wetransfer.com Open in urlscan Pro
54.171.26.25  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://r.mail.icertias.org/mk/cl/f/uViObFvSbxU22DPhpmPv3hiQn1JTMhgQ78_Er1KSMP-euJDZnB8Pyane77hMzuclJifLR4ueal6KAK3yNFKujgHEbMgESUg_5_iyz8SOC53hn8zdGsPM-9Qbz6P0Y1pJOdYUE5P_HVhdEdMU88lPL4q0O8-LQMXpeRYWic4XER4CM3gm6QR9wf6AbjbUdO50GsmxShlbBBI2h8sx_Ih2ieonhtORiqWU_bILGwQKeWAtC1Wa2k6skdtHhL3YD_gv-wdoLP7q26k8a0ylGZA7e7QNYFSE_2fgeRK6i_-jvNk_ikjCvHfbCZTRXCHjAWn4EdWVLN6eawRgdFMkw2hsj5A46KZ4kNDEtx5wFCGLM7jbPi8ldxQtZoKsfqP1qBv0bcMnj0jhYwkNiJ_M-ilCd9aOdxXUY51bpnYqCEeHUvTvYZefyLyaU3PEtuMF12RkIjSXsPMH6WHelk_JxWkBneQQg_MaFaoKJMslBQS0mVAvWPxb9MJBLggypHDy Page URL
2. http://r.mail.icertias.org/mk/cl/f/IUpMy-A7UQzCE4NMddMKr2znBFO3hi7AVpWEEPdUxEHsZfiNlqiQuG5Rz93iuRvZ_rhy2AMqyfDomYLkAzQV1MqXqqCxqRKgGpqAAxG2NjDSrwzYCz8wO-dFP6-eAkyBaqYzJkNPJ-fv57DEIsHHDBRIeq4HjXWkUJ8KUzJ0CpamHgrwxxP7e5B_1XnBB7mAPvoWywxaIlPHEMXs1kv1rb6-NL2vjK4zkbk8-QWKsRCbpXHthB5Iog Page URL
3. https://wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set uViObFvSbxU22DPhpmPv3hiQn1JTMhgQ78_Er1KSMP-euJDZnB8Pyane77hMzuclJifLR4ueal6KAK3yNFKujgHEbMgESUg_5_iyz8SOC53hn8zdGsPM-9Qbz6P0Y1pJOdYUE5P_HVhdEdMU88lPL4q0O8-LQMXpeRYWic4XER4CM3gm6QR9wf6AbjbUdO50GsmxS... r.mail.icertias.org/mk/cl/f/	1 KB 1 KB	189ms 144ms	Document text/html	104.16.230.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://r.mail.icertias.org/mk/cl/f/uViObFvSbxU22DPhpmPv3hiQn1JTMhgQ78_Er1KSMP-euJDZnB8Pyane77hMzuclJifLR4ueal6KAK3yNFKujgHEbMgESUg_5_iyz8SOC53hn8zdGsPM-9Qbz6P0Y1pJOdYUE5P_HVhdEdMU88lPL4q0O8-LQMXpeRYWic4XER4CM3gm6QR9wf6AbjbUdO50GsmxShlbBBI2h8sx_Ih2ieonhtORiqWU_bILGwQKeWAtC1Wa2k6skdtHhL3YD_gv-wdoLP7q26k8a0ylGZA7e7QNYFSE_2fgeRK6i_-jvNk_ikjCvHfbCZTRXCHjAWn4EdWVLN6eawRgdFMkw2hsj5A46KZ4kNDEtx5wFCGLM7jbPi8ldxQtZoKsfqP1qBv0bcMnj0jhYwkNiJ_M-ilCd9aOdxXUY51bpnYqCEeHUvTvYZefyLyaU3PEtuMF12RkIjSXsPMH6WHelk_JxWkBneQQg_MaFaoKJMslBQS0mVAvWPxb9MJBLggypHDy Protocol HTTP/1.1 Server 104.16.230.163 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Host r.mail.icertias.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 29 Apr 2020 10:27:38 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=dd870db4278f0fd8867c92e0f990471a91588156057; expires=Fri, 29-May-20 10:27:37 GMT; path=/; domain=.r.mail.icertias.org; HttpOnly; SameSite=Lax X-Sib-Server SENDINBLUE-red2-2 X-Content-Type-Options nosniff X-XSS-Protection 1 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 58b854e1f9bccb00-ARN Content-Encoding gzip cf-request-id 026713613a0000cb005cab6200000001
GET H2	200	cm.html sibautomation.com/ Frame 34AE	0 0	30ms 12ms	Document text/html	2606:4700:3037::6818:7b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/cm.html?id=2230819 Requested by Host: r.mail.icertias.org URL: http://r.mail.icertias.org/mk/cl/f/uViObFvSbxU22DPhpmPv3hiQn1JTMhgQ78_Er1KSMP-euJDZnB8Pyane77hMzuclJifLR4ueal6KAK3yNFKujgHEbMgESUg_5_iyz8SOC53hn8zdGsPM-9Qbz6P0Y1pJOdYUE5P_HVhdEdMU88lPL4q0O8-LQMXpeRYWic4XER4CM3gm6QR9wf6AbjbUdO50GsmxShlbBBI2h8sx_Ih2ieonhtORiqWU_bILGwQKeWAtC1Wa2k6skdtHhL3YD_gv-wdoLP7q26k8a0ylGZA7e7QNYFSE_2fgeRK6i_-jvNk_ikjCvHfbCZTRXCHjAWn4EdWVLN6eawRgdFMkw2hsj5A46KZ4kNDEtx5wFCGLM7jbPi8ldxQtZoKsfqP1qBv0bcMnj0jhYwkNiJ_M-ilCd9aOdxXUY51bpnYqCEeHUvTvYZefyLyaU3PEtuMF12RkIjSXsPMH6WHelk_JxWkBneQQg_MaFaoKJMslBQS0mVAvWPxb9MJBLggypHDy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6818:7b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Sails <sailsjs.com> Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers :method GET :authority sibautomation.com :scheme https :path /cm.html?id=2230819 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://r.mail.icertias.org/mk/cl/f/uViObFvSbxU22DPhpmPv3hiQn1JTMhgQ78_Er1KSMP-euJDZnB8Pyane77hMzuclJifLR4ueal6KAK3yNFKujgHEbMgESUg_5_iyz8SOC53hn8zdGsPM-9Qbz6P0Y1pJOdYUE5P_HVhdEdMU88lPL4q0O8-LQMXpeRYWic4XER4CM3gm6QR9wf6AbjbUdO50GsmxShlbBBI2h8sx_Ih2ieonhtORiqWU_bILGwQKeWAtC1Wa2k6skdtHhL3YD_gv-wdoLP7q26k8a0ylGZA7e7QNYFSE_2fgeRK6i_-jvNk_ikjCvHfbCZTRXCHjAWn4EdWVLN6eawRgdFMkw2hsj5A46KZ4kNDEtx5wFCGLM7jbPi8ldxQtZoKsfqP1qBv0bcMnj0jhYwkNiJ_M-ilCd9aOdxXUY51bpnYqCEeHUvTvYZefyLyaU3PEtuMF12RkIjSXsPMH6WHelk_JxWkBneQQg_MaFaoKJMslBQS0mVAvWPxb9MJBLggypHDy accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://r.mail.icertias.org/mk/cl/f/uViObFvSbxU22DPhpmPv3hiQn1JTMhgQ78_Er1KSMP-euJDZnB8Pyane77hMzuclJifLR4ueal6KAK3yNFKujgHEbMgESUg_5_iyz8SOC53hn8zdGsPM-9Qbz6P0Y1pJOdYUE5P_HVhdEdMU88lPL4q0O8-LQMXpeRYWic4XER4CM3gm6QR9wf6AbjbUdO50GsmxShlbBBI2h8sx_Ih2ieonhtORiqWU_bILGwQKeWAtC1Wa2k6skdtHhL3YD_gv-wdoLP7q26k8a0ylGZA7e7QNYFSE_2fgeRK6i_-jvNk_ikjCvHfbCZTRXCHjAWn4EdWVLN6eawRgdFMkw2hsj5A46KZ4kNDEtx5wFCGLM7jbPi8ldxQtZoKsfqP1qBv0bcMnj0jhYwkNiJ_M-ilCd9aOdxXUY51bpnYqCEeHUvTvYZefyLyaU3PEtuMF12RkIjSXsPMH6WHelk_JxWkBneQQg_MaFaoKJMslBQS0mVAvWPxb9MJBLggypHDy Response headers status 200 date Wed, 29 Apr 2020 10:27:38 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=dae09b667fdaaa96a95d195560f1d63691588156058; expires=Fri, 29-May-20 10:27:38 GMT; path=/; domain=.sibautomation.com; HttpOnly; SameSite=Lax x-powered-by Sails <sailsjs.com> vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-request-id 02671361d10000175ed62e7200000001 access-control-allow-origin * x-sib-server SENDINBLUE-web1-2 x-content-type-options nosniff x-xss-protection 1 cache-control max-age=7200 cf-cache-status HIT age 11336 server cloudflare cf-ray 58b854e2eaea175e-FRA content-encoding br
GET H/1.1	200 OK	IUpMy-A7UQzCE4NMddMKr2znBFO3hi7AVpWEEPdUxEHsZfiNlqiQuG5Rz93iuRvZ_rhy2AMqyfDomYLkAzQV1MqXqqCxqRKgGpqAAxG2NjDSrwzYCz8wO-dFP6-eAkyBaqYzJkNPJ-fv57DEIsHHDBRIeq4HjXWkUJ8KUzJ0CpamHgrwxxP7e5B_1XnBB7mAPvoWy... r.mail.icertias.org/mk/cl/f/	676 B 822 B	113ms 112ms	Document text/html	104.16.230.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://r.mail.icertias.org/mk/cl/f/IUpMy-A7UQzCE4NMddMKr2znBFO3hi7AVpWEEPdUxEHsZfiNlqiQuG5Rz93iuRvZ_rhy2AMqyfDomYLkAzQV1MqXqqCxqRKgGpqAAxG2NjDSrwzYCz8wO-dFP6-eAkyBaqYzJkNPJ-fv57DEIsHHDBRIeq4HjXWkUJ8KUzJ0CpamHgrwxxP7e5B_1XnBB7mAPvoWywxaIlPHEMXs1kv1rb6-NL2vjK4zkbk8-QWKsRCbpXHthB5Iog Requested by Host: r.mail.icertias.org URL: http://r.mail.icertias.org/mk/cl/f/uViObFvSbxU22DPhpmPv3hiQn1JTMhgQ78_Er1KSMP-euJDZnB8Pyane77hMzuclJifLR4ueal6KAK3yNFKujgHEbMgESUg_5_iyz8SOC53hn8zdGsPM-9Qbz6P0Y1pJOdYUE5P_HVhdEdMU88lPL4q0O8-LQMXpeRYWic4XER4CM3gm6QR9wf6AbjbUdO50GsmxShlbBBI2h8sx_Ih2ieonhtORiqWU_bILGwQKeWAtC1Wa2k6skdtHhL3YD_gv-wdoLP7q26k8a0ylGZA7e7QNYFSE_2fgeRK6i_-jvNk_ikjCvHfbCZTRXCHjAWn4EdWVLN6eawRgdFMkw2hsj5A46KZ4kNDEtx5wFCGLM7jbPi8ldxQtZoKsfqP1qBv0bcMnj0jhYwkNiJ_M-ilCd9aOdxXUY51bpnYqCEeHUvTvYZefyLyaU3PEtuMF12RkIjSXsPMH6WHelk_JxWkBneQQg_MaFaoKJMslBQS0mVAvWPxb9MJBLggypHDy Protocol HTTP/1.1 Server 104.16.230.163 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Host r.mail.icertias.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://r.mail.icertias.org/mk/cl/f/uViObFvSbxU22DPhpmPv3hiQn1JTMhgQ78_Er1KSMP-euJDZnB8Pyane77hMzuclJifLR4ueal6KAK3yNFKujgHEbMgESUg_5_iyz8SOC53hn8zdGsPM-9Qbz6P0Y1pJOdYUE5P_HVhdEdMU88lPL4q0O8-LQMXpeRYWic4XER4CM3gm6QR9wf6AbjbUdO50GsmxShlbBBI2h8sx_Ih2ieonhtORiqWU_bILGwQKeWAtC1Wa2k6skdtHhL3YD_gv-wdoLP7q26k8a0ylGZA7e7QNYFSE_2fgeRK6i_-jvNk_ikjCvHfbCZTRXCHjAWn4EdWVLN6eawRgdFMkw2hsj5A46KZ4kNDEtx5wFCGLM7jbPi8ldxQtZoKsfqP1qBv0bcMnj0jhYwkNiJ_M-ilCd9aOdxXUY51bpnYqCEeHUvTvYZefyLyaU3PEtuMF12RkIjSXsPMH6WHelk_JxWkBneQQg_MaFaoKJMslBQS0mVAvWPxb9MJBLggypHDy Accept-Encoding gzip, deflate Accept-Language en-US Cookie __cfduid=dd870db4278f0fd8867c92e0f990471a91588156057 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://r.mail.icertias.org/mk/cl/f/uViObFvSbxU22DPhpmPv3hiQn1JTMhgQ78_Er1KSMP-euJDZnB8Pyane77hMzuclJifLR4ueal6KAK3yNFKujgHEbMgESUg_5_iyz8SOC53hn8zdGsPM-9Qbz6P0Y1pJOdYUE5P_HVhdEdMU88lPL4q0O8-LQMXpeRYWic4XER4CM3gm6QR9wf6AbjbUdO50GsmxShlbBBI2h8sx_Ih2ieonhtORiqWU_bILGwQKeWAtC1Wa2k6skdtHhL3YD_gv-wdoLP7q26k8a0ylGZA7e7QNYFSE_2fgeRK6i_-jvNk_ikjCvHfbCZTRXCHjAWn4EdWVLN6eawRgdFMkw2hsj5A46KZ4kNDEtx5wFCGLM7jbPi8ldxQtZoKsfqP1qBv0bcMnj0jhYwkNiJ_M-ilCd9aOdxXUY51bpnYqCEeHUvTvYZefyLyaU3PEtuMF12RkIjSXsPMH6WHelk_JxWkBneQQg_MaFaoKJMslBQS0mVAvWPxb9MJBLggypHDy Response headers Date Wed, 29 Apr 2020 10:27:38 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Sib-Server SENDINBLUE-red2-3 X-Content-Type-Options nosniff X-XSS-Protection 1 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 58b854e32d4ccb00-ARN Content-Encoding gzip cf-request-id 02671361fa0000cb005cac1200000001
GET H2	200	cm.html sibautomation.com/ Frame D286	0 0	14ms 13ms	Document text/html	2606:4700:3037::6818:7b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sibautomation.com/cm.html?id=2230819 Requested by Host: r.mail.icertias.org URL: http://r.mail.icertias.org/mk/cl/f/IUpMy-A7UQzCE4NMddMKr2znBFO3hi7AVpWEEPdUxEHsZfiNlqiQuG5Rz93iuRvZ_rhy2AMqyfDomYLkAzQV1MqXqqCxqRKgGpqAAxG2NjDSrwzYCz8wO-dFP6-eAkyBaqYzJkNPJ-fv57DEIsHHDBRIeq4HjXWkUJ8KUzJ0CpamHgrwxxP7e5B_1XnBB7mAPvoWywxaIlPHEMXs1kv1rb6-NL2vjK4zkbk8-QWKsRCbpXHthB5Iog Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6818:7b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Sails <sailsjs.com> Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers :method GET :authority sibautomation.com :scheme https :path /cm.html?id=2230819 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://r.mail.icertias.org/mk/cl/f/IUpMy-A7UQzCE4NMddMKr2znBFO3hi7AVpWEEPdUxEHsZfiNlqiQuG5Rz93iuRvZ_rhy2AMqyfDomYLkAzQV1MqXqqCxqRKgGpqAAxG2NjDSrwzYCz8wO-dFP6-eAkyBaqYzJkNPJ-fv57DEIsHHDBRIeq4HjXWkUJ8KUzJ0CpamHgrwxxP7e5B_1XnBB7mAPvoWywxaIlPHEMXs1kv1rb6-NL2vjK4zkbk8-QWKsRCbpXHthB5Iog accept-encoding gzip, deflate, br accept-language en-US cookie uuid=3cbc9bbf-b3e5-46a9-bcd1-25a250ca5520 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://r.mail.icertias.org/mk/cl/f/IUpMy-A7UQzCE4NMddMKr2znBFO3hi7AVpWEEPdUxEHsZfiNlqiQuG5Rz93iuRvZ_rhy2AMqyfDomYLkAzQV1MqXqqCxqRKgGpqAAxG2NjDSrwzYCz8wO-dFP6-eAkyBaqYzJkNPJ-fv57DEIsHHDBRIeq4HjXWkUJ8KUzJ0CpamHgrwxxP7e5B_1XnBB7mAPvoWywxaIlPHEMXs1kv1rb6-NL2vjK4zkbk8-QWKsRCbpXHthB5Iog Response headers status 200 date Wed, 29 Apr 2020 10:27:38 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=d666e5f15385474547924a75c64322a5d1588156058; expires=Fri, 29-May-20 10:27:38 GMT; path=/; domain=.sibautomation.com; HttpOnly; SameSite=Lax x-powered-by Sails <sailsjs.com> vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-request-id 02671362600000175ed62f4200000001 access-control-allow-origin * x-sib-server SENDINBLUE-web1-2 x-content-type-options nosniff x-xss-protection 1 cache-control max-age=7200 cf-cache-status HIT age 11336 server cloudflare cf-ray 58b854e3cd09175e-FRA content-encoding br
GET H2	200	Primary Request 4136cf Show response wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/	97 KB 30 KB	314ms 167ms	Document text/html	54.171.26.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf Requested by Host: r.mail.icertias.org URL: http://r.mail.icertias.org/mk/cl/f/IUpMy-A7UQzCE4NMddMKr2znBFO3hi7AVpWEEPdUxEHsZfiNlqiQuG5Rz93iuRvZ_rhy2AMqyfDomYLkAzQV1MqXqqCxqRKgGpqAAxG2NjDSrwzYCz8wO-dFP6-eAkyBaqYzJkNPJ-fv57DEIsHHDBRIeq4HjXWkUJ8KUzJ0CpamHgrwxxP7e5B_1XnBB7mAPvoWywxaIlPHEMXs1kv1rb6-NL2vjK4zkbk8-QWKsRCbpXHthB5Iog Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.26.25 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-171-26-25.eu-west-1.compute.amazonaws.com Software / Resource Hash eae0e125fc991635ba4ac1712e1e91aa1f71bf05c3ae794a4960b8e2c7c02ea0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority wetransfer.com :scheme https :path /downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer http://r.mail.icertias.org/mk/cl/f/IUpMy-A7UQzCE4NMddMKr2znBFO3hi7AVpWEEPdUxEHsZfiNlqiQuG5Rz93iuRvZ_rhy2AMqyfDomYLkAzQV1MqXqqCxqRKgGpqAAxG2NjDSrwzYCz8wO-dFP6-eAkyBaqYzJkNPJ-fv57DEIsHHDBRIeq4HjXWkUJ8KUzJ0CpamHgrwxxP7e5B_1XnBB7mAPvoWywxaIlPHEMXs1kv1rb6-NL2vjK4zkbk8-QWKsRCbpXHthB5Iog accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://r.mail.icertias.org/mk/cl/f/IUpMy-A7UQzCE4NMddMKr2znBFO3hi7AVpWEEPdUxEHsZfiNlqiQuG5Rz93iuRvZ_rhy2AMqyfDomYLkAzQV1MqXqqCxqRKgGpqAAxG2NjDSrwzYCz8wO-dFP6-eAkyBaqYzJkNPJ-fv57DEIsHHDBRIeq4HjXWkUJ8KUzJ0CpamHgrwxxP7e5B_1XnBB7mAPvoWywxaIlPHEMXs1kv1rb6-NL2vjK4zkbk8-QWKsRCbpXHthB5Iog Response headers status 200 date Wed, 29 Apr 2020 10:27:38 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff x-download-options noopen x-permitted-cross-domain-policies none referrer-policy strict-origin-when-cross-origin cache-control no-cache, no-store pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT set-cookie _wt_snowplowid.38f1=e747b755-7d9f-4a5c-9abf-4ae99738ac75.1588156058.0.1588156058.; domain=.wetransfer.com; path=/; expires=Fri, 29 Apr 2022 10:27:38 GMT; secure _wt_session=SmhjdVRzYndla1VHKzlJNVdlckhzd1dmM0V4QVlSVkRWRlV1dTlWV2traitRVnpoN3F3b3VWZ05xWGtMemFZL1dMbmM0T2V1VUNsekpicFpBZWpITTNld3dCMXNZYjJCYkxZV1JOenFEemN5Y3RTLzlUakVYVXV3LytORU1lMTVyOXNtcCtYSVBDRWEwR1R0b1NleFNBPT0tLU5XUEx3c0FlZjdOUUlZc0pYb09aUHc9PQ%3D%3D--2dbded622ade9441e207f48e78923b2a045a3610; domain=wetransfer.com; path=/; secure; HttpOnly; SameSite=Lax vary Accept-Encoding, Origin content-encoding gzip etag W/"2a29875d56049a0ee9b9c45279e95cb9" x-request-id 5340e3ae-7f1b-43cb-8759-a34faab4a2e8 x-opaque 01cdda18b499f42e4900c7590744349a908229e1-08e5cafff60b2395b-23014 x-runtime 0.056417 strict-transport-security max-age=15552000; includeSubDomains;
GET H2	200	application-f5c1deca73a7b20da303f11f57584186518147b5bd71bc84e09392de2d7f825d.css prod-cdn.wetransfer.net/assets/	415 KB 52 KB	202ms 84ms	Stylesheet text/css	143.204.202.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-cdn.wetransfer.net/assets/application-f5c1deca73a7b20da303f11f57584186518147b5bd71bc84e09392de2d7f825d.css Requested by Host: wetransfer.com URL: https://wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.21 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-21.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 3df374a4d3dd311f052d1b80ffb8ca913a0d15016ad0e535b2972953e4e90dbc Request headers Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 28 Apr 2020 11:42:03 GMT content-encoding gzip last-modified Tue, 28 Apr 2020 10:14:43 GMT server AmazonS3 age 81936 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css status 200 cache-control public, max-age=31536000 x-amz-cf-pop FRA53-C1 x-amz-cf-id tt8VuQhTPyxgukFf_CAZcvdKefPfk5kR6RnC-jNO5Ocp1nHMmEvxCg== via 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
GET H2	200	en-ba5dcffb53f2785666e89365cbc4287742fc4d4304dffbe5151bc495d27d59a9.js Show response prod-cdn.wetransfer.net/assets/locale/	127 KB 33 KB	240ms 123ms	Script application/javascript	143.204.202.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-cdn.wetransfer.net/assets/locale/en-ba5dcffb53f2785666e89365cbc4287742fc4d4304dffbe5151bc495d27d59a9.js Requested by Host: wetransfer.com URL: https://wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.21 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-21.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash ba5dcffb53f2785666e89365cbc4287742fc4d4304dffbe5151bc495d27d59a9 Request headers Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 24 Apr 2020 08:44:34 GMT content-encoding gzip last-modified Thu, 23 Apr 2020 15:19:54 GMT server AmazonS3 age 438185 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control public, max-age=31536000 x-amz-cf-pop FRA53-C1 x-amz-cf-id iQ7IfzyGm9zNu7i_sGHa9XlGdlc3GqRnNrULoJdwpNplZVLhJTTKXg== via 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
GET H2	200	advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2dbe527c72494405.js Show response prod-cdn.wetransfer.net/assets/	346 B 713 B	248ms 132ms	Script application/javascript	143.204.202.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-cdn.wetransfer.net/assets/advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2dbe527c72494405.js Requested by Host: wetransfer.com URL: https://wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.21 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-21.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2dbe527c72494405 Request headers Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Mar 2020 23:40:11 GMT via 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront) last-modified Wed, 04 Mar 2020 16:21:11 GMT server AmazonS3 age 4790848 etag "52361b70fd4dbde1ef9ef831ea9d75fd" x-cache Hit from cloudfront content-type application/javascript status 200 cache-control public, max-age=31536000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-length 346 x-amz-cf-id YaT6KxpkbLdBMv6tEs3pEHMWQDM3T43og7SAHfM0VvAUEiXmVL17sQ==
GET H2	200	sp.js Show response d19ptbnuzhibkh.cloudfront.net/2.10.2/	96 KB 30 KB	44ms 7ms	Script application/javascript	2600:9000:2057:d200:6:bbf2:440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js Requested by Host: wetransfer.com URL: https://wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:d200:6:bbf2:440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c Request headers Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Mar 2020 23:39:40 GMT content-encoding gzip last-modified Tue, 30 Apr 2019 15:14:08 GMT server AmazonS3 age 4790879 etag "c7b65b3f4e8761897af9a3ca5d76682e" x-cache Hit from cloudfront content-type application/javascript status 200 cache-control max-age=315360000 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 29895 via 1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront) x-amz-cf-id wmRa-fIG7IM_KG9yKTHLvF_V-rvSEe-FIA8pb4MUtGHjaHZl1enPWA==
GET H2	200	gtm.js Show response www.googletagmanager.com/	100 KB 28 KB	15ms 15ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N9N5GP Requested by Host: wetransfer.com URL: https://wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e4c70051f56c7f6f07676cf89a80d1b8e1b9f34c5c96ff797effbb5281f36271 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 29 Apr 2020 10:27:38 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28380 x-xss-protection 0 last-modified Wed, 29 Apr 2020 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 29 Apr 2020 10:27:38 GMT
GET H2	200	runtime.es6-3f6589755cd0cc4ad5dd.js Show response prod-cdn.wetransfer.net/assets/	6 KB 6 KB	56ms 55ms	Script application/javascript	143.204.202.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-cdn.wetransfer.net/assets/runtime.es6-3f6589755cd0cc4ad5dd.js Requested by Host: wetransfer.com URL: https://wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.21 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-21.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash b56153fd84faada8ebe02b9827827b7541c730800b76a0583f12b3a828ebe04c Request headers Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 28 Apr 2020 11:42:04 GMT via 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront) last-modified Tue, 28 Apr 2020 10:14:47 GMT server AmazonS3 age 81935 etag "0e640932a694537cde8f485982fd59a6" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control public, max-age=31536000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-length 5935 x-amz-cf-id u65W1okFwCZBjWtbuOHCY7vpDOcZqFc3hu2tK3q5ivfkHeNBkoELxw==
GET H2	200	vendor.es6-2b1d0ac2fed32167170e.js Show response prod-cdn.wetransfer.net/assets/	429 KB 430 KB	58ms 58ms	Script application/javascript	143.204.202.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-cdn.wetransfer.net/assets/vendor.es6-2b1d0ac2fed32167170e.js Requested by Host: wetransfer.com URL: https://wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.21 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-21.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash af6990e3aee659fc61f121af7151c859e0275d0706cf3770723902cb1e0b02f1 Request headers Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 28 Apr 2020 11:42:04 GMT via 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront) last-modified Tue, 28 Apr 2020 10:14:48 GMT server AmazonS3 age 81935 etag "58dc17e65039d48575b60e736d5f1b8c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control public, max-age=31536000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-length 439310 x-amz-cf-id 6NTsBA0h7wLa6dL5t9f-nfkf4NIFp7ZNfkLbxCc52L4Wv5g_TJwhhg==
GET H2	200	application.es6-b1034b915ae20e997257.js Show response prod-cdn.wetransfer.net/assets/	597 KB 598 KB	56ms 56ms	Script application/javascript	143.204.202.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-cdn.wetransfer.net/assets/application.es6-b1034b915ae20e997257.js Requested by Host: wetransfer.com URL: https://wetransfer.com/downloads/bf7b1c0ee96795a1df95a75859f3409020200428103629/4136cf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.21 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-21.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 6ae55f48528c4c5b7c9fefd51f0116f682c0d102f64d6153f849553dbcdf0577 Request headers Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 28 Apr 2020 11:42:04 GMT via 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront) last-modified Tue, 28 Apr 2020 10:14:44 GMT server AmazonS3 age 81936 etag "ad37f01f399509028abea2518c844a78" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control public, max-age=31536000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-length 611434 x-amz-cf-id C7TubsIQqTHHV8xvRXf7fbhmJsrFyZ4cmRY4VBH1mU4CGOBkqLvOXg==
GET H2	200	5b82f23280914154b163996e Show response app.launchdarkly.com/sdk/goals/	2 B 210 B	63ms 58ms	XHR application/json	151.101.114.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e Requested by Host: prod-cdn.wetransfer.net URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-2b1d0ac2fed32167170e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers X-LaunchDarkly-User-Agent JSClient/2.9.7 Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 29 Apr 2020 10:27:39 GMT content-encoding gzip content-md5 d751713988987e9331980363e24189ce age 0 x-cache HIT status 200 access-control-max-age 300 content-length 26 x-served-by cache-hhn4072-HHN access-control-allow-origin * x-timer S1588156059.386728,VS0,VE0 etag "d751713988987e9331980363e24189ce" vary Accept-Encoding, Accept-Encoding access-control-allow-methods OPTIONS, HEAD, GET content-type application/json via 1.1 varnish cache-control max-age=0 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version x-cache-hits 1325
POST H2	200	tp2 Show response snowplow.wetransfer.com/com.snowplowanalytics.snowplow/	2 B 336 B	222ms 74ms	XHR text/plain	52.213.115.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2 Requested by Host: d19ptbnuzhibkh.cloudfront.net URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.115.90 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-115-90.eu-west-1.compute.amazonaws.com Software akka-http/10.1.10 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Wed, 29 Apr 2020 10:27:39 GMT server akka-http/10.1.10 status 200 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" access-control-allow-origin https://wetransfer.com access-control-allow-credentials true content-type text/plain; charset=UTF-8 content-length 2
POST H2	200	tp2 Show response snowplow.wetransfer.com/com.snowplowanalytics.snowplow/	2 B 336 B	74ms 74ms	XHR text/plain	52.213.115.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2 Requested by Host: d19ptbnuzhibkh.cloudfront.net URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.115.90 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-115-90.eu-west-1.compute.amazonaws.com Software akka-http/10.1.10 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://wetransfer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Wed, 29 Apr 2020 10:27:40 GMT server akka-http/10.1.10 status 200 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" access-control-allow-origin https://wetransfer.com access-control-allow-credentials true content-type text/plain; charset=UTF-8 content-length 2
POST H/1.1	202 Accepted	5b82f23280914154b163996e Show response events.launchdarkly.com/events/bulk/	0 464 B	137ms 136ms	XHR application/json	52.203.83.235 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e Requested by Host: prod-cdn.wetransfer.net URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-2b1d0ac2fed32167170e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.83.235 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-203-83-235.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://wetransfer.com/ X-LaunchDarkly-Event-Schema 3 X-LaunchDarkly-User-Agent JSClient/2.9.7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers Date Wed, 29 Apr 2020 10:27:41 GMT Access-Control-Max-Age 300 Access-Control-Allow-Methods POST,OPTIONS Content-Type application/json Access-Control-Allow-Origin * Access-Control-Expose-Headers Date Connection keep-alive Access-Control-Allow-Headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper Content-Length 0

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _preloaded_transfer_ object| _i18n_ object| __app_settings__ undefined| __session__ object| __manifest__ object| Wallpapers object| GlobalSnowplowNamespace function| __snowplow__ object| dataLayer undefined| __trackjs__ object| __recaptcha__ object| recaptchaOptions object| __launch_darkly__ object| __curated_wallpapers__ boolean| __ads_enabled__ string| __webpack_public_path__ function| assetFailed function| writeScripts function| requiresPolyfill function| supportsModules object| __stripe__ object| google_tag_manager function| _typeof object| Snowplow object| webpackJsonp function| setImmediate function| clearImmediate function| Velocity function| onRecaptchaLoaded function| onRecaptchaCallback

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
d19ptbnuzhibkh.cloudfront.net
events.launchdarkly.com
prod-cdn.wetransfer.net
r.mail.icertias.org
sibautomation.com
snowplow.wetransfer.com
wetransfer.com
www.googletagmanager.com
104.16.230.163
143.204.202.21
151.101.114.2
2600:9000:2057:d200:6:bbf2:440:21
2606:4700:3037::6818:7b77
2a00:1450:4001:800::2008
52.203.83.235
52.213.115.90
54.171.26.25
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3df374a4d3dd311f052d1b80ffb8ca913a0d15016ad0e535b2972953e4e90dbc
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
6ae55f48528c4c5b7c9fefd51f0116f682c0d102f64d6153f849553dbcdf0577
af6990e3aee659fc61f121af7151c859e0275d0706cf3770723902cb1e0b02f1
af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2dbe527c72494405
b56153fd84faada8ebe02b9827827b7541c730800b76a0583f12b3a828ebe04c
ba5dcffb53f2785666e89365cbc4287742fc4d4304dffbe5151bc495d27d59a9
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c70051f56c7f6f07676cf89a80d1b8e1b9f34c5c96ff797effbb5281f36271
eae0e125fc991635ba4ac1712e1e91aa1f71bf05c3ae794a4960b8e2c7c02ea0