www4.sendthisfile.com Open in urlscan Pro
75.126.163.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0...
Effective URL:
https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&...
Submission: On October 08 via manual (October 8th 2020, 6:30:32 pm UTC) from US

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 32 HTTP transactions. The main IP is 75.126.163.156, located in Dallas, United States and belongs to SOFTLAYER, US. The main domain is www4.sendthisfile.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on September 23rd 2020. Valid for: a year.

This is the only time www4.sendthisfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	185.64.213.245 185.64.213.245	50152 (IMED) (IMED)
1 1	104.47.41.28 104.47.41.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	158.85.20.121 158.85.20.121	36351 (SOFTLAYER) (SOFTLAYER)
1 1	75.126.163.148 75.126.163.148	36351 (SOFTLAYER) (SOFTLAYER)
14	75.126.163.156 75.126.163.156	36351 (SOFTLAYER) (SOFTLAYER)
4	148.62.23.124 148.62.23.124	33070 (RMH-14) (RMH-14)
32	3

14 185.64.213.245 (United Kingdom)

ASN50152 (IMED, GB)
PTR: intermedia.co.uk

url.emailprotection.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.47.41.28 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nam03.safelinks.protection.outlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.85.20.121 (Chantilly, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 79.14.559e.ip4.static.sl-reverse.com

www3.sendthisfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.126.163.148 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 94.a3.7e4b.ip4.static.sl-reverse.com

www7.sendthisfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 75.126.163.156 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 9c.a3.7e4b.ip4.static.sl-reverse.com

www4.sendthisfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 148.62.23.124 (San Antonio, United States)

ASN33070 (RMH-14, US)

www.sendthisfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	sendthisfile.com 2 redirects www3.sendthisfile.com www7.sendthisfile.com www4.sendthisfile.com www.sendthisfile.com	143 KB
14	emailprotection.link url.emailprotection.link	140 KB
1	outlook.com 1 redirects nam03.safelinks.protection.outlook.com	651 B
32	3

	Domain	Requested by
14	www4.sendthisfile.com	url.emailprotection.link www4.sendthisfile.com
14	url.emailprotection.link	url.emailprotection.link
4	www.sendthisfile.com	www4.sendthisfile.com
1	www7.sendthisfile.com	1 redirects
1	www3.sendthisfile.com	1 redirects
1	nam03.safelinks.protection.outlook.com	1 redirects
32	6

This site contains no links.

Subject Issuer	Validity	Valid
*.emailprotection.link GeoTrust RSA CA 2018	`2020-07-16` - `2022-08-15`	2 years	crt.sh
*.sendthisfile.com GeoTrust RSA CA 2018	`2020-09-23` - `2021-10-25`	a year	crt.sh
www.sendthisfile.com GeoTrust EV RSA CA 2018	`2020-10-01` - `2021-11-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
Frame ID: CDFAC20E2DC46CA0CF9F6ACD233B1C56
Requests: 31 HTTP requests in this frame

Frame: https://www4.sendthisfile.com/meter/blank.htm
Frame ID: 35A5F204F1D039FF3864010BF54AE208
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbC... Page URL
https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww3.sendthisfile.com%2Fsendthisfile%2Fcustom.jsp%3Fpage%... HTTP 302
https://www3.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qje... HTTP 302
https://www7.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qje... HTTP 302
https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qje... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

3
IPs

2
Countries

283 kB
Transfer

395 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~ Page URL
https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww3.sendthisfile.com%2Fsendthisfile%2Fcustom.jsp%3Fpage%3D%252Fadvdirectinc%252Fupload%26sendthisfilecode%3Dk8qjemGlYvKYpS9v04j4PfU2%26%26balance%3D28215&data=02%7C01%7Ccmoody%40AmconservationGroup.com%7C566c378acdcc486f03e108d86b9d5b3e%7Ca8ee12a35bcd4f4eb3f4bbf43d9c570a%7C0%7C0%7C637377671650145162&sdata=sSju0BkV%2BWoW5LQgHE51TlFZ9BebBv2MgQazfveEoWQ%3D&reserved=0 HTTP 302
https://www3.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&balance=28215 HTTP 302
https://www7.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&balance= HTTP 302
https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
url.emailprotection.link/ 29 KB
8 KB 337ms
53ms Document
text/html 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: ec40c5db97675bb317bdba6af506537b3e76d75ef0f6366eda9a764d8e336d72

Request headers

Host: url.emailprotection.link
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.14.0
Date: Thu, 08 Oct 2020 18:30:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 200
OK style.css
url.emailprotection.link/css/ 14 KB
3 KB 49ms
29ms Stylesheet
text/css 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/css/style.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: 36fbf03fcbcbf28cee1b55c7e6ea6659c5ead4c78e2308e848c9089246004b92

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: W/"5f43cd16-3736"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK action.js Show response
url.emailprotection.link/js/ 774 B
1 KB 63ms
21ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/js/action.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: 2814f712bb9c91e910ed6a366d462c293f3bf1ebfe2f80be63943c20c4efec99

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:13 GMT
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: "5f43cd16-306"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 774

GET
H/1.1 200
OK screenshot.js Show response
url.emailprotection.link/js/ 1 KB
860 B 63ms
21ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/js/screenshot.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: 18a91ee9f9240cd958ff3359478a5c2993e7c32dd62892b277d5fc61988fbc8d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: W/"5f43cd16-56e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK tweenmax.min.js Show response
url.emailprotection.link/js/ 113 KB
43 KB 82ms
38ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/js/tweenmax.min.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: f26cc2e3ab0b5a1caf2fd222cc4d51cdcb2dbd49ded014b54f3db04711663f4d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: W/"5f43cd16-1c566"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK TimelineMax.min.js Show response
url.emailprotection.link/js/ 21 KB
7 KB 78ms
29ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/js/TimelineMax.min.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: ad29e6ef59bfe671afd6d1d29b14fd79817d71c95a408b15c296549515bc59d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: W/"5f43cd16-5229"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK convey.js Show response
url.emailprotection.link/js/ 3 KB
861 B 85ms
21ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/js/convey.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: 0b0ba522d9dfe991bc639e99db40381fe4f485105c70f9020adffda6965c61a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: W/"5f43cd16-ab3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK scanning.js Show response
url.emailprotection.link/js/ 2 KB
1 KB 86ms
22ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/js/scanning.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: 1f1c25e53f2755b3023910622d53ac6a74f2d9bde9f0b60cc92f90f9323ae955

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: W/"5f43cd16-840"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK logo.png
url.emailprotection.link/images/ 398 B
636 B 21ms
21ms Image
image/png 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.emailprotection.link/images/logo.png
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: c2a3308ca84034f4938e8fc50350d08e33c4f90e95371f6e1d9e3a3e534831b1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:13 GMT
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: "5f43cd16-18e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 398

GET
H/1.1 200
OK dinot-bold-webfont.woff
url.emailprotection.link/fonts/ 25 KB
25 KB 37ms
37ms Font
application/font-woff 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/fonts/dinot-bold-webfont.woff
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: 16500ed1c60af3549f0946fd109f96f4798cb6b58ee849e82fb7a82ffc37801b

Request headers

Origin: https://url.emailprotection.link
Referer: https://url.emailprotection.link/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:13 GMT
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: "5f43cd16-634c"
Content-Type: application/font-woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25420

GET
H/1.1 200
OK opensans-regular-webfont.woff
url.emailprotection.link/fonts/ 24 KB
24 KB 22ms
21ms Font
application/font-woff 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/fonts/opensans-regular-webfont.woff
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: ca510e3ff10ec424392a2e5f5ff640c8059671b92fe8b42ae5911b6dc844e41b

Request headers

Origin: https://url.emailprotection.link
Referer: https://url.emailprotection.link/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:13 GMT
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: "5f43cd16-60cc"
Content-Type: application/font-woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24780

GET
H/1.1 200
OK logo.png
url.emailprotection.link/images/ 398 B
636 B 25ms
24ms Image
image/png 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.emailprotection.link/images/logo.png
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/js/scanning.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: c2a3308ca84034f4938e8fc50350d08e33c4f90e95371f6e1d9e3a3e534831b1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:16 GMT
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: "5f43cd16-18e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 398

GET
H/1.1 200
OK dinot-medium-webfont.woff
url.emailprotection.link/fonts/ 25 KB
25 KB 37ms
37ms Font
application/font-woff 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/fonts/dinot-medium-webfont.woff
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash: 4d0ae714a36becfdb44141b5e04f6e7b8869d9f4a778c281fae28bf01a868afa

Request headers

Origin: https://url.emailprotection.link
Referer: https://url.emailprotection.link/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:16 GMT
Last-Modified: Mon, 24 Aug 2020 14:22:14 GMT
Server: nginx/1.14.0
ETag: "5f43cd16-6278"
Content-Type: application/font-woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25208

POST
H/1.1 200
OK action
url.emailprotection.link/ 0
161 B 27ms
26ms Other
application/octet-stream 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/action
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/js/action.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx/1.14.0 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 08 Oct 2020 18:30:18 GMT
Server: nginx/1.14.0
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H/1.1

200
OK

Primary Request

Cookie set custom.jsp Show response
www4.sendthisfile.com/sendthisfile/
Redirect Chain

https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww3.sendthisfile.com%2Fsendthisfile%2Fcustom.jsp%3Fpage%3D%252Fadvdirectinc%252Fupload%26sendthisfilecode%3Dk8qjemGlYvKYpS9v04j4Pf...
https://www3.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&balance=28215
https://www7.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&balance=
https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

32 KB
33 KB

575ms
225ms

Document
text/html

75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Requested by

Host: url.emailprotection.link
URL: https://url.emailprotection.link/js/scanning.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

477115d4f54a01ea065fdde69f8f2292b51826ce628a87e9952eb68742b7954a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Host: www4.sendthisfile.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://url.emailprotection.link/?bRYJAmgHHk_F07IGPZCnGAPnr-MTv13lSKHQ9v7Sfp1vjxIAv9f25TM5f9KazgTnL7TJ4bCdTbCc3QiUAR6Gh5eAtT06GV0ZjvQf40Iqi8URIidNZ4ieaW4TaZnre8WRrfop-nzdy6-obzO1d10HA-GFtW5-WxPajOrEA7mRnjHXRtY64CtZEA3bKn3_ZftRcPj_LQ2FZwsRD-AIjfp-UXt78gReEEnucaQ0Y4rSLltzt-Ad0gWToKaTh7RL0wWBf6UrnbGcr3CXA4Fvrg_-4KbnEbxx2D1Ynu1lSk57tOCKgqMK8f3Zr-mSoyMvKOEpmFrgG9SRVIwVmK_IcWER2ZGkFtlD_2Jw3LNhnepCe9Grrdd8EiJ6F8OBp-HDO50RPIzPqkJ2_BlyO_VKvfHl-38bWloil8HaSTUBk2QDCY9LxMwMVORSGtvaTInKyXyDjg2G6DFTJ2eYyqF61yKhUbA~~

Response headers

Server: Resin/4.0.37
Cache-Control: private, no-cache
Set-Cookie: JSESSIONID=aaav3W9nyQ42Y6NQNEjux; path=/; secure; HttpOnly
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Date: Thu, 08 Oct 2020 18:30:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload

Redirect headers

Server: Resin/4.0.37
Cache-Control: private, no-cache
Location: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
Set-Cookie: JSESSIONID=aaa34ypK13wDCcPINEjux; path=/; secure; HttpOnly
Content-Type: text/html; charset=utf-8
Content-Length: 179
Date: Thu, 08 Oct 2020 18:30:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload

GET
H/1.1 200
OK error.css
www.sendthisfile.com/style/ 727 B
685 B 560ms
129ms Stylesheet
text/css 148.62.23.124
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sendthisfile.com/style/error.css

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

148.62.23.124 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resin/4.0.64 /

Resource Hash

f9bfedeb7c5377d3a9dcfe87fdae1e0f0a125bbce165830a61f786ea124398ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Sep 2017 16:20:28 GMT
Server: Resin/4.0.64
ETag: "C2RzQNhQm14"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: private, max-age=0, must-revalidate
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Length: 308

GET
H/1.1 200
OK prototype.js Show response
www4.sendthisfile.com/javascript/ 63 KB
64 KB 345ms
185ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/javascript/prototype.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

709bb1f0cb905131f5713347db00ee6a09551da22f5ba1f77aaeac4ddb3581d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Tue, 13 Mar 2018 21:20:40 GMT
Server: Resin/4.0.37
ETag: "HFCKBJNB4JV"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 65022

GET
H/1.1 200
OK ajaxrequest.js Show response
www4.sendthisfile.com/javascript/ 1 KB
2 KB 386ms
125ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/javascript/ajaxrequest.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

2023b7784e2bd518b38e1f392092789ce983d8dabf5b4b968315e9f8592c5808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Tue, 13 Mar 2018 21:20:40 GMT
Server: Resin/4.0.37
ETag: "5XIVBlDGFP4"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 1487

GET
H/1.1 200
OK webtoolkit.aim.js Show response
www4.sendthisfile.com/javascript/ 2 KB
2 KB 385ms
124ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/javascript/webtoolkit.aim.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

5cb42bf0018d0f3960a2c72f6cb25734331efd4387e5c24953fd730675e0472f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Fri, 05 Jun 2020 06:40:55 GMT
Server: Resin/4.0.37
ETag: "Em/mdlhaMNu"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 1714

GET
H/1.1 200
OK sendthisfile.js Show response
www4.sendthisfile.com/javascript/api/ 6 KB
6 KB 397ms
132ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/javascript/api/sendthisfile.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

bbaa5612b0ee5331b2e73f69a8543a958e14cfbcb1736331d2c3ffa83c182387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Tue, 13 Mar 2018 21:20:40 GMT
Server: Resin/4.0.37
ETag: "8PicIkTUnRU"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 5992

GET
H/1.1 200
OK clock.js Show response
www4.sendthisfile.com/javascript/ 650 B
963 B 397ms
128ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/javascript/clock.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

e7a422c5e55646636dfd6fdbd5e81fb27db624dc39aa06e54e421479e9a126b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Tue, 13 Mar 2018 21:20:40 GMT
Server: Resin/4.0.37
ETag: "FDPp5x+qVw6"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 650

GET
H/1.1 200
OK expander.js Show response
www4.sendthisfile.com/javascript/ 1 KB
1 KB 454ms
151ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/javascript/expander.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

01cc7b317c5ba03b2decf4ab56fc4ec49f4e8f5f367855963fb2050fcbc75951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Tue, 13 Mar 2018 21:20:40 GMT
Server: Resin/4.0.37
ETag: "F50kdPTkUWc"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 1221

GET
H/1.1 200
OK emailvalidator.js Show response
www4.sendthisfile.com/javascript/ 1 KB
1 KB 511ms
125ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/javascript/emailvalidator.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

a53c07dba71fad430f48f3657f299125013486950ac0b104cfb40aab7eb7d581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Tue, 13 Mar 2018 21:20:40 GMT
Server: Resin/4.0.37
ETag: "GW4dS1Ovq2L"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 1073

GET
H/1.1 200
OK uploadframe.js Show response
www4.sendthisfile.com/javascript/ 673 B
986 B 514ms
128ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/javascript/uploadframe.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

79feabf6c8ae44f667ef3381e74c4ae3174b57d102ad96dcffbeaf9d0b1a47da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Tue, 13 Mar 2018 21:20:40 GMT
Server: Resin/4.0.37
ETag: "8siLhvkEvGR"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 673

GET
H/1.1 200
OK formvalidator.js Show response
www4.sendthisfile.com/shared/javascript/ 4 KB
4 KB 527ms
129ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/shared/javascript/formvalidator.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

37c3b4731ed2aaa741f02986bbb3f44c2bb2cc002cd5184f134898f3e09ea468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Mon, 25 Jun 2018 20:21:38 GMT
Server: Resin/4.0.37
ETag: "Aomwv/SJ23m"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 3846

GET
H/1.1 200
OK stfapi.js Show response
www4.sendthisfile.com/javascript/ 218 B
531 B 526ms
128ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/javascript/stfapi.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

68fa8503acdfb51d0e2d4454d26f7b5d713397bd9824db75ed2af9c4f62c7eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Tue, 13 Mar 2018 21:20:40 GMT
Server: Resin/4.0.37
ETag: "7WUw/cO7OCN"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 218

GET
H/1.1 200
OK salem-one_logo.png
www.sendthisfile.com/images/marketing/ 3 KB
4 KB 130ms
130ms Image
image/png 148.62.23.124
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sendthisfile.com/images/marketing/salem-one_logo.png

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

148.62.23.124 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resin/4.0.64 /

Resource Hash

cb8a1180030d103537244ef2761c6b10e65ea1b49e87fab0947db2a2d35e6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Thu, 12 Oct 2017 16:56:17 GMT
Server: Resin/4.0.64
ETag: "5j08RUukmaX"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/png
Cache-Control: public, max-age=31536000
Content-Length: 3418

GET
H/1.1 200
OK error.png
www.sendthisfile.com/images/silk/ 666 B
971 B 258ms
132ms Image
image/png 148.62.23.124
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sendthisfile.com/images/silk/error.png

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

148.62.23.124 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resin/4.0.64 /

Resource Hash

011f4e33d86b448078a2bd56b7060770b2c079e86aad2b7298ab0db216758f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:24 GMT
Last-Modified: Fri, 22 Sep 2017 16:20:28 GMT
Server: Resin/4.0.64
ETag: "6eT39RA22au"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/png
Cache-Control: public, max-age=31536000
Content-Length: 666

GET
H/1.1 200
OK continue_green_209x45.gif
www.sendthisfile.com/shared/images/buttons/ 3 KB
4 KB 383ms
127ms Image
image/gif 148.62.23.124
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sendthisfile.com/shared/images/buttons/continue_green_209x45.gif

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

148.62.23.124 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resin/4.0.64 /

Resource Hash

aa25cab9f585e268db4e607c781d5eaaa672cc677ec4518752cf5fe468b84883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:24 GMT
Last-Modified: Fri, 22 Sep 2017 16:20:17 GMT
Server: Resin/4.0.64
ETag: "GFpG36Z5FlD"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: public, max-age=31536000
Content-Length: 3529

GET
H/1.1 200
OK meter.js Show response
www4.sendthisfile.com/javascript/ 16 KB
17 KB 249ms
248ms Script
application/x-javascript 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/javascript/meter.js

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

443588b64fdde44ffcdf86ce40c6a52674baa3b19ccab9000970cd1f92b4828d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 18:30:23 GMT
Last-Modified: Thu, 05 Mar 2020 22:14:24 GMT
Server: Resin/4.0.37
ETag: "4fkAnFEk35R"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript
Cache-Control: private, no-cache
Content-Length: 16712

GET
H/1.1 200
OK blank.htm Show response
www4.sendthisfile.com/meter/ Frame 35A5 66 B
344 B 127ms
127ms Document
text/html 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/meter/blank.htm

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

d645178bc2bdebf3ab9a3514082f27b63fa1b623a235ee081c4d764a0ed7256b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Host: www4.sendthisfile.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: JSESSIONID=aaav3W9nyQ42Y6NQNEjux
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218

Response headers

Server: Resin/4.0.37
ETag: "CtU0AIJsl+O"
Last-Modified: Tue, 13 Mar 2018 21:20:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 66
Date: Thu, 08 Oct 2020 18:30:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload

POST
H/1.1 200
OK getUniqueMeter.jsp Show response
www4.sendthisfile.com/api/transfer/ 129 B
593 B 137ms
136ms XHR
text/xml 75.126.163.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.sendthisfile.com/api/transfer/getUniqueMeter.jsp

Requested by

Host: www4.sendthisfile.com
URL: https://www4.sendthisfile.com/javascript/prototype.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.126.163.156 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

9c.a3.7e4b.ip4.static.sl-reverse.com

Software

Resin/4.0.37 /

Resource Hash

5b5d005d5a5994678538e45d50e6f1821b31711a1a2a6b596cd35ce9d6bd79a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
X-Prototype-Version: 1.5.0_rc1
X-Requested-With: XMLHttpRequest
Referer: https://www4.sendthisfile.com/sendthisfile/custom.jsp?page=%2Fadvdirectinc%2Fupload&sendthisfilecode=k8qjemGlYvKYpS9v04j4PfU2&&&balance=28218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 08 Oct 2020 18:30:24 GMT
Server: Resin/4.0.37
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://www4.sendthisfile.com
Cache-Control: private, no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: logincookie, elogincookie, pridvalidationtoken
Content-Length: 129

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nam03.safelinks.protection.outlook.com
url.emailprotection.link
www.sendthisfile.com
www3.sendthisfile.com
www4.sendthisfile.com
www7.sendthisfile.com
104.47.41.28
148.62.23.124
158.85.20.121
185.64.213.245
75.126.163.148
75.126.163.156
011f4e33d86b448078a2bd56b7060770b2c079e86aad2b7298ab0db216758f34
01cc7b317c5ba03b2decf4ab56fc4ec49f4e8f5f367855963fb2050fcbc75951
0b0ba522d9dfe991bc639e99db40381fe4f485105c70f9020adffda6965c61a7
16500ed1c60af3549f0946fd109f96f4798cb6b58ee849e82fb7a82ffc37801b
18a91ee9f9240cd958ff3359478a5c2993e7c32dd62892b277d5fc61988fbc8d
1f1c25e53f2755b3023910622d53ac6a74f2d9bde9f0b60cc92f90f9323ae955
2023b7784e2bd518b38e1f392092789ce983d8dabf5b4b968315e9f8592c5808
2814f712bb9c91e910ed6a366d462c293f3bf1ebfe2f80be63943c20c4efec99
36fbf03fcbcbf28cee1b55c7e6ea6659c5ead4c78e2308e848c9089246004b92
37c3b4731ed2aaa741f02986bbb3f44c2bb2cc002cd5184f134898f3e09ea468
443588b64fdde44ffcdf86ce40c6a52674baa3b19ccab9000970cd1f92b4828d
477115d4f54a01ea065fdde69f8f2292b51826ce628a87e9952eb68742b7954a
4d0ae714a36becfdb44141b5e04f6e7b8869d9f4a778c281fae28bf01a868afa
5b5d005d5a5994678538e45d50e6f1821b31711a1a2a6b596cd35ce9d6bd79a5
5cb42bf0018d0f3960a2c72f6cb25734331efd4387e5c24953fd730675e0472f
68fa8503acdfb51d0e2d4454d26f7b5d713397bd9824db75ed2af9c4f62c7eb3
709bb1f0cb905131f5713347db00ee6a09551da22f5ba1f77aaeac4ddb3581d3
79feabf6c8ae44f667ef3381e74c4ae3174b57d102ad96dcffbeaf9d0b1a47da
a53c07dba71fad430f48f3657f299125013486950ac0b104cfb40aab7eb7d581
aa25cab9f585e268db4e607c781d5eaaa672cc677ec4518752cf5fe468b84883
ad29e6ef59bfe671afd6d1d29b14fd79817d71c95a408b15c296549515bc59d2
bbaa5612b0ee5331b2e73f69a8543a958e14cfbcb1736331d2c3ffa83c182387
c2a3308ca84034f4938e8fc50350d08e33c4f90e95371f6e1d9e3a3e534831b1
ca510e3ff10ec424392a2e5f5ff640c8059671b92fe8b42ae5911b6dc844e41b
cb8a1180030d103537244ef2761c6b10e65ea1b49e87fab0947db2a2d35e6210
d645178bc2bdebf3ab9a3514082f27b63fa1b623a235ee081c4d764a0ed7256b
e7a422c5e55646636dfd6fdbd5e81fb27db624dc39aa06e54e421479e9a126b9
ec40c5db97675bb317bdba6af506537b3e76d75ef0f6366eda9a764d8e336d72
f26cc2e3ab0b5a1caf2fd222cc4d51cdcb2dbd49ded014b54f3db04711663f4d
f9bfedeb7c5377d3a9dcfe87fdae1e0f0a125bbce165830a61f786ea124398ac

www4.sendthisfile.com Open in urlscan Pro 75.126.163.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

0 %IPv6

3 Domains

6 Subdomains

3 IPs

2 Countries

283 kBTransfer

395 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www4.sendthisfile.com Open in urlscan Pro
75.126.163.156 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

3
IPs

2
Countries

283 kB
Transfer

395 kB
Size

0
Cookies

32 HTTP transactions
0 data transactions