office365.send-anywhere.com Open in urlscan Pro
18.67.93.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://office365.send-anywhere.com/
Effective URL:
https://office365.send-anywhere.com/
Submission: On January 29 via manual (January 29th 2024, 6:42:21 am UTC) from AU — Scanned from AU

Summary HTTP 94 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 24 domains to perform 94 HTTP transactions. The main IP is 18.67.93.47, located in United States and belongs to AMAZON-02, US. The main domain is office365.send-anywhere.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on December 29th 2023. Valid for: a year.

This is the only time office365.send-anywhere.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	18.67.93.100 18.67.93.100	16509 (AMAZON-02) (AMAZON-02)
21	18.67.93.47 18.67.93.47	16509 (AMAZON-02) (AMAZON-02)
8	104.18.131.236 104.18.131.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.204.14 142.250.204.14	15169 (GOOGLE) (GOOGLE)
2	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
6	142.250.71.66 142.250.71.66	15169 (GOOGLE) (GOOGLE)
1	23.1.240.139 23.1.240.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	110.93.147.30 110.93.147.30	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
2	142.250.76.104 142.250.76.104	15169 (GOOGLE) (GOOGLE)
4	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
3	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	13.35.147.99 13.35.147.99	16509 (AMAZON-02) (AMAZON-02)
1	13.224.181.94 13.224.181.94	16509 (AMAZON-02) (AMAZON-02)
1	13.35.148.111 13.35.148.111	16509 (AMAZON-02) (AMAZON-02)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.32.137 104.18.32.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.76.98 142.250.76.98	15169 (GOOGLE) (GOOGLE)
3	68.183.227.113 68.183.227.113	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	68.183.230.54 68.183.230.54	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
3	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
2	64.233.170.154 64.233.170.154	15169 (GOOGLE) (GOOGLE)
2	142.250.204.3 142.250.204.3	15169 (GOOGLE) (GOOGLE)
2	142.250.204.1 142.250.204.1	15169 (GOOGLE) (GOOGLE)
1 2	142.251.221.70 142.251.221.70	15169 (GOOGLE) (GOOGLE)
5	142.251.221.65 142.251.221.65	15169 (GOOGLE) (GOOGLE)
2	142.250.204.4 142.250.204.4	15169 (GOOGLE) (GOOGLE)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	18.67.93.87 18.67.93.87	16509 (AMAZON-02) (AMAZON-02)
1	34.215.148.109 34.215.148.109	16509 (AMAZON-02) (AMAZON-02)
94	33

2 18.67.93.100 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-100.syd62.r.cloudfront.net

office365.send-anywhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d4a553n24khrv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.67.93.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-47.syd62.r.cloudfront.net

office365.send-anywhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.131.236 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.71.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.1.240.139 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-1-240-139.deploy.static.akamaitechnologies.com

wcs.naver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 110.93.147.30 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

wcs.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.76.104 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.147.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-99.syd1.r.cloudfront.net

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.181.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-94.syd1.r.cloudfront.net

cdn.carbonads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.148.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-148-111.syd1.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

send-anywhere.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.32.137 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.76.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.183.227.113 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-sg-sgp-7.buysellads.com

srv.carbonads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.183.230.54 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-sg-sgp-6.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.170.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net

f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.221.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.4 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.93.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-87.syd62.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.148.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-148-109.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	send-anywhere.com 1 redirects office365.send-anywhere.com	2 MB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	178 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 ad.doubleclick.net — Cisco Umbrella Rank: 163	156 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 364	128 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 m.stripe.com — Cisco Umbrella Rank: 1188	167 KB
6	google.com apis.google.com — Cisco Umbrella Rank: 106 analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2	24 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	160 KB
3	carbonads.net srv.carbonads.net — Cisco Umbrella Rank: 40201	5 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	google.com.au www.google.com.au — Cisco Umbrella Rank: 29183	515 B
2	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 21215	596 B
2	cloudfront.net d10lpsik1i8c69.cloudfront.net d4a553n24khrv.cloudfront.net	337 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	167 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	94 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 567	315 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 10963	757 B
1	zendesk.com send-anywhere.zendesk.com	14 KB
1	carbonads.com cdn.carbonads.com — Cisco Umbrella Rank: 38024	10 KB
1	servedby-buysellads.com m.servedby-buysellads.com — Cisco Umbrella Rank: 37308	16 KB
1	naver.com wcs.naver.com — Cisco Umbrella Rank: 22781	637 B
1	naver.net wcs.naver.net — Cisco Umbrella Rank: 20989	8 KB
94	24

	Domain	Requested by
22	office365.send-anywhere.com	1 redirects office365.send-anywhere.com
8	cdn.cookielaw.org	office365.send-anywhere.com cdn.cookielaw.org
6	pagead2.googlesyndication.com	office365.send-anywhere.com securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
5	tpc.googlesyndication.com	f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com office365.send-anywhere.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com
4	connect.facebook.net	office365.send-anywhere.com connect.facebook.net
3	q.stripe.com	office365.send-anywhere.com
3	analytics.google.com	www.googletagmanager.com
3	srv.carbonads.net	cdn.carbonads.com office365.send-anywhere.com
3	js.stripe.com	office365.send-anywhere.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google.com	office365.send-anywhere.com tpc.googlesyndication.com
2	ad.doubleclick.net	1 redirects office365.send-anywhere.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.com.au	office365.send-anywhere.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	srv.buysellads.com	m.servedby-buysellads.com
2	www.googletagmanager.com	office365.send-anywhere.com www.googletagmanager.com
2	www.googletagservices.com	office365.send-anywhere.com f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com
2	cdnjs.cloudflare.com	office365.send-anywhere.com
1	m.stripe.com	m.stripe.network
1	d4a553n24khrv.cloudfront.net	office365.send-anywhere.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.facebook.com	office365.send-anywhere.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	send-anywhere.zendesk.com	office365.send-anywhere.com
1	d10lpsik1i8c69.cloudfront.net	office365.send-anywhere.com
1	cdn.carbonads.com	office365.send-anywhere.com
1	m.servedby-buysellads.com	office365.send-anywhere.com
1	wcs.naver.com	wcs.naver.net
1	wcs.naver.net	office365.send-anywhere.com
1	apis.google.com	office365.send-anywhere.com
94	34

This site contains links to these domains. Also see Links.

Domain
srv.carbonads.net
carbonads.net
outdatedbrowser.com
support.send-anywhere.com
send-anywhere.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
*.send-anywhere.com RapidSSL TLS RSA CA G1	`2023-12-29` - `2025-01-21`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
wcs.naver.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-12-01`	a year	crt.sh
wcs.naver.com GeoTrust RSA CA 2018	`2023-08-01` - `2024-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-07` - `2024-02-05`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
m.servedby-buysellads.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-12`	a year	crt.sh
cdn.carbonads.com Amazon RSA 2048 M03	`2023-11-16` - `2024-12-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
send-anywhere.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.carbonads.net Sectigo RSA Domain Validation Secure Server CA	`2023-09-28` - `2024-10-28`	a year	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://office365.send-anywhere.com/
Frame ID: 78AA46BF8BE55ECD3CBBBF08DC947D10
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: F424E3ED9DB3ADC6D95F105BBA797395
Requests: 1 HTTP requests in this frame

Frame: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 69BC115DD39246D3021B4E7F203346A3
Requests: 1 HTTP requests in this frame

Frame: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 50D5793883EB9C7E2EC22CE678462F89
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 758EB45CCCCE868D93CBCF006E9459E5
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: CFE861DAE31D7B3B45AB6AF1E57155B4
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE1F0023F6DA84B8B4BC967C107333F0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF1D4C6361C169D0040D1B1AAB9BA4C5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Send Anywhere - File transferBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://office365.send-anywhere.com/ HTTP 301
https://office365.send-anywhere.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

BuySellAds (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

servedby-buysellads\.com/monetization(?:\.[\w\d]+)?\.js

Carbon Ads (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

carbonads\.com

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

94
Requests

99 %
HTTPS

0 %
IPv6

24
Domains

34
Subdomains

33
IPs

5
Countries

3055 kB
Transfer

9258 kB
Size

18
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://srv.carbonads.net/ads/click/x/GTND427ECYBIT53WCV7LYKQUCTSDT53WC67IKZ3JCAYDK5QNCABDK53KCEAD4K7ECYBDV27LC6BI52QJCA7IPKJKC6SIT2JMCTADTK3EHJNCLSIZ

Search URL Search Domain Scan URL

URL: http://carbonads.net/?utm_source=send-anywherecom&utm_medium=ad_via_link&utm_campaign=in_unit&utm_term=carbon
Title: ads via Carbon

Search URL Search Domain Scan URL

URL: http://outdatedbrowser.com/
Title: Update Browser

Search URL Search Domain Scan URL

URL: https://support.send-anywhere.com/hc
Title: Help Center

Search URL Search Domain Scan URL

URL: https://support.send-anywhere.com/hc/en-us/categories/360000312354
Title: Notice

Search URL Search Domain Scan URL

URL: https://send-anywhere.com/cookie_policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://office365.send-anywhere.com/ HTTP 301
https://office365.send-anywhere.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.375468910;dc_trk_aid=566297735;dc_trk_cid=183807839;ord=170651054;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.375468910;dc_pre=CNbi55L_gYQDFfufrAIdZRUBQw;dc_trk_aid=566297735;dc_trk_cid=183807839;ord=170651054;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=;dc_tdv=1

94 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
office365.send-anywhere.com/
Redirect Chain

http://office365.send-anywhere.com/
https://office365.send-anywhere.com/

9 KB
9 KB

309ms
301ms

Document
text/html

18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.93.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-93-47.syd62.r.cloudfront.net

Software

nginx /

Resource Hash

2f7189da47601340063c964876ab6437552b830b8a7685c6a5db228dabf090f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
content-length: 8988
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 06:42:14 GMT
etag: W/"231c-3zKoqfzoYiQsLW8ynOTO29yVqlA"
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
x-amz-cf-id: RjKTI3Oy12ixktp7JfuG1klwZru5womj_AoXn83ftQhbJrlmS8nMJQ==
x-amz-cf-pop: SYD62-P1
x-amzn-trace-id: Root=1-65b748c6-38924595697d01ee563a3f9c
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Mon, 29 Jan 2024 06:42:14 GMT
Location: https://office365.send-anywhere.com/
Server: CloudFront
Via: 1.1 bac8af6ab43417aff0768ef23a8c05de.cloudfront.net (CloudFront)
X-Amz-Cf-Id: oI39ESNoi2P0yfJRFI7irhf4JWN9nlkwyznJG7uIal3pHnN1TxMmUg==
X-Amz-Cf-Pop: SYD62-P1
X-Cache: Redirect from cloudfront

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 334ms
15ms Script
application/javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 06:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dulN1EiikhiO8GlkrdtHlg==
age: 55878
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6838
x-ms-lease-status: unlocked
last-modified: Thu, 25 Jan 2024 20:55:19 GMT
server: cloudflare
etag: 0x8DC1DE7F0BAF2A8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9ff1c125-801e-000e-6504-501033000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84cf7e7d6d5da814-SYD

GET
H2 200 font.1706126870000.css
office365.send-anywhere.com/assets/css/base/ 2 KB
729 B 6ms
3ms Stylesheet
text/css 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/assets/css/base/font.1706126870000.css?ut=811280
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: d697a4b42e0bfd2b62121f7e142ec9cbdfbc9ef9d7b2d28a7423001595d0f116

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:18:07 GMT
content-encoding: gzip
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jan 2024 20:07:50 GMT
server: nginx
x-amz-cf-pop: SYD62-P1
age: 350647
etag: W/"65b16e16-6c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: TPK20NhUfEZbLP6iHpdQisVI03mJXSJm7hdfRZKXp6wrornvCN-VMQ==
expires: Fri, 24 Jan 2025 05:18:07 GMT

GET
H2 200 font-roboto.1706126870000.css
office365.send-anywhere.com/assets/css/base/ 656 B
1 KB 24ms
21ms Stylesheet
text/css 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/assets/css/base/font-roboto.1706126870000.css?ut=811280
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 8e8b5a0b4e50196e99b823f22a7ed11b3408e2169f44ecfbc09738f1ee6c6b15

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:18:07 GMT
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jan 2024 20:07:50 GMT
server: nginx
x-amz-cf-pop: SYD62-P1
age: 350647
etag: "65b16e16-290"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 656
x-amz-cf-id: xOfH6sQA9g-oDbAXe7nlf_1ovSoldAYTDsJxVyTvLRHE-UuME6mavQ==
expires: Fri, 24 Jan 2025 05:18:07 GMT

GET
H2 200 font-awesome.min.1706126870000.css
office365.send-anywhere.com/assets/css/base/ 30 KB
7 KB 6ms
4ms Stylesheet
text/css 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/assets/css/base/font-awesome.min.1706126870000.css?ut=811280
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 3d721e8b87d0aa3f3a7d7fe2ed9a49da6c5a47cb2977c16a32ea87be19eb237d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:18:07 GMT
content-encoding: gzip
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jan 2024 20:07:50 GMT
server: nginx
x-amz-cf-pop: SYD62-P1
age: 350647
etag: W/"65b16e16-7978"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: WZBHU2Ehbe6tIDeEvB1csr0X95ZRlG4LtAeDoEITI-NVj10pitUmKQ==
expires: Fri, 24 Jan 2025 05:18:07 GMT

GET
H2 200 sa-icon-font.1706126870000.css
office365.send-anywhere.com/assets/css/base/ 8 KB
2 KB 7ms
5ms Stylesheet
text/css 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/assets/css/base/sa-icon-font.1706126870000.css?ut=811280
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 76691730a6d7d871abd7ac14f25613e69758fd9fd27fdd80d8523ec5675cc31e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:18:07 GMT
content-encoding: gzip
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jan 2024 20:07:50 GMT
server: nginx
x-amz-cf-pop: SYD62-P1
age: 350647
etag: W/"65b16e16-2019"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8VgV-UwTR3we6YOA04ZckNWSaYBx9g-7m4KKmwXazLngPKebhhIwtw==
expires: Fri, 24 Jan 2025 05:18:07 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
685 B 323ms
13ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5236680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 382
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-50a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGlLRH2qSWHflQa65CGMYEWjBhAIneyDOIGUuhkE5J5zeswLGBcgB0cD2VUxpOR%2FWLBCif2egve1o%2F%2BVp85gm%2FIODFbnBjzQhJrYRckik9ssL8mc9H5nTFOlCPyspjUowq61rJoc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84cf7e7d5bf3aabb-SYD
expires: Sat, 18 Jan 2025 06:42:15 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
1 KB 320ms
11ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5306835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 637
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-92d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgwU0FnK3SpcwjvzQVPA%2FRXZDNfiwd31pOmfgPN5tBth0C%2BsimBvR9PNCtFZSWwv6qJUxum7x%2FnTV0UpFAviVKwWY2tTWweIH2oshQbhaXdMHeb1ZgXT9UbZy7nULM9fWwGmjqCS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84cf7e7d5bf4aabb-SYD
expires: Sat, 18 Jan 2025 06:42:15 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 594ms
192ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

sffe /

Resource Hash

0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 06:42:15 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21929
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "619578e938ea6244"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:42:15 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 97 KB
29 KB 702ms
266ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

7f593b9405d3060b658eda040ba64cee1af49466a5231b1b1933a3276bee2ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29424
x-xss-protection: 0
server: cafe
etag: 59 / 19751 / m202401230101 / config-hash: 16415232170016434785
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:42:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 601ms
195ms Script
text/javascript 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

30d1a8b556e7f591ab1c736b9e245c4cfb3794fd2f514d337bd7c7f442564483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51123
x-xss-protection: 0
server: cafe
etag: 6078652013464002362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 29 Jan 2024 06:42:16 GMT

GET
H3 200 criteo.1706126870000.js Show response
office365.send-anywhere.com/assets/js/ 75 KB
19 KB 5ms
4ms Script
application/javascript 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/assets/js/criteo.1706126870000.js?ut=811280
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: cb0d4898e672ec6c78416c069d61c9ec41b45dd81a24e6001ed5d68a64dab782

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:18:07 GMT
content-encoding: gzip
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2024 19:47:44 GMT
server: nginx
age: 350648
x-amz-cf-pop: SYD62-P1
etag: W/"65a58be0-12b96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qazF2ozYQZtzN6Eg4R1VY4fH7LChG7nmV08YPZBXBtFxML-uL6i9Ag==
expires: Fri, 24 Jan 2025 05:18:07 GMT

GET
H/1.1 200
OK wcslog.js Show response
wcs.naver.net/ 23 KB
8 KB 344ms
3ms Script
application/javascript 23.1.240.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://wcs.naver.net/wcslog.js
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.1.240.139 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-1-240-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a94768a824ce186cf0adf17fe7e71b76e573ef99b8096c1ee2ba382b40321478

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 06:42:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jan 2024 07:29:59 GMT
Server: nginx
ETag: "65ae1977-5b74"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=966
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7637
Expires: Mon, 29 Jan 2024 06:58:21 GMT

GET
H2 200 header.1706126870000.js Show response
office365.send-anywhere.com/assets/js/ 4 KB
2 KB 7ms
6ms Script
application/javascript 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/assets/js/header.1706126870000.js?ut=811280
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 3f1bf66fa2b83894695287210a03359b64265fadf35666ffc0ee0bbce8822844

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:18:07 GMT
content-encoding: gzip
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2024 19:47:44 GMT
server: nginx
x-amz-cf-pop: SYD62-P1
age: 350647
etag: W/"65a58be0-ecd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bVSwkeOiuT95f-dlvKLibjrujr2PS-FCw4d7k23bxSAJSgA1M0vrww==
expires: Fri, 24 Jan 2025 05:18:07 GMT

GET
H2 200 vendor.8454f0e3.js Show response
office365.send-anywhere.com/static/js/ 3 MB
697 KB 6ms
5ms Script
application/javascript 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/static/js/vendor.8454f0e3.js
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 492a8075f2b18cf7ec8a0dc21bd0c921119275ab1b44698bf1704b806ef7db93

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 02:51:16 GMT
content-encoding: gzip
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2024 17:38:48 GMT
server: nginx
x-amz-cf-pop: SYD62-P1
age: 1137058
etag: W/"65a56da8-2a8cd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jfRvMPZZbbhrnDMZYL75KUzJ81J56dXG7uiI-Sq2w7mIchCI5ACqPQ==
expires: Wed, 15 Jan 2025 02:51:16 GMT

GET
H2 200 app.2644e89a.js Show response
office365.send-anywhere.com/static/js/ 2 MB
397 KB 7ms
6ms Script
application/javascript 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/static/js/app.2644e89a.js
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 0f8429015aaa99b48ce1bfe6c65f55b81611e738beafc6860f801a0ceb6458c4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 01:36:11 GMT
content-encoding: gzip
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2024 00:14:10 GMT
server: nginx
x-amz-cf-pop: SYD62-P1
age: 1141563
etag: W/"65a478d2-1dbf3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2XyEEZxx_AjzN8agic7Y2beSC_h5pvrgiJ55r5iv5o0lR-AgVzoWFg==
expires: Wed, 15 Jan 2025 01:36:11 GMT

GET
H2 200 a47bec7a-41fc-4cfb-a74c-2438233907e5.json Show response
cdn.cookielaw.org/consent/a47bec7a-41fc-4cfb-a74c-2438233907e5/ 4 KB
2 KB 590ms
282ms XHR
application/x-javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a47bec7a-41fc-4cfb-a74c-2438233907e5/a47bec7a-41fc-4cfb-a74c-2438233907e5.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff2772fb1b6b2dd981639a32d57e8d79a75cf4c26d422208a652193404179f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 06:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: JhuOxFCiLxWzy6pDNNauVw==
content-length: 1568
x-ms-lease-status: unlocked
last-modified: Wed, 18 May 2022 04:52:58 GMT
server: cloudflare
etag: 0x8DA388A47B6BCE0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 63c1cef2-a01e-00a0-19fd-51bd22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84cf7e7fbe66a87a-SYD
expires: Tue, 30 Jan 2024 06:42:15 GMT

POST
H2 204 b
wcs.naver.com/ 0
637 B 877ms
209ms Ping
text/plain 110.93.147.30
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL

https://wcs.naver.com/b

Requested by

Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

110.93.147.30 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),

Reverse DNS

Software

wcs /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://office365.send-anywhere.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:16 GMT
x-content-type-options: nosniff
server: wcs
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: https://office365.send-anywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
96 KB 521ms
121ms Script
application/javascript 142.250.76.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SHGDYFMJXL

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/assets/js/header.1706126870000.js?ut=811280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e5f33aac4d3f98a603fa2af81a108f5eeb6f12381ce3af54ca56ce63f35ccd6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 06:42:16 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 310ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/assets/js/header.1706126870000.js?ut=811280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

c9d64408d7fbd78db02dfd766763bb53adb0049f8373d221c0b68ab040ef2a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 06:42:15 GMT
content-md5: qqzWCi3czpBLbpJlzBCT/g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: hCSHHXmrqNCKE8rnVwezU3Z3+YQ7hfn0S9r/yrxPdxucGq9xa2YI92UFT42G/0qWppty0BJTXOpcQ/Zz7aVHgg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2205683cfaee9bed4f237329f7bd4034
cross-origin-opener-policy: same-origin-allow-popups
etag: "1796e43fecea40c9ca3d162bcc1d597e"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:56:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 309ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/assets/js/header.1706126870000.js?ut=811280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 Jan 2024 06:42:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: rBYc66Bx0XiiNHgtf/2grU4nC4bLZBpGAQPs1EBk8uHQkv5jSC2kFxvbvHQy8bWhwz1XiSyalz0yI9VEGlswAw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 587 KB
163 KB 102ms
14ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/static/js/app.2644e89a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f195179b3694d3b5cd85e3c12ea37818acf178e913fbfa386864bf18784956f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 06:42:15 GMT
via: 1.1 varnish
age: 18
x-cache: HIT
content-length: 166714
x-request-id: 6bdc74eb-4053-4d3a-88a1-8bdcc1403b32
x-served-by: cache-bne12527-BNE
last-modified: Fri, 26 Jan 2024 21:36:01 GMT
server: Fastly
etag: "edd03aac512133daf9b4ea7263f83cb9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 130558

GET
H3 200 app-loading.dc2d470e.gif
office365.send-anywhere.com/static/media/ 243 KB
244 KB 8ms
8ms Image
image/gif 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365.send-anywhere.com/static/media/app-loading.dc2d470e.gif
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 8fe047951e517e19e6f3622b22e6eff304e0acf7e5181c8bf51dcc64f556c685

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:16:16 GMT
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:12:30 GMT
server: nginx
age: 2341559
x-amz-cf-pop: SYD62-P1
etag: "658390fe-3cdfe"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 249342
x-amz-cf-id: 0XIvKkAPUZTDzarKRH1ZcwuhQdkLbNIqVT_0T_4BSks1bSVT4MY7BA==
expires: Thu, 01 Feb 2024 04:16:16 GMT

GET
H2 200 monetization.js Show response
m.servedby-buysellads.com/ 72 KB
16 KB 360ms
2ms Script
application/javascript 13.35.147.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m.servedby-buysellads.com/monetization.js
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/static/js/app.2644e89a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-99.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85035853ec4a25b718afdcde13e0ffe59b86ba0e7125d07b5e2857cfdad0d741

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 00:04:50 GMT
content-encoding: gzip
via: 1.1 9910b161083ec8200ad24e6d6beec168.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 15:34:13 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C1
age: 23847
x-amz-server-side-encryption: AES256
etag: W/"c89307314053bc69d48ccd0533eb7ff6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: S-7RRbAC3GZr9mcqdDpRQM7VT5YxukQHA1jOuL8Cu8Y9NOSPBGnQ0g==

GET
H2 200 carbon.js Show response
cdn.carbonads.com/ 32 KB
10 KB 354ms
3ms Script
application/javascript 13.224.181.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.carbonads.com/carbon.js?serve=CK7DC2Q7&placement=send-anywherecom
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/static/js/app.2644e89a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.181.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-181-94.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d901c2041c3eab87130f60272521ceb14cc694db13b5f92f0981b174c67d0d14

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 05:27:20 GMT
content-encoding: gzip
via: 1.1 4531d36bddcd36b16bc48daff001c13e.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 15:34:12 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C2
age: 4497
x-amz-server-side-encryption: AES256
etag: W/"833ee089dda24bcfd9cfb681b8293106"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _pwzmIiczr2MWufx-O1aswkNSEhB7Ibte1vqm0_gweG9RnbRBAJb8g==

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 44ms
2ms Script
application/javascript 13.35.148.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/static/js/app.2644e89a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.148.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-148-111.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:20:10 GMT
content-encoding: gzip
via: 1.1 13ad48adfe7f5ca5b82509779525e518.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C1
age: 1326
x-amz-server-side-encryption: AES256
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: quDU_Q0-UVDrfMvS7W4hQK7tnDLc-C01-LdDENpoJgz9gsk_zsE60w==

GET
H3 200 logo.40d00b5a.png
office365.send-anywhere.com/static/media/ 11 KB
11 KB 9ms
7ms Image
image/png 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365.send-anywhere.com/static/media/logo.40d00b5a.png
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 595ce98672716d048593078a59735472c0dbb39a3dfc5851ff5cb42fc11b3f52

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:41:14 GMT
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:12:34 GMT
server: nginx
age: 1422061
x-amz-cf-pop: SYD62-P1
etag: "65839102-2b6d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 11117
x-amz-cf-id: -2o9ZuJLzvQXrjcLuzWCJMYTFtzgbiZDFFCZGpGfwrt74h-hkniMbw==
expires: Sun, 11 Feb 2024 19:41:14 GMT

GET
H3 200 tooltip-en.f89034d5.png
office365.send-anywhere.com/static/media/ 12 KB
13 KB 11ms
8ms Image
image/png 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365.send-anywhere.com/static/media/tooltip-en.f89034d5.png
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 82c34a26cc6cd665f57ae47471456ed88b3457b2db54d120f93f513b8a4d5a2b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 06:01:06 GMT
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:12:36 GMT
server: nginx
age: 2508068
x-amz-cf-pop: SYD62-P1
etag: "65839104-311d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 12573
x-amz-cf-id: 7VWIILPCUruBLnKc1nVad1DOPCJ23NLfeZq30w9mQlWZJhqKBeNOXA==
expires: Tue, 30 Jan 2024 06:01:06 GMT

GET
H3 200 login-icon.b30cca12.svg
office365.send-anywhere.com/static/media/ 382 B
700 B 12ms
9ms Image
image/svg+xml 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365.send-anywhere.com/static/media/login-icon.b30cca12.svg
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 1d7682b7d775981fe72e377f6c2d76f4d4cf4ef62d36f18fbdc4132f49db001b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 01:40:56 GMT
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
age: 1141279
x-amz-cf-pop: SYD62-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 382
last-modified: Mon, 15 Jan 2024 00:14:10 GMT
server: nginx
etag: "65a478d2-17e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Wi7-I99YIKVZzb42NzvqcAifXXCNUmqtmFb2dFDMg5SU5SIyOfQWgA==
expires: Wed, 15 Jan 2025 01:40:56 GMT

GET
H3 200 landing-cancel.42b2347d.png
office365.send-anywhere.com/static/media/ 23 KB
24 KB 15ms
12ms Image
image/png 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365.send-anywhere.com/static/media/landing-cancel.42b2347d.png
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 0ee85a12b0ba20b16d0521c93e54ba0d719e4bdee2a8493276ff383babe32641

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 01:05:12 GMT
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:12:34 GMT
server: nginx
age: 1143423
x-amz-cf-pop: SYD62-P1
etag: "65839102-5d22"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 23842
x-amz-cf-id: 2s9okZ0b1hSVPdRTmUi_yINFdyFz2e3QK5ipTP1n4LAc-QELxpZYjw==
expires: Thu, 15 Feb 2024 01:05:12 GMT

GET
H3 200 lang-icon.dd40d638.svg
office365.send-anywhere.com/static/media/ 1 KB
1 KB 12ms
10ms Image
image/svg+xml 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365.send-anywhere.com/static/media/lang-icon.dd40d638.svg
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: d6559a1c4032d708f83c634d0f924143b79bbc3a95b59d8647542015e9ec2dba

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 01:36:12 GMT
content-encoding: gzip
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
age: 1141562
x-amz-cf-pop: SYD62-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 00:14:10 GMT
server: nginx
etag: W/"65a478d2-5d2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 0t5Dth-9ZYW2EKnY3aCfafb7rML-vb9CSza1o3xJulTpHpuctU4UxQ==
expires: Wed, 15 Jan 2025 01:36:12 GMT

GET
H3 200 rakuten_drive.302d1d3e.svg
office365.send-anywhere.com/static/media/ 17 KB
7 KB 11ms
8ms Image
image/svg+xml 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365.send-anywhere.com/static/media/rakuten_drive.302d1d3e.svg
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: f7c9d0b905fb68cbb3786acbbf2bde72e7a1df8f4d13fb531382539402e95d0a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 01:36:12 GMT
content-encoding: gzip
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
age: 1141562
x-amz-cf-pop: SYD62-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 00:14:12 GMT
server: nginx
etag: W/"65a478d4-4316"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: aBQnldb-y9vcwR93sw9dYcUA0Dp5Vgrhp73D1Lym_2anC9fIJGD1WA==
expires: Wed, 15 Jan 2025 01:36:12 GMT

GET
H2 200 articles.json Show response
send-anywhere.zendesk.com/api/v2/help_center/en-us/categories/360000312354/ 88 KB
14 KB 366ms
327ms XHR
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://send-anywhere.zendesk.com/api/v2/help_center/en-us/categories/360000312354/articles.json?sort_by=updated_at

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/static/js/vendor.8454f0e3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db79defc52e982cd60f708f694051bb072141d7107fdf4d58bdda3e2e44299fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://office365.send-anywhere.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:16 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-rate-limit-remaining: 398
x-rate-limit: 400
x-zendesk-origin-server: app-server-697985c6f5-lwv9l
protocol: HTTP/1.1 always
x-xss-protection: 1; mode=block
x-request-id: 84cf7e808a6fa949-SYD
x-ua-compatible: IE=edge
x-runtime: 0.117165
server: cloudflare
x-zendesk-api-version: v2
etag: W/"db79defc52e982cd60f708f694051bb0"
x-zendesk-api-gateway: yes
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqHP%2FAGOI8Zl1l2Xwwvbre5iDzHMhgKalaMAKW%2F85XZ8iUGoBKVUHji%2BertJtUM%2BX8xodNog5OVURgG%2BZhK%2B3lOXEZQieHAmdCYTZfywtmlM0zz3OjOsdzHoG7NBtaQLQjjkeGybhgDEQ5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: max-age=0, public
vary: Accept-Encoding
x-zendesk-processed-host-header: send-anywhere.zendesk.com
cf-ray: 84cf7e808a6fa949-SYD

GET
H3 200 fullpage-ad-default.114855fe.png
office365.send-anywhere.com/static/media/ 25 KB
25 KB 8ms
8ms Image
image/png 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office365.send-anywhere.com/static/media/fullpage-ad-default.114855fe.png
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 1a7b64e4f352350e6220d17ee15893c38da9d0ab4fb950bc22ac8a4897f90b71

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 01:16:04 GMT
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:12:32 GMT
server: nginx
age: 2006771
x-amz-cf-pop: SYD62-P1
etag: "65839100-6359"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 25433
x-amz-cf-id: hU2JdSBA-5p2xjujCe4ofAvlnK1WEofIEcIHRKGh01M4mR9g_do_vQ==
expires: Mon, 05 Feb 2024 01:16:04 GMT

GET
H3 200 roboto-400.woff
office365.send-anywhere.com/assets/font/roboto/ 19 KB
20 KB 32ms
29ms Font
font/woff 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/assets/font/roboto/roboto-400.woff
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/assets/css/base/font-roboto.1706126870000.css?ut=811280
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed

Request headers

Referer: https://office365.send-anywhere.com/assets/css/base/font-roboto.1706126870000.css?ut=811280
Origin: https://office365.send-anywhere.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 11:25:49 GMT
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
age: 11301385
x-amz-cf-pop: SYD62-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19824
last-modified: Wed, 23 Aug 2023 19:28:50 GMT
server: nginx
etag: "64e65df2-4d70"
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YdlI1XMnxoAJaNlBwEHC1F9W5qPihU8D-k2mEECSb1eUjFjpEMYPNQ==
expires: Thu, 19 Sep 2024 11:25:49 GMT

GET
H3 200 SA-Icon.ttf
office365.send-anywhere.com/assets/font/sa_icon_font/ 31 KB
31 KB 29ms
26ms Font
application/octet-stream 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/assets/font/sa_icon_font/SA-Icon.ttf?ut=ianojr
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/assets/css/base/sa-icon-font.1706126870000.css?ut=811280
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: a155f769a1430ac17a509c17f6533092f7fd99b889b3d4cf6c0bc431c22326d8

Request headers

Referer: https://office365.send-anywhere.com/assets/css/base/sa-icon-font.1706126870000.css?ut=811280
Origin: https://office365.send-anywhere.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 11:25:50 GMT
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
age: 11301385
x-amz-cf-pop: SYD62-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 31236
last-modified: Wed, 23 Aug 2023 19:28:50 GMT
server: nginx
etag: "64e65df2-7a04"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: dOXeHECBwOOsgW-XF8DCOddUNt-XEpv47oIYvuYeZrFactT06OsJsg==
expires: Thu, 19 Sep 2024 11:25:50 GMT

GET
H3 200 roboto-700.woff
office365.send-anywhere.com/assets/font/roboto/ 19 KB
20 KB 30ms
27ms Font
font/woff 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/assets/font/roboto/roboto-700.woff
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/assets/css/base/font-roboto.1706126870000.css?ut=811280
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 468e579fe1210fa55525b1c470ed2d1958404512a2dd4fb972cac5ce0ff00b1f

Request headers

Referer: https://office365.send-anywhere.com/assets/css/base/font-roboto.1706126870000.css?ut=811280
Origin: https://office365.send-anywhere.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 11:25:49 GMT
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
age: 11301385
x-amz-cf-pop: SYD62-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19888
last-modified: Wed, 23 Aug 2023 19:28:50 GMT
server: nginx
etag: "64e65df2-4db0"
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cO7-8dBUTazxPR6cRihTn2uQ7d0Px5v6NoC7COvulqrNGXlHIh8OjA==
expires: Thu, 19 Sep 2024 11:25:49 GMT

GET
H3 200 roboto-300.woff
office365.send-anywhere.com/assets/font/roboto/ 19 KB
20 KB 27ms
6ms Font
font/woff 18.67.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://office365.send-anywhere.com/assets/font/roboto/roboto-300.woff
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/assets/css/base/font-roboto.1706126870000.css?ut=811280
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.67.93.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-47.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 3ab30e780c8b0bcc4998b838a5b30c3bfe28edead312906dc3c12271fae0699a

Request headers

Referer: https://office365.send-anywhere.com/assets/css/base/font-roboto.1706126870000.css?ut=811280
Origin: https://office365.send-anywhere.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 11:25:49 GMT
via: 1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
age: 11301385
x-amz-cf-pop: SYD62-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19916
last-modified: Wed, 23 Aug 2023 19:28:50 GMT
server: nginx
etag: "64e65df2-4dcc"
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: tFpr_DICVqAF4-_hM_hDmmzyVC1oCTT14gmV4gsPSw4nUaHLw0L-sA==
expires: Thu, 19 Sep 2024 11:25:49 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 128 B
757 B 261ms
235ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Foffice365.send-anywhere.com%2F&s=91464

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

374cf5f28eaec92d08d2d5799a193c1de081d4dbe99d1865bde0eb35aff06c65

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://office365.send-anywhere.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrV2pCGWBKDbPDOQjAe1M%2B%2Bz%2Bp4YNtWe1q%2Ft9FHRgCGiGKeXu%2BCJAAvEjjIxURgbyVQjDHKlqNfuzAvjoHMf%2FtfRy0SEFYle%2BikUnUi9rGAo0wsRuQN05wp2OOn6WNNrbAJIuD9C8wlqSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 84cf7e80cdbdaafb-SYD
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
88 KB 610ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8eec2252a48b66d0d39df27d3dc9f48b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

2477c652ab1b5955a46ced759ea2cdd172c2fbae05c1461d4e697205fbc3bfca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://office365.send-anywhere.com/
Origin: https://office365.send-anywhere.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 06:42:16 GMT
content-md5: S/cIAp1ZZXuYwJDSLg+7dw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88454
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: 9NHEHTuT/GZewD8s2v55/X/n2Dpe256DwqMppxK+MCTNHY1HwFmSkbcN20c7sMml7kwSiRSGCqaXYMql/uQPKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6bea56db8ed17dadb3cb63477654ba3a
cross-origin-opener-policy: same-origin-allow-popups
etag: "909737d3b856c1d6c6b5e2e1cdd7f820"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 28 Jan 2025 05:55:22 GMT

GET
H2 200 1341760472609957 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 222ms
221ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1341760472609957?v=2.9.143&r=stable&domain=office365.send-anywhere.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

bbe759b719f2ee74c72af1e5718aaf6e4772dcafb265c2ad82753080b733fff1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 Jan 2024 06:42:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: zySlzGnX/QsEciA9nSCCr1BuZ/RiHpu9cdl7UMWFqF0doftfTegaCFTD9Uaq6y+rxFMY2kO295Fz+K4D64RfaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 77 B
315 B 341ms
23ms XHR
application/json 104.18.32.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://office365.send-anywhere.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 84cf7e838b725d36-SYD
access-control-allow-headers: Content-Type

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/ 431 KB
136 KB 411ms
2ms Script
text/javascript 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 00:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23074
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138344
x-xss-protection: 0
server: cafe
etag: 11931332024773231753
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Jan 2025 00:17:42 GMT

GET
H2 200 CK7DC2Q7.json Show response
srv.carbonads.net/ads/ 2 KB
1 KB 96ms
96ms Fetch
application/json 68.183.227.113
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CK7DC2Q7.json?segment=placement:send-anywherecom&viewable=true
Requested by: Host: cdn.carbonads.com
URL: https://cdn.carbonads.com/carbon.js?serve=CK7DC2Q7&placement=send-anywherecom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.183.227.113 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-sg-sgp-7.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 7f1fa6f80d5979e6e714f53c15f2d8c29d625302165cc08357d37b092906ffa8

Request headers

Referer: https://office365.send-anywhere.com/
x-origin: https://office365.send-anywhere.com/
accept-language: en-AU,en;q=0.9
x-client: carbon.js/20231113 (serveUrl:CK7DC2Q7;serve:CK7DC2Q7)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 1159

OPTIONS
H2 200 CK7DC2Q7.json
srv.carbonads.net/ads/ Frame 0
0 447ms
93ms Preflight 68.183.227.113
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CK7DC2Q7.json?segment=placement:send-anywherecom&viewable=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.183.227.113 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-sg-sgp-7.buysellads.com
Software: //srv.buysellads.com /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-client,x-origin
Access-Control-Request-Method: GET
Origin: https://office365.send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: gzip
content-length: 23
date: Mon, 29 Jan 2024 06:42:16 GMT
server: //srv.buysellads.com
vary: Accept-Encoding

GET
H2 200 CESDCKJJ.json Show response
srv.buysellads.com/ads/ 874 B
596 B 116ms
115ms Fetch
application/json 68.183.230.54
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CESDCKJJ.json?segment=placement:send-anywherecom
Requested by: Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.183.230.54 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-sg-sgp-6.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 1d59d4016d9581887649dfb669756f6517cead1f5a73222787a9005261b7d7ab

Request headers

Referer: https://office365.send-anywhere.com/
x-origin: https://office365.send-anywhere.com/
accept-language: en-AU,en;q=0.9
x-client: monetization.js/20231024 (target:body;noViewable:true;script_id:_bsa_srv-CESDCKJJ_0;platforms:desktop%2Cmobile;skippedVisible:true)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 542

OPTIONS
H2 200 CESDCKJJ.json
srv.buysellads.com/ads/ Frame 0
0 655ms
94ms Preflight 68.183.230.54
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CESDCKJJ.json?segment=placement:send-anywherecom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.183.230.54 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-sg-sgp-6.buysellads.com
Software: //srv.buysellads.com /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-client,x-origin
Access-Control-Request-Method: GET
Origin: https://office365.send-anywhere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: gzip
content-length: 23
date: Mon, 29 Jan 2024 06:42:16 GMT
server: //srv.buysellads.com
vary: Accept-Encoding

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 311ms
2ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1341760472609957&ev=PageView&dl=https%3A%2F%2Foffice365.send-anywhere.com%2F&rl=&if=false&ts=1706510536119&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706510536117.2080264810&cs_est=true&ler=empty&cdl=API_unavailable&it=1706510535880&coo=false&exp=d1&rqm=GET

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 29 Jan 2024 06:42:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame F424 9 KB
5 KB 403ms
2ms Document
text/html 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office365.send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 16940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:59:56 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 01:59:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.32.0/ 335 KB
79 KB 12ms
12ms Script
application/javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ryfZhYsqLisJEnBsOqgVsQ==
age: 37126
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 81095
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:23 GMT
server: cloudflare
etag: 0x8DA08FC76466F7A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a24d596b-001e-0096-1c0a-153052000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84cf7e83aac9a814-SYD

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/a47bec7a-41fc-4cfb-a74c-2438233907e5/ad2b3581-6386-4d8a-a617-27c134f92440/ 88 KB
18 KB 316ms
316ms Fetch
application/x-javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a47bec7a-41fc-4cfb-a74c-2438233907e5/ad2b3581-6386-4d8a-a617-27c134f92440/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dff2a5abe480dae8316d81b7c0f60e3b62d57083d5647f735dd5c8679e8a983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: f9LAJbArszrMWpNcA04P7w==
content-length: 18404
x-ms-lease-status: unlocked
last-modified: Wed, 18 May 2022 04:53:10 GMT
server: cloudflare
etag: 0x8DA388A4E851637
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6b92f60b-f01e-002b-367e-52b94f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84cf7e83d972a87a-SYD
expires: Tue, 30 Jan 2024 06:42:16 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
262 B 508ms
99ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-SHGDYFMJXL&gtm=45je41o0v895937416&_p=1706510535549&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1455487853.1706510536&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706510536&sct=1&seg=0&dl=https%3A%2F%2Foffice365.send-anywhere.com%2F&dt=Send%20Anywhere%20-%20File%20transfer&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1736
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHGDYFMJXL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://office365.send-anywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 589ms
96ms Ping
text/plain 64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SHGDYFMJXL&cid=1455487853.1706510536&gtm=45je41o0v895937416&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHGDYFMJXL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://office365.send-anywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 111ms
110ms Script
application/javascript 142.250.76.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-NQWTW75&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHGDYFMJXL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1f77e1c0c9065577347603665542bc189eef767977784ea0885a9ef76fbc8d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 06:42:16 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 504ms
104ms Image
image/gif 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SHGDYFMJXL&cid=1455487853.1706510536&gtm=45je41o0v895937416&aip=1&dma=0&gcd=11l1l1l1l1&z=505422888

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 490ms
100ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-SHGDYFMJXL&gtm=45je41o0v895937416&_p=1706510535549&gcd=11l1l1l1l1&dma=0&cid=1455487853.1706510536&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dt=%2Fmain&dl=%2Fmain&sid=1706510536&sct=1&seg=1&en=page_view&_ee=1&_et=4&tfd=1757
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHGDYFMJXL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://office365.send-anywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
14 KB 155ms
155ms Fetch
text/plain 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1509876055031857&correlator=381579028204935&eid=31079958%2C31080715%2C31079234%2C44777900%2C31079525&output=ldjh&gdfp_req=1&vrg=202401230101&ptt=17&impl=fifs&iu_parts=21678581572%2CWeb%2CUNIT1&enc_prev_ius=0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706510536528&lmt=1706510536&adxs=0&adys=64&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Foffice365.send-anywhere.com%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1455487853.1706510536&ga_sid=1706510537&ga_hid=192175536&ga_fc=true&dlt=1706510534939&idt=1565&adks=634674069&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

9649245d165896c3150f77d8c2a22a51dbef999b2e54e16f241b6502c94bbbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14115
x-xss-protection: 0
google-lineitem-id: 6264719976
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428441402
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://office365.send-anywhere.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 69BC 6 KB
3 KB 501ms
98ms Document
text/html 142.250.204.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office365.send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 06:42:16 GMT
expires: Tue, 28 Jan 2025 06:42:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 405ms
4ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NQWTW75&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 05:16:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5138
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 29 Jan 2024 07:16:39 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.32.0/assets/ 13 KB
3 KB 280ms
280ms Fetch
application/json 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: 8zrrRItZNMaEtuchK/ofwQ==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2959
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:14 GMT
server: cloudflare
etag: 0x8DA08FC70DA836E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 665cda7f-601e-0039-507e-52c29f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84cf7e85facca87a-SYD

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/ 48 KB
12 KB 285ms
285ms Fetch
application/json 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: uYlRueaFtS5mhOymjGWFow==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11627
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:16 GMT
server: cloudflare
etag: 0x8DA08FC723EC22F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fdce781d-301e-00a2-457e-52039a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84cf7e85facda87a-SYD

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.32.0/assets/ 21 KB
4 KB 290ms
289ms Fetch
text/css 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 06:42:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-md5: SHFDtZO2nDZuiPDW83p1IQ==
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 3c287375-301e-0024-347e-52cf23000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 84cf7e85facea87a-SYD

GET
H2 200 758f0dc7d830e0ffcb1168849f05e83797d8a369
srv.carbonads.net/static/30242/ 3 KB
3 KB 284ms
94ms Image
image/png 68.183.227.113
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.carbonads.net/static/30242/758f0dc7d830e0ffcb1168849f05e83797d8a369
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.183.227.113 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-sg-sgp-7.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 8352e02d89ad51ae66a63c1a10f6aba4e2003f7737bbdc440eec9a1effe7d2f4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:16 GMT
content-encoding: gzip
server: //srv.buysellads.com
etag: 758f0dc7d830e0ffcb1168849f05e83797d8a369
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800, immutable
content-length: 3259

GET
H2

200

B29090009.375468910;dc_pre=CNbi55L_gYQDFfufrAIdZRUBQw;dc_trk_aid=566297735;dc_trk_cid=183807839;ord=170651054;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=;dc_...
ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.375468910;dc_trk_aid=566297735;dc_trk_cid=183807839;ord=170651054;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.375468910;dc_pre=CNbi55L_gYQDFfufrAIdZRUBQw;dc_trk_aid=566297735;dc_trk_cid=183807839;ord=170651054;dc_lat=;dc_rdid=;t...

42 B
473 B

116ms
115ms

Image
image/gif

142.251.221.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.375468910;dc_pre=CNbi55L_gYQDFfufrAIdZRUBQw;dc_trk_aid=566297735;dc_trk_cid=183807839;ord=170651054;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=;dc_tdv=1?

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Server

142.251.221.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.375468910;dc_pre=CNbi55L_gYQDFfufrAIdZRUBQw;dc_trk_aid=566297735;dc_trk_cid=183807839;ord=170651054;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 50D5 6 KB
3 KB 326ms
100ms Document
text/html 142.250.204.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office365.send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 06:42:16 GMT
expires: Tue, 28 Jan 2025 06:42:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 129ms
100ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-SHGDYFMJXL&gtm=45je41o0v895937416&_p=1706510535549&gcd=11l1l1l1l1&dma=0&cid=1455487853.1706510536&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1706510536&sct=1&seg=1&dl=https%3A%2F%2Foffice365.send-anywhere.com%2F&dt=Send%20Anywhere%20-%20File%20transfer&en=scroll&epn.percent_scrolled=90&_et=2&tfd=2117
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHGDYFMJXL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://office365.send-anywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 11ms
11ms Image
image/svg+xml 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 06:42:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 42019
x-ms-lease-status: unlocked
last-modified: Thu, 25 Jan 2024 20:55:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7b0aef34-e01e-007a-4e25-5024c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 84cf7e87fe6aa814-SYD

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
216 B 99ms
98ms XHR
text/plain 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=192175536&t=pageview&_s=1&dl=https%3A%2F%2Foffice365.send-anywhere.com%2F&ul=en-us&de=UTF-8&dt=Send%20Anywhere%20-%20File%20transfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=1005529252&gjid=1652260171&cid=1455487853.1706510536&tid=UA-42081347-1&_gid=1637358252.1706510537&_slc=1&gtm=45Xe41o0n81NQWTW75v890490030&gcd=11l1l1l1l1&dma=0&z=1415659441

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://office365.send-anywhere.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://office365.send-anywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
155 B 97ms
97ms XHR
text/plain 64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-42081347-1&cid=1455487853.1706510536&jid=1005529252&gjid=1652260171&_gid=1637358252.1706510537&_u=YCDAiEABBAAAAGAAI~&z=483932554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://office365.send-anywhere.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 29 Jan 2024 06:42:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://office365.send-anywhere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 50D5 24 KB
7 KB 404ms
2ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com
URL: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:41:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Jan 2025 01:41:08 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50D5 205 KB
65 KB 159ms
158ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com
URL: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:42:17 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 504ms
104ms Image
image/gif 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42081347-1&cid=1455487853.1706510536&jid=1005529252&_u=YCDAiEABBAAAAGAAI~&z=476884165

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 104ms
102ms Image
image/gif 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-42081347-1&cid=1455487853.1706510536&jid=1005529252&_u=YCDAiEABBAAAAGAAI~&z=476884165

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 50D5 0
0 140ms
140ms Fetch
image/gif 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstPbFixx6mYO57czGJqYMXhUF52D2RvLbyVpV0jJkTcXJSQ3EjCEzDO5oINWKc9P5tfVjUSzOHX9nf1lZdiRSRya45aQj9WeRSP4PA8gLQ4EkuCBUoEsQDw6n1woxVhs4CjH8Exz5SiHnX6nqFBGOab4AoxJaWAwtqKPRqvjIaGnH7QQaTlyAWoRUwetDmL5sw5QrWE2HXr51pwiWVDJrxelAJ_a_bWJRWigEyZaE-DUpzgwe2AHu5WKGPdTdopTJHIIU7xLlxAas3SjrLko_JB4a7ajksILDFo_peihgl8AULFf-QM2ZJhDToSLJQoHXXzjpoJ9hLHbPaLTazx7Uhs_mBjbFpDs9p3MeL&sai=AMfl-YRYddHxtU7rTEcb6Q0Y_hMwj0SadITdTD8rsnchYfkHsintDGzs60tlXnf8dGXpJTiTVia2micLgR0uBRNw30Flgt7aVEcN_3dXFZOPvc10B3ymOwNKJ4pyiXH5dhcqyUe2gSBwmjXmXlqKrle95Q0&sig=Cg0ArKJSzN37zEyLOqM3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com
URL: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 50D5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfee5c8f8c749aef084a730c93fce9e3efe70a44a20ddfeb234889bcff99ab01

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16028139939048353485
tpc.googlesyndication.com/simgad/ Frame 50D5 76 KB
76 KB 4ms
3ms Image
image/png 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16028139939048353485?

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

39dc67add06d03c550f407cd0eb5517103e8f1bcb7eab8e16ca7e9c8d049c29c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 25 Jan 2025 10:21:04 GMT
date: Fri, 26 Jan 2024 10:21:04 GMT
x-content-type-options: nosniff
age: 246073
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77629
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 08:46:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 Web_2560x1666_outlookA_EN.png
d4a553n24khrv.cloudfront.net/wp-content/uploads/2023/04/ Frame 50D5 333 KB
334 KB 333ms
6ms Image
image/png 18.67.93.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d4a553n24khrv.cloudfront.net/wp-content/uploads/2023/04/Web_2560x1666_outlookA_EN.png
Requested by: Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-100.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66954e8fd412fb61378f9eb8f9f5ab569f3f3f2c6be8a52da32a5c5c2ec61967

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 02:24:22 GMT
via: 1.1 82008a7e089b84e7f0a6d8d139a4e3de.cloudfront.net (CloudFront)
last-modified: Sat, 27 Jan 2024 01:12:36 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 15476
etag: "b20646aed675645391325ae835a2c043"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 341055
x-amz-cf-id: RdKNNJNLTSvh-Cs4RyNC8BXIyiz4710LP7l4OrJPCtHZrEzkMNAzjA==

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 50D5 0
0 842ms
143ms Fetch
image/gif 142.250.76.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvz6dF0pjzMqBk-3RCT5Tf2oeQik3FJ10ICb3R9OQ0p1LKXKvxmn4AV-0Jx2DHCnakHOnPZYjFkz8rNaHCY5xVqcmQNkffFSaFmG7ZH-SopTJVKZRqOEygwnTEU5CjQNqPH7sUA_n1V3zSG8SizPMzd8Dkr4ec4HSt1ChCtVMJsZlNEHi1VhOtLpLfjSq_5Imv4szIpGZIv6MFF3i0NXe5deuVkp1BHhDEy6dayj_eRhfM75-FWf73eogfyVLsS46wIF-ukaXzyBpv-g6sjQbEIABOLfzCU8kWawozSldaML-W531lQBZs8Ktu6Ov8PSIMxWPdcn9eGE3j5RhwC0L-X13RVo3eHLhPfeQ0FjfQ&sai=AMfl-YS2E-wY8ipPJfJnv3V_EyA944KEDsPbcLpQvNeoPobSYIz2QE5FAlUuEfyYrwIEGEaMZKV6xR-lUTlimhNZrE16f3MK_Ge49PKKWXTELodKQCM8JlDYvNzgy3pr5d_sflrH9B4A32jEUymXlXeDtKQ&sig=Cg0ArKJSzIaXhYJ6XXyvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:42:18 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 758E 200 B
841 B 14ms
13ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://office365.send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 4648826
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 06:42:17 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1642443
x-content-type-options: nosniff
x-request-id: 015c15d6-2efe-4837-819d-8b9ac6e6bfa7
x-served-by: cache-bne12527-BNE

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 875ms
176ms XHR
application/json 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e53ec1d998f38428ff01d7fb7964fc493e98ffe4ef0951d5bc9f155be8c79486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12341
x-xss-protection: 0

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 758E 526 B
449 B 13ms
13ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 06:42:17 GMT
via: 1.1 varnish
age: 8366118
x-cache: HIT
content-length: 315
x-request-id: a20f5e8f-5bf8-47e8-8d4a-617a2ca111ea
x-served-by: cache-bne12527-BNE
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1537407

POST
H2 200 csp-report
q.stripe.com/ Frame 758E 0
716 B 486ms
161ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 29 Jan 2024 06:42:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706510538061027
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706510538060644
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 758E 0
718 B 485ms
160ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 29 Jan 2024 06:42:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706510538060935
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706510538060677
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame CFE8 930 B
2 KB 326ms
5ms Document
text/html 18.67.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.93.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-93-87.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 164
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 06:39:33 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
x-amz-cf-id: jLDP-aGzkKCNYDCUxQDRC6ih9kSPl4MfGwaW7zPWvuheGLGZPZ85gA==
x-amz-cf-pop: SYD62-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame CFE8 0
490 B 161ms
160ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: office365.send-anywhere.com
URL: https://office365.send-anywhere.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 29 Jan 2024 06:42:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706510538081291
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1706510538080926
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame CFE8 87 KB
14 KB 5ms
4ms Script
text/javascript 18.67.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.93.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-93-87.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:37:22 GMT
content-encoding: br
via: 1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 297
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 84i60FST9wHt8dknkL2qI3onCgr0tEFPKKB1BZ0ZTHBFkbNY2yIbeQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame CFE8 156 B
670 B 491ms
164ms XHR
application/json 34.215.148.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.148.109 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-148-109.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0f7617b4f5afbd0dae96c6ec7d3f60d54fede5b64ae6afa3e07c06eebf9ed093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 29 Jan 2024 06:42:18 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706510538498458
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1706510538498239
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 348ms
348ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 06:42:18 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50D5 42 B
174 B 141ms
141ms Fetch
image/gif 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxlIPePMpEVb3wxhNvEwYzVTILdBdNZBdi0fsqJA02pxPrjHlO05EQPsPj6qQ7tbw9FuNAtgT1JawWDkPjJQgZU7MlB2e9Ne8UXIwR_IJ9YXHw4jqNOqLemTebdbFJZ8fUq8IK7KEWc_BN-ZMjVT_5RfUj&sig=Cg0ArKJSzBvK2ybf2WAFEAE&id=lidar2&mcvt=1000&p=64,0,1200,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=634674069&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170651053700&rst=1706510536715&rpt=796&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 06:42:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE1F 13 KB
5 KB 2ms
2ms Document
text/html 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office365.send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 16938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 02:00:00 GMT
expires: Tue, 28 Jan 2025 02:00:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DF1D 829 B
1000 B 104ms
103ms Document
text/html 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

GSE /

Resource Hash

85e08810909918d92b62cd7ff687ece972f37900a6ea39c15d622aa387857484

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4d5-YOpMvxiNnZCHEpURVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://office365.send-anywhere.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4d5-YOpMvxiNnZCHEpURVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 06:42:18 GMT
expires: Mon, 29 Jan 2024 06:42:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame EE1F 39 KB
15 KB 3ms
2ms Script
text/javascript 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 04:57:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 04:57:57 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame EE1F 0
40 B 2ms
2ms Image
text/plain 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HfRiYw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 06:42:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DF1D 0
0 139ms
139ms Image
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401230101&jk=1509876055031857&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.71.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s17-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 140ms
140ms Image
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401230101&jk=1509876055031857&bg=!oaKlou3NAAa8BdJLnAU7ADQBe5WfOEMbxA-fJxK8AhCU2VnPPLp7KI7Q0TRIZSrE5jZUtgvyri3UsBmhvDpchbSyNJ8hAgAAAEBSAAAAAmgBB5kC1Al2tvmC4Ubv4owpA_Iovp3t01UIXPYNbCbzOVs3dNX7KGNCYcYedPmmRfQlpoCr2xRNT2tR7KfKaLKy-wru4gq5I8TwFMFM1-csdUUT2hltHpydQ5dqFDurEzUK3xeFlDWTlx3RtUxX2xwZjZKxG16sMK_D_pAenakFcUju8s31WRl0Um9spdsBvDq9EtrRxtaBmdkw9Sg3l9ijquxpbF_GVrlYw97QtuHePDCigU94WrPu6PrWnewqlrOzJyeS6xY1s8clA94s76LFsmf3D3bXz5ALi2KBuZl5R3IfOkDZQuznz2U5shnjk2TBG5nsZEHe5kAhzk18O0-BmVWgWSSc137Xm55W4HUjcyxj_CFxfhKA53s3OGlzeurcXVi7sj_56ly8m0-IEJlLBb5YfOwfgBxdfd61UXXPVhp0IHa21WG3O6IRbRqcbkCCbnAaq8zcENqxtgalEXRX6FyHOFHm6btCC0V0b4B7j9l9TwDpIyLHXjc3QJEt7rqQ6sZJiDmsSAnWfa9OTQTx2apDa1DL7syo3dapHDe5vdtO2Dt-SM89v9SJhx08X95_gzJ3mh8j4gVsfEu7f9Hp8H2QZfcM1X8p85zKGGy46D2cxC5-IsqgLpz_l_CHIsS3sZ4uj7bp9I5wHpb9KzR_asSLsyDeNe5neMwmgbI4-ubUQMZcpNaRQoykD4oUdDZw24pq8Xe4ZVZ0q1the2_PEe_XqOh12LPIMj0oNS_KujQ1LrL1EJaOO9d_EsbR90F0zWlgh_Wx3TFxHiI4QcTpwQ96TjiKFpufNMeIH33_Qa3nnqfBORvAsL-x3m8mWF08bjSmD2i36gCZBm1k4xsBrTFmtlxD1WSDMSb7UJ3v6mty9kkIk7BBAh3lYQFm7RPwbbLwlVHJmlq7wlWl1mHDgKpVoKhevxeOEZo3jgK1vwv5uz4iXRl4jp73fQBddfp-QEX2D4SvkfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.71.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s17-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://office365.send-anywhere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
office365.send-anywhere.com/	1970-01-21 02:48:52	Name: i18next Value: en-AU
.google.com/	1970-01-20 22:25:21	Name: NID Value: 511=NSIqK7Pkq57HrdtSwYpTbbPtjB_bvbWH_qCeTbmqgX0yaoxmKauTviLgISJjKHEbSqb5e9lIqVIIuBLn4pq00enpQ5TvF0vtXFvlqOTgDgJ3C6MLyYdqNuOF59R5e4evbCwOiryjVCzjH8eK3b7x_VyVYdpS6I5epLhEimdYXbQ
.office365.send-anywhere.com/	1970-01-21 03:37:50	Name: _fwb Value: 522BB1O6l9C1WGIxgZCGek.1706510535546
office365.send-anywhere.com/	1970-01-21 03:37:50	Name: wcs_bt Value: ce4000b198d5a0:1706510535
.send-anywhere.com/	1970-01-20 20:11:26	Name: _fbp Value: fb.1.1706510536117.2080264810
.wcs.naver.com/	1970-01-21 03:37:50	Name: NWB Value: 0738400dd9f7ac0abe50ebe0897114e4.1706510536362
.send-anywhere.com/	1970-01-21 03:23:26	Name: __gads Value: ID=5a5b05c706dcac2a:T=1706510536:RT=1706510536:S=ALNI_MYCX7jSIweNKZNYxQxCbf4v5UkIug
.send-anywhere.com/	1970-01-21 03:23:26	Name: __gpi Value: UID=00000cf32c44d67a:T=1706510536:RT=1706510536:S=ALNI_MYrZr9UIYDzFq2XOTmYIY9Fl7-wmw
.send-anywhere.com/	1970-01-21 03:37:50	Name: _ga_SHGDYFMJXL Value: GS1.1.1706510536.1.1.1706510536.60.0.0
.send-anywhere.com/	1970-01-21 02:47:26	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Jan+29+2024+14%3A42%3A16+GMT%2B0800+(Australian+Western+Standard+Time)&version=6.32.0&isIABGlobal=false&hosts=&consentId=42d80ae3-4bfb-46c9-899e-1c29cf463a5d&interactionCount=0&landingPath=https%3A%2F%2Foffice365.send-anywhere.com%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.doubleclick.net/	1970-01-20 22:21:02	Name: APC Value: AfxxVi5w0YuKaxLTncSsBZ8Gzj9hNLZiJDk3uuft4tmAgYsec3Ou4g
.doubleclick.net/	1970-01-21 03:37:50	Name: IDE Value: AHWqTUn6Jg9tHskp2wKKZGmmdw9j6M7Y9JBEcrSutnsrRBJRZ8H-tfi-ogTwQnKz9TE
.send-anywhere.com/	1970-01-21 03:37:50	Name: _ga Value: GA1.2.1455487853.1706510536
.send-anywhere.com/	1970-01-20 18:03:16	Name: _gid Value: GA1.2.1637358252.1706510537
.send-anywhere.com/	1970-01-20 18:01:50	Name: _dc_gtm_UA-42081347-1 Value: 1
m.stripe.com/	1970-01-21 03:37:50	Name: m Value: be5d68f7-996d-4e07-8921-1e414b482cac3e35e0
.office365.send-anywhere.com/	1970-01-21 02:47:26	Name: __stripe_mid Value: fba9916d-f5c6-4ed4-9b99-efa9cf88188a9159f6
.office365.send-anywhere.com/	1970-01-20 18:01:52	Name: __stripe_sid Value: 5604d1a3-4ccc-4740-9317-b3ac19b5722b494946

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1341760472609957?v=2.9.143&r=stable&domain=office365.send-anywhere.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
analytics.google.com
apis.google.com
cdn.carbonads.com
cdn.cookielaw.org
cdnjs.cloudflare.com
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
d4a553n24khrv.cloudfront.net
f46eee0d8599ee4146fdc10c26e74bfa.safeframe.googlesyndication.com
geolocation.onetrust.com
googleads.g.doubleclick.net
js.stripe.com
m.servedby-buysellads.com
m.stripe.com
m.stripe.network
office365.send-anywhere.com
pagead2.googlesyndication.com
q.stripe.com
securepubads.g.doubleclick.net
send-anywhere.zendesk.com
settings.luckyorange.net
srv.buysellads.com
srv.carbonads.net
stats.g.doubleclick.net
tpc.googlesyndication.com
wcs.naver.com
wcs.naver.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
104.16.51.111
104.17.25.14
104.18.131.236
104.18.32.137
110.93.147.30
13.224.181.94
13.35.147.99
13.35.148.111
142.250.204.1
142.250.204.14
142.250.204.2
142.250.204.3
142.250.204.4
142.250.71.66
142.250.76.104
142.250.76.98
142.251.221.65
142.251.221.70
151.101.192.176
157.240.8.23
157.240.8.35
172.67.75.100
18.67.93.100
18.67.93.47
18.67.93.87
216.239.36.181
23.1.240.139
34.215.148.109
54.186.23.98
64.233.170.154
68.183.227.113
68.183.230.54
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3
0ee85a12b0ba20b16d0521c93e54ba0d719e4bdee2a8493276ff383babe32641
0f7617b4f5afbd0dae96c6ec7d3f60d54fede5b64ae6afa3e07c06eebf9ed093
0f8429015aaa99b48ce1bfe6c65f55b81611e738beafc6860f801a0ceb6458c4
1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
1a7b64e4f352350e6220d17ee15893c38da9d0ab4fb950bc22ac8a4897f90b71
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d59d4016d9581887649dfb669756f6517cead1f5a73222787a9005261b7d7ab
1d7682b7d775981fe72e377f6c2d76f4d4cf4ef62d36f18fbdc4132f49db001b
1f77e1c0c9065577347603665542bc189eef767977784ea0885a9ef76fbc8d57
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990
2477c652ab1b5955a46ced759ea2cdd172c2fbae05c1461d4e697205fbc3bfca
25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a
2f7189da47601340063c964876ab6437552b830b8a7685c6a5db228dabf090f3
30d1a8b556e7f591ab1c736b9e245c4cfb3794fd2f514d337bd7c7f442564483
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
374cf5f28eaec92d08d2d5799a193c1de081d4dbe99d1865bde0eb35aff06c65
39dc67add06d03c550f407cd0eb5517103e8f1bcb7eab8e16ca7e9c8d049c29c
3ab30e780c8b0bcc4998b838a5b30c3bfe28edead312906dc3c12271fae0699a
3d721e8b87d0aa3f3a7d7fe2ed9a49da6c5a47cb2977c16a32ea87be19eb237d
3dff2a5abe480dae8316d81b7c0f60e3b62d57083d5647f735dd5c8679e8a983
3f1bf66fa2b83894695287210a03359b64265fadf35666ffc0ee0bbce8822844
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
468e579fe1210fa55525b1c470ed2d1958404512a2dd4fb972cac5ce0ff00b1f
492a8075f2b18cf7ec8a0dc21bd0c921119275ab1b44698bf1704b806ef7db93
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
595ce98672716d048593078a59735472c0dbb39a3dfc5851ff5cb42fc11b3f52
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66954e8fd412fb61378f9eb8f9f5ab569f3f3f2c6be8a52da32a5c5c2ec61967
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3
76691730a6d7d871abd7ac14f25613e69758fd9fd27fdd80d8523ec5675cc31e
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7f1fa6f80d5979e6e714f53c15f2d8c29d625302165cc08357d37b092906ffa8
7f593b9405d3060b658eda040ba64cee1af49466a5231b1b1933a3276bee2ddd
82c34a26cc6cd665f57ae47471456ed88b3457b2db54d120f93f513b8a4d5a2b
8352e02d89ad51ae66a63c1a10f6aba4e2003f7737bbdc440eec9a1effe7d2f4
85035853ec4a25b718afdcde13e0ffe59b86ba0e7125d07b5e2857cfdad0d741
85e08810909918d92b62cd7ff687ece972f37900a6ea39c15d622aa387857484
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8e8b5a0b4e50196e99b823f22a7ed11b3408e2169f44ecfbc09738f1ee6c6b15
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
8fe047951e517e19e6f3622b22e6eff304e0acf7e5181c8bf51dcc64f556c685
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9649245d165896c3150f77d8c2a22a51dbef999b2e54e16f241b6502c94bbbe6
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a155f769a1430ac17a509c17f6533092f7fd99b889b3d4cf6c0bc431c22326d8
a94768a824ce186cf0adf17fe7e71b76e573ef99b8096c1ee2ba382b40321478
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bbe759b719f2ee74c72af1e5718aaf6e4772dcafb265c2ad82753080b733fff1
bfee5c8f8c749aef084a730c93fce9e3efe70a44a20ddfeb234889bcff99ab01
c9d64408d7fbd78db02dfd766763bb53adb0049f8373d221c0b68ab040ef2a38
cb0d4898e672ec6c78416c069d61c9ec41b45dd81a24e6001ed5d68a64dab782
d6559a1c4032d708f83c634d0f924143b79bbc3a95b59d8647542015e9ec2dba
d697a4b42e0bfd2b62121f7e142ec9cbdfbc9ef9d7b2d28a7423001595d0f116
d901c2041c3eab87130f60272521ceb14cc694db13b5f92f0981b174c67d0d14
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db79defc52e982cd60f708f694051bb072141d7107fdf4d58bdda3e2e44299fc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53ec1d998f38428ff01d7fb7964fc493e98ffe4ef0951d5bc9f155be8c79486
e5f33aac4d3f98a603fa2af81a108f5eeb6f12381ce3af54ca56ce63f35ccd6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f195179b3694d3b5cd85e3c12ea37818acf178e913fbfa386864bf18784956f5
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f7c9d0b905fb68cbb3786acbbf2bde72e7a1df8f4d13fb531382539402e95d0a
f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe
ff2772fb1b6b2dd981639a32d57e8d79a75cf4c26d422208a652193404179f6b

office365.send-anywhere.com Open in urlscan Pro 18.67.93.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

99 %HTTPS

0 %IPv6

24 Domains

34 Subdomains

33 IPs

5 Countries

3055 kBTransfer

9258 kBSize

18 Cookies

8 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

office365.send-anywhere.com Open in urlscan Pro
18.67.93.47 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

99 %
HTTPS

0 %
IPv6

24
Domains

34
Subdomains

33
IPs

5
Countries

3055 kB
Transfer

9258 kB
Size

18
Cookies

94 HTTP transactions
2 data transactions