l54&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0941dac6-57a9-4f64-9c59-7068f407d493&tw_document_href=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
6
date
Mon, 07 Feb 2022 21:41:36 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
0683c03a469daf46f95741ad63639958d5f7682d0ced908f4188df7361448d76
content-length
43
adsct
analytics.twitter.com/i/ 		31 B
91 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz1eu&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=d554a2c2-35cf-41be-ae9f-3435cf3da8f7&tw_document_href=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
7
date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
da905d6c76a688ced9291ac3897e0447
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz1eu&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=d554a2c2-35cf-41be-ae9f-3435cf3da8f7&tw_document_href=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
7
date
Mon, 07 Feb 2022 21:41:36 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
0683c03a469daf46f95741ad63639958d5f7682d0ced908f4188df7361448d76
content-length
43
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11792855-4&cid=1985635894.1644270097&jid=103810395&_u=YEBAAUAAAAAAAC~&z=279587082
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.37.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-37-115.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.7 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://emroosh.wetransfer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
content-length
0
access-control-allow-origin
https://emroosh.wetransfer.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
server
akka-http/10.2.7
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 		2 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.37.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-37-115.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.7 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://emroosh.wetransfer.com
date
Mon, 07 Feb 2022 21:41:37 GMT
access-control-allow-credentials
true
server
akka-http/10.2.7
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=457210802&t=pageview&_s=1&dl=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&ul=en-us&de=UTF-8&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIZAAAAAC~&jid=1086772371&gjid=1122858482&cid=1985635894.1644270097&tid=UA-87198801-1&_gid=878641955.1644270097&_r=1&_slc=1&cd1=e5fbb079-50bf-4ab9-94a8-48291a6d5f7e&cd2=none&cd3=367&cd4=emroosh.wetransfer.com&cd5=%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&cd6=Passive%20Tagger&cd7=2b340eabff938e6eee9115ef98c8f21b&z=1009811646
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://emroosh.wetransfer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&rl=&if=false&ts=1644270097688&cd[partner_id]=367&cd[tagger_id]=2b340eabff938e6eee9115ef98c8f21b&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644270097110.1096718213&it=1644270096943&coo=false&tm=1&exp=p1&rqm=GET
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.3.35 Seattle, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-sea1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 07 Feb 2022 21:41:37 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1904796869803472&ev=Microdata&dl=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&rl=&if=false&ts=1644270097689&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free%22%2C%22meta%3Adescription%22%3A%22WeTransfer%20is%20the%20simplest%20way%20to%20send%20your%20files%20around%20the%20world.%20Share%20large%20files%20and%20photos.%20Transfer%20up%20to%202GB%20free.%20File%20sharing%20made%20easy!%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%222%20files%20sent%20via%20WeTransfer%2C%20the%20simplest%20way%20to%20send%20your%20files%20around%20the%20world%22%2C%22og%3Atitle%22%3A%222201_MBK_DAY1_PGM.mp4%20and%201%20more%20file%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fprod-cdn.wetransfer.net%2Fpacks%2Fmedia%2Fimages%2Fwt-facebook-9db47080.png%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644270097110.1096718213&it=1644270096943&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.3.35 Seattle, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-sea1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 07 Feb 2022 21:41:37 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87198801-1&cid=1985635894.1644270097&jid=1086772371&gjid=1122858482&_gid=878641955.1644270097&_u=aGDAAUIZAAAAAC~&z=1180837000
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 07 Feb 2022 21:41:38 GMT
content-type
text/plain
access-control-allow-origin
https://emroosh.wetransfer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 8177 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=emroosh.wetransfer.com&origin=onetag&gdpr=1&gdpr_consent=CPUD7SjPUD7SjPnACAENAxCAAEIAEEJAEAABGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZqAAAAA.JGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZq
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
051668900f3f9c5235992fcebe36b4af3290b7d8cd274ec7b10821dd961c50e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2910
date
Mon, 07 Feb 2022 21:41:38 GMT
content-length
5180
strict-transport-security
max-age=31536000; preload;
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.60.96.162 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-60-96-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 21:41:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=24634
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
sdk.js
analytics.tiktok.com/i18n/pixel/ 		120 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C7Q0FGM0MJON0LQMNGJG
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.149.162 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-149-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5ef50fdb3e0d911aacf496d7a16119aa87c72ac224b9ba6e6ada18120e73e76c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202202072141370101131352271E1BAA5E
vary
Accept-Encoding
x-cache
TCP_MISS from a184-51-149-158.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,184.51.149.158
x-tt-trace-host
016a8fe50383180a06417a9628d26f5546958868772376536212ae55917ed6bdda616969872246608c3300c2d6a65758273d8f0bf310195b19573c027413bfc914423fa3aad696b07546707f7668bc527ecb078d6c7706a1d236ba85277e97b12f
server-timing
inner; dur=1, cdn-cache; desc=MISS, edge; dur=0, origin; dur=9
x-akamai-request-id
a5845722
expires
Mon, 07 Feb 2022 21:41:37 GMT
bat.js
bat.bing.com/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:37 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EE821AFA3F6146B4BD3B5C312339CF82 Ref B: EWR311000101053 Ref C: 2022-02-07T21:41:37Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
ktag.js
resources.xg4ken.com/js/v2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2780-3FE
Requested by
Host: emroosh.wetransfer.com
URL: https://emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030/d50fef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.97.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-97-27.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8ce71286009524bf5abcb4493d1768e626310caa844c2f8807c766d0dc7878bd
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:38 GMT
content-encoding
gzip
last-modified
Thu, 03 Feb 2022 12:32:54 GMT
server
nginx
etag
"61fbcb76-dd7"
content-type
text/plain
cache-control
max-age=86400, public
content-length
3543
x-xss-protection
1; mode=block
expires
Tue, 08 Feb 2022 21:41:38 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=457210802&t=event&ni=0&_s=1&dl=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&dr=&ul=en-us&de=UTF-8&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ccpa_banner&ea=show_banner&_u=aGDAAUIZAAAAAC~&jid=&gjid=&cid=1985635894.1644270097&tid=UA-11792855-4&_gid=878641955.1644270097&gtm=2wg220K878LCS&cd8=wetransfer&cd14=emroosh.wetransfer.com&cd15=1644270096368&cd20=GTM-K878LCS%20%7C%20Version%20100%20%7C%20%20Environment%20%20%7C%20Debug%20false&cd21=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&cd33=0&cd34=undefined&cd35=undefined&cd36=undefined&cd37=undefined&cd38=undefined&cd40=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cd41=1&cd42=24&cd43=&cd197=7999aea5-ee7f-4b10-8441-5e6191506f0d.1644270095.0.1644270095&cd198=7999aea5-ee7f-4b10-8441-5e6191506f0d.1644270095.0.1644270095&cd199=7999aea5-ee7f-4b10-8441-5e6191506f0d.1644270095.0.1644270095&z=49983236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:36:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68710
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=457210802&t=event&ni=0&_s=1&dl=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&dr=&ul=en-us&de=UTF-8&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ccpa_banner&ea=show_banner&_u=aGDAAUIZAAAAAC~&jid=&gjid=&cid=1985635894.1644270097&tid=UA-11792855-4&_gid=878641955.1644270097&gtm=2wg220K878LCS&cd8=wetransfer&cd14=emroosh.wetransfer.com&cd15=1644270096368&cd20=GTM-K878LCS%20%7C%20Version%20100%20%7C%20%20Environment%20%20%7C%20Debug%20false&cd21=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&cd33=0&cd34=undefined&cd35=undefined&cd36=undefined&cd37=undefined&cd38=undefined&cd40=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cd41=1&cd42=24&cd43=&cd197=7999aea5-ee7f-4b10-8441-5e6191506f0d.1644270095.0.1644270095&cd198=7999aea5-ee7f-4b10-8441-5e6191506f0d.1644270095.0.1644270095&cd199=7999aea5-ee7f-4b10-8441-5e6191506f0d.1644270095.0.1644270095&z=38444441
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:36:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68710
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/actionp/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/actionp/0?ti=56335302&Ver=2&mid=1d947308-f501-4efc-942f-0bfe2b81654c&sid=b9d1a610885e11ec9677d7bbc90694f3&vid=b9d1cc40885e11eca725f57ac8b68de8&vids=0&evt=dedup
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2315E39F9B174DFE8FFFF14F6AA27CD4 Ref B: EWR311000101053 Ref C: 2022-02-07T21:41:38Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
56335302.js
bat.bing.com/p/action/ 		0
94 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56335302.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 21:41:37 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DE2CF06228BB4723BBB622D268619791 Ref B: EWR311000101053 Ref C: 2022-02-07T21:41:38Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56335302&Ver=2&mid=85e88cc7-1e26-4d10-9e44-772cdcd7624c&sid=b9d1a610885e11ec9677d7bbc90694f3&vid=b9d1cc40885e11eca725f57ac8b68de8&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&p=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&r=&lt=5633&evt=pageLoad&msclkid=N&sv=1&rn=547967
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B924D905E9194787ADEC0B1448F878C1 Ref B: EWR311000101053 Ref C: 2022-02-07T21:41:38Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/actionp/ 		0
96 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/actionp/0?ti=56335302&Ver=2&mid=85e88cc7-1e26-4d10-9e44-772cdcd7624c&sid=b9d1a610885e11ec9677d7bbc90694f3&vid=b9d1cc40885e11eca725f57ac8b68de8&vids=0&evt=dedup
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emroosh.wetransfer.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2C87E7D03E9846E490AD317AE281E0F6 Ref B: EWR311000101053 Ref C: 2022-02-07T21:41:38Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Femroosh.wetransfer.com%2Fdownloads%2Ffe6ccdb06a73402f6802d99cb195855320220201015030%2F60c64ea9c47618bc05a021f4b020be4720220201015030%2Fd50fef&rl=&if=false&ts=1644270098190&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free%22%2C%22meta%3Adescription%22%3A%22WeTransfer%20is%20the%20simplest%20way%20to%20send%20your%20files%20around%20the%20world.%20Share%20large%20files%20and%20photos.%20Transfer%20up%20to%202GB%20free.%20File%20sharing%20made%20easy!%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%222%20files%20sent%20via%20WeTransfer%2C%20the%20simplest%20way%20to%20send%20your%20files%20around%20the%20world%22%2C%22og%3Atitle%22%3A%222201_MBK_DAY1_PGM.mp4%20and%201%20more%20file%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fprod-cdn.wetransfer.net%2Fpacks%2Fmedia%2Fimages%2Fwt-facebook-9db47080.png%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644270097110.1096718213&it=1644270096943&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.3.35 Seattle, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-sea1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:41:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 07 Feb 2022 21:41:38 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-87198801-1&cid=1985635894.1644270097&jid=1086772371&_u=aGDAAUIZAAAAAC~&z=1292137874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://emroosh.wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 8177 		430 B
533 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=onetag&domain=wetransfer.com&sn=ChromeSyncframe&so=0&topUrl=emroosh.wetransfer.com&cw=1&lsw=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=emroosh.wetransfer.com&origin=onetag&gdpr=1&gdpr_consent=CPUD7SjPUD7SjPnACAENAxCAAEIAEEJAEAABGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZqAAAAA.JGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
582c26fe99acf7b95294d88a3f6af9e7339af0447ac075c4e38e95d018edef29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/syncframe?topUrl=emroosh.wetransfer.com&origin=onetag&gdpr=1&gdpr_consent=CPUD7SjPUD7SjPnACAENAxCAAEIAEEJAEAABGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZqAAAAA.JGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 21:41:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
6381
strict-transport-security
max-age=31536000; preload;
expires
0
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-0d04b632e1e6b0180048.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.74.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-74-161.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://emroosh.wetransfer.com/
X-LaunchDarkly-Event-Schema
3
Accept-Language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.9.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Feb 2022 21:41:39 GMT
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
strict-transport-security
max-age=31536000
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
content-length
0
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.74.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-74-161.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Origin
https://emroosh.wetransfer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 07 Feb 2022 21:41:39 GMT
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| webpackJsonp object| _i18n_ undefined| __session__ object| GlobalSnowplowNamespace function| __snowplow__ object| dataLayer undefined| __trackjs__ object| __recaptcha__ object| recaptchaOptions object| __launch_darkly__ object| __curated_wallpapers__ string| asset_host boolean| modernBrowser undefined| polyfillScript object| __stripe__ boolean| __sus_bot__ object| __auth0_config__ string| accountAppUrl string| portalsUrl string| profitWellPublicAPIToken object| __wallpaper_bundle__ function| applyFocusVisiblePolyfill function| __tcfapi object| pbjs object| _pbjsGlobals object| DD_RUM function| Velocity object| uetq function| fbq function| _fbq function| onRecaptchaLoaded function| onRecaptchaCallback function| profitwell function| setImmediate function| clearImmediate function| _typeof object| Snowplow object| google_tag_manager object| google_tag_data function| twq object| twttr string| GoogleAnalyticsObject function| ga function| rdt string| _linkedin_data_partner_id function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| TiktokAnalyticsObject object| ttq object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| UET function| UET_init function| UET_push object| ueto_b80c6af581 object| ueto_e1eee50b5d object| auvars function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData object| configArgs number| pixelRatio number| width number| height object| screenSize boolean| isBetaAdvertiser object| labels object| au function| docReady object| autag object| Criteo object| criteo_q function| ktag object| ueto_8b37920d4a object| Ktag_Constants object| Ktag_Toggles object| Ktag_Amp_Helpers object| Ktag_Helpers object| Ktag_Functions function| setup

70 Cookies

Domain/Path Name / Value
emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030 Name: __wtcm
Value: CPUD7SjPUD7SjPnACAENAxCAAEIAEEJAEAABGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZqAAAAA.JGawFwABAAKAAYADKAIgAigBMACcAGUANwAfgBMAEIAIsARwApABWQC6gHEAP4AvMBggDJJGUkZq
.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030 Name: wt_privacy
Value: %7B%22v%22%3A%223%3A20190527%22%2C%22f%22%3A1%2C%22a%22%3A1%2C%22t%22%3A1%7D
.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030 Name: wt_first_visit
Value: 1644270096368
.emroosh.wetransfer.com/downloads/fe6ccdb06a73402f6802d99cb195855320220201015030/60c64ea9c47618bc05a021f4b020be4720220201015030 Name: __wtccpa
Value: 1YYY
.wetransfer.com/ Name: _gcl_au
Value: 1.1.1104193490.1644270097
.twitter.com/ Name: personalization_id
Value: "v1_ZywevUBBIX4JqFKEIzJq8Q=="
.bing.com/ Name: MUID
Value: 06F41CC4C52367041F750D80C4446681
.bat.bing.com/ Name: MR
Value: 0
.t.co/ Name: muc_ads
Value: dc3b5497-614c-4b0e-881b-477cafbdfc2d
auth.wetransfer.com/ Name: did
Value: s%3Av0%3Ab9d4b0f0-885e-11ec-b5e1-1b3bbee1d359.jInorkqX5TyKeaXv1xPP5bPRvHXzXMB2ojyPWKfUGqA
auth.wetransfer.com/ Name: did_compat
Value: s%3Av0%3Ab9d4b0f0-885e-11ec-b5e1-1b3bbee1d359.jInorkqX5TyKeaXv1xPP5bPRvHXzXMB2ojyPWKfUGqA
.ad.gt/ Name: au_id
Value: e5fbb079-50bf-4ab9-94a8-48291a6d5f7e
.ad.gt/ Name: au_idmatch
Value: {"apn": "2022-02-07", "ttd": "2022-02-07", "pub": "2022-02-07", "adx": "2022-02-07", "halo": "2022-02-07", "goo": "2022-02-07", "taboola": "2022-02-07", "unruly": "2022-02-07", "mediamath": "2022-02-07"}
.wetransfer.com/ Name: _wt_snowplowses.38f1
Value: *
emroosh.wetransfer.com/ Name: _dd_s
Value: rum=0&expire=1644270996881
.adnxs.com/ Name: uuid2
Value: 6692378238796471288
.adsrvr.org/ Name: TDID
Value: 463bfde4-afaa-4cc3-8f25-f365a91d4f71
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwj05oKUq6O1OhAFOAE.
.wetransfer.com/ Name: _wt_snowplowid.38f1
Value: 7999aea5-ee7f-4b10-8441-5e6191506f0d.1644270095.0.1644270095
.wetransfer.com/ Name: _ga
Value: GA1.2.1985635894.1644270097
.wetransfer.com/ Name: _gid
Value: GA1.2.878641955.1644270097
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
.wetransfer.com/ Name: _gat_UA-11792855-4
Value: 1
.wetransfer.com/ Name: _rdt_uuid
Value: 1644270097052.1056f3c5-258e-4ddc-90c2-f7b9e5a50f1d
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 871F6BF8-F67C-41F1-A361-6DFE4E1A0BEA
.doubleclick.net/ Name: IDE
Value: AHWqTUmE53g6_kRTnh8eJB2UuVolsQK69b1r2u1K5h27gZBwAWj57Odm6bY50RZVF8I
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1aa0e823-cb3b-4b3d-ade3-3f5bfd17bb19-005%22%7D
.wetransfer.com/ Name: _fbp
Value: fb.1.1644270097110.1096718213
.ad.gt/ Name: last_seeng_hosted
Value: 1644270097186
.ad.gt/ Name: g_hosted
Value:
.mathtag.com/ Name: uuid
Value: d7b46201-9211-4e00-af07-99376a776f10
.ad.gt/ Name: last_seenadnxs
Value: 1644270097195
.ad.gt/ Name: adnxs_id
Value: 6692378238796471288
.ad.gt/ Name: first_seenadnxs
Value: 1644270097195
.ad.gt/ Name: last_seenadx
Value: 1644270097196
.ad.gt/ Name: google_gid
Value: CAESEAkuwfNzEx-gMleX2IfIByI
.ad.gt/ Name: first_seenadx
Value: 1644270097197
.ad.gt/ Name: last_seentd
Value: 1644270097202
.ad.gt/ Name: tdid
Value: 463bfde4-afaa-4cc3-8f25-f365a91d4f71
.ad.gt/ Name: first_seentd
Value: 1644270097202
.ad.gt/ Name: last_seenpbm
Value: 1644270097223
.ad.gt/ Name: pbm
Value: 871F6BF8-F67C-41F1-A361-6DFE4E1A0BEA
.ad.gt/ Name: first_seenpbm
Value: 1644270097223
.openx.net/ Name: i
Value: 97199529-86bd-400f-a343-224ad495f020|1644270097
.ad.gt/ Name: last_seenmediamath
Value: 1644270097319
.ad.gt/ Name: user_id
Value: d7b46201-9211-4e00-af07-99376a776f10
.ad.gt/ Name: last_seenhaloid
Value: 1644270097320
.ad.gt/ Name: halo_id
Value: 0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/ Name: first_seenhaloid
Value: 1644270097320
.ad.gt/ Name: last_seenopenx
Value: 1644270097420
.ad.gt/ Name: openx_id
Value: 6df5b315-a6b6-4004-aa6e-fef2a7cd0cd9
.wetransfer.com/ Name: sp
Value: 9681d892-8387-4404-98eb-77d7a5d0d014
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1aa0e823-cb3b-4b3d-ade3-3f5bfd17bb19-005%22%7D
.linkedin.com/ Name: li_sugr
Value: 6d16f532-3199-4dee-9fe5-f201c0fc99e9
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&dc8516fd-f3a0-438a-81c5-e0532c7fc95f"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2540:u=1:x=1:i=1644270097:t=1644356497:v=2:sig=AQGe8_1k1t06e6LuVWxM1oVxMiL6Dkjz"
.wetransfer.com/ Name: _gat_auPassiveTagger
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQIwoPYp2L1liQAAAX7WIpSrwtfV5tsfgfVWenHKEwskL1PIF89v7g2-v2CsGFbsbQeWoAp0dEBHdw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLdXg1DOFPWBAAAAX7WIpSr3I6TuwTNoVSKjonutNJOqfRE7eNbaWbD6nKnqGgVXg-LNjINfOwVfUdol8gyrA
.ad.gt/ Name: last_seenunruly
Value: 1644270097566
.ad.gt/ Name: unruly_id
Value: RX-1aa0e823-cb3b-4b3d-ade3-3f5bfd17bb19-005
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&202202072141376067bc14-2abf-4499-8a1a-ed96137ddf19AQGIjUY3aQOgfLygtPoheYlm73oJo5iB"
.adsymptotic.com/ Name: U
Value: a5a10b3b554ef5e3c630472e7629c8cf
.facebook.com/ Name: fr
Value: 0MMNt2O9d8mVR2dAw..BiAZIR...1.0.BiAZIR.
.wetransfer.com/ Name: _uetsid
Value: b9d1a610885e11ec9677d7bbc90694f3
.wetransfer.com/ Name: _uetvid
Value: b9d1cc40885e11eca725f57ac8b68de8
.criteo.com/ Name: uid
Value: 24320a07-364c-4614-99d3-1059c6caf9ac
.wetransfer.com/ Name: cto_bundle
Value: 6NXRJF9kN0hVbSUyRk1VRU1YUCUyQldHclQ1cUk2V1ZtenZ2UXc2NkhjMXJxajNMRW9LQVhkMUhuN0llZ2ZEOW9tdnFtVVhDNUpqUEJqOHpDVGlBODdhc0x0OTJieFo3NEl1RE5HalZVeUJjdjZEdEhvNmdNYnJUNHp4c3FUMUpyJTJGWXhqeUtkYkpWVTJuNW9aQ1U4TDQ3aDNDRkNvOFElM0QlM0Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
app.launchdarkly.com
aufp.io
auth.wetransfer.com
bat.bing.com
cm.g.doubleclick.net
connect.facebook.net
d19ptbnuzhibkh.cloudfront.net
dynamic.criteo.com
emroosh.wetransfer.com
events.launchdarkly.com
googleads.g.doubleclick.net
gum.criteo.com
ids.ad.gt
image2.pubmatic.com
match.adsrvr.org
p.ad.gt
p.adsymptotic.com
pixels.ad.gt
previews-te.wetransfer.net
prod-cdn.wetransfer.net
protect-us.mimecast.com
public.profitwell.com
px.ads.linkedin.com
resources.xg4ken.com
secure.adnxs.com
snap.licdn.com
snowplow.wetransfer.com
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
t.co
trc.taboola.com
u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.18.102.194
104.244.42.195
104.244.42.69
13.107.21.200
13.107.42.14
13.225.66.179
142.250.64.98
142.250.65.174
142.250.65.194
142.250.65.226
142.251.4.157
142.251.40.100
142.251.40.136
146.75.32.157
15.197.193.217
151.101.129.140
151.101.129.44
151.101.65.140
151.101.66.217
157.240.3.29
157.240.3.35
178.250.0.130
18.200.37.115
184.51.149.162
199.127.204.142
205.139.111.117
23.60.96.162
34.248.171.101
34.98.64.218
44.237.47.166
52.11.43.158
52.42.90.222
52.85.61.47
52.89.209.136
54.149.174.3
54.197.97.27
54.230.162.91
54.236.74.161
68.67.181.202
74.119.119.139
74.119.119.142
74.121.140.14
8.28.7.83
99.84.125.86
99.84.42.87
01b8e009f02113cbdbf0ad9070228586f7cbd064c3213c8377ede2715eb487fa
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
051668900f3f9c5235992fcebe36b4af3290b7d8cd274ec7b10821dd961c50e0
054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73
2095684f7b41ed927c98aa36b35266f50706616fff12b294777a4b5d6e384d1c
25fdc4dad37f03d81ab5d19cbee1e237a6cb0d2bde48b6847d0330c198fc22fc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c0e8641bb1718365b21f5093b5fb40feebdecb7a114ef4e0d69bc673177d91
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
29ca5d3ea43dc8a9f8f0cd6f90905e1dc08b8ffcb5463760cf3bb9632dd32624
3201b8df1bea2184e53639e714afd6b499cb43303225cfd1122a25a0a9a0277a
385a74e47e6e4b14b5383cf291ea1523e9be64587c225f0c11fcd8167b5557f2
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
4ab261af4a377982b4a3f38370412bc4cbf268577817857a44c7d7034204f4fc
4d868cbe9a56cf8996187133e02d685a0eea3664bc48fad0b063ece84e2f95e0
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4ed5ebb9cb33f3a544bfe89175bf8a26cc332dfec58641916e031596b04db820
4f3cead82a2256c5172bbff6054e465cb2df8a32f3012931ee463e60401bd761
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
582c26fe99acf7b95294d88a3f6af9e7339af0447ac075c4e38e95d018edef29
583581f38bbf7762d091906294d9f7604d39cac488a1ed1204f371534dd92daa
5ef50fdb3e0d911aacf496d7a16119aa87c72ac224b9ba6e6ada18120e73e76c
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad
776301a40f62c420a5c6098a6fdb99c7ce0d1543384a318a290e872b2d60db53
788d8f059102a07fd4202528e8debfab55072c0123aa1bae786dcc97b0f12aa5
82d4f2f8abbcff924bf0bd9bd52348be965f0bb1e1b675e288f868d6f28a042f
8312fa58b4e6b3e7f72d2ae610fdc6a6486d1278a873a6829896273ed1affb83
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
8b24551f3c041157a88f5e489c4c144bb4341215aa0e09a42f78803ad3e491e9
8ce71286009524bf5abcb4493d1768e626310caa844c2f8807c766d0dc7878bd
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0d4d384778decc01315f565329ca3eb074aa9b09cb907b801e3ec5ca589e30e
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b9930b5809f98a43f9bebf205ab5800594b4ef27fc7bff6215cb3108ce93133f
baa4bcc273d10ffc0ab585ec5c3cb3e03f701a057a6e0a54e2df9f2513e13058
bb65ca0d4c11a085dc928bcdded223e6fa712f4bdfff319114992312623a2812
c5fc56d942050166a38594c1c7eaf215aedc85da79f83616e7db3e3d9bf54da6
c6dd399ec517214f0630b4d45639554bd57673915dff7ac35fd60306435967b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc42e10ab9d5f58aa89c7483b9839090bf8cd04ba9fb0d8d525a11e17ac55e3
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed7dafc848ab23d029a3e4ad9b821ebe36e6805ee62a88c7c703be5add389242
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f95dc7465b90788f8d5cb452b298bb4e6639cec58821888da9be25f353035a8c
fe23002b755a1b04eff899eea5230dcb1ac0144c61f9e88996b1c13fe916f29f
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ffcfff47eb92e01912bad56ba6913273acce83350b7b62b11cfa3e80d2992f2d