wetransfer.com Open in urlscan Pro
52.212.148.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbE...
Effective URL:
https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d872020092...
Submission Tags: falconsandbox
Submission: On January 25 via api (January 25th 2022, 2:13:24 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 48 HTTP transactions. The main IP is 52.212.148.183, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is wetransfer.com. The Cisco Umbrella rank of the primary domain is 14877.
TLS certificate: Issued by Amazon on August 6th 2021. Valid for: a year.

This is the only time wetransfer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	185.64.213.245 185.64.213.245	50152 (IMED) (IMED)
7	52.212.148.183 52.212.148.183	16509 (AMAZON-02) (AMAZON-02)
16	52.222.139.73 52.222.139.73	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:3000:6:bbf2:440:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
1	52.222.139.90 52.222.139.90	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.139.11 52.222.139.11	16509 (AMAZON-02) (AMAZON-02)
4	52.212.68.163 52.212.68.163	16509 (AMAZON-02) (AMAZON-02)
2	54.83.229.231 54.83.229.231	() ()
48	11

10 185.64.213.245 (United Kingdom)

ASN50152 (IMED, GB)
PTR: intermedia.co.uk

url.emailprotection.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.212.148.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-148-183.eu-west-1.compute.amazonaws.com

wetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.222.139.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-73.ams50.r.cloudfront.net

prod-cdn.wetransfer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:3000:6:bbf2:440:21 (United States)

ASN16509 (AMAZON-02, US)

d19ptbnuzhibkh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-90.ams50.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-11.ams50.r.cloudfront.net

auth.wetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.68.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-68-163.eu-west-1.compute.amazonaws.com

snowplow.wetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.229.231 (None, )

ASN- ()

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	wetransfer.net prod-cdn.wetransfer.net — Cisco Umbrella Rank: 27519	2 MB
12	wetransfer.com wetransfer.com — Cisco Umbrella Rank: 14877 auth.wetransfer.com — Cisco Umbrella Rank: 34472 snowplow.wetransfer.com — Cisco Umbrella Rank: 20883	19 KB
10	emailprotection.link url.emailprotection.link — Cisco Umbrella Rank: 60389	400 KB
4	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1854 events.launchdarkly.com	509 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	131 KB
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 6299	17 KB
1	cloudfront.net d19ptbnuzhibkh.cloudfront.net	30 KB
48	8

	Domain	Requested by
16	prod-cdn.wetransfer.net	wetransfer.com prod-cdn.wetransfer.net
10	url.emailprotection.link	url.emailprotection.link
7	wetransfer.com	url.emailprotection.link prod-cdn.wetransfer.net
4	snowplow.wetransfer.com	d19ptbnuzhibkh.cloudfront.net
2	events.launchdarkly.com	prod-cdn.wetransfer.net
2	www.google-analytics.com	www.googletagmanager.com
2	app.launchdarkly.com	prod-cdn.wetransfer.net
2	www.googletagmanager.com	wetransfer.com www.googletagmanager.com
1	auth.wetransfer.com	prod-cdn.wetransfer.net
1	public.profitwell.com	url.emailprotection.link
1	d19ptbnuzhibkh.cloudfront.net	wetransfer.com
48	11

This site contains links to these domains. Also see Links.

Domain
wetransfer.zendesk.com
about.wetransfer.com

Subject Issuer	Validity	Valid
*.emailprotection.link GeoTrust RSA CA 2018	`2020-07-16` - `2022-08-15`	2 years	crt.sh
wetransfer.com Amazon	`2021-08-06` - `2022-09-04`	a year	crt.sh
wetransfer.net Amazon	`2021-07-13` - `2022-08-11`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.profitwell.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
snowplow.wetransfer.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
events.launchdarkly.com Amazon	`2021-09-19` - `2022-10-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Frame ID: 92F03480F2FF4B2C24643377BDE8EF78
Requests: 43 HTTP requests in this frame

Frame: https://auth.wetransfer.com/authorize?audience=aud%3A%2F%2Ftransfer-api-prod.wetransfer%2F&client_id=dXWFQjiW1jxWCFG0hOVpqrk4h9vGeanc&redirect_uri=https%3A%2F%2Fwetransfer.com%2Faccount%2Fcallback&scope=openid%20profile%20email&response_type=code&response_mode=web_message&state=cDhNbkh2OW5Kall3by1aUi1nQVNmMXBJSjhPamxQMl9xTkNEUXp1c291bg%3D%3D&nonce=M0tyVWFhdU5Fanl2WjRXWURwcDI1eFR%2BQUhPOXpKYi5XRGlrMTZkTmR4Ug%3D%3D&code_challenge=33vsJaSUZAVz4pZabGLPBqyub7PDvOVFR_U8uzwUTLk&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTkuMyJ9
Frame ID: FB78A81B60E5D5454B88398923081926
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WeTransfer - Send Large Files & Share Photos Online - Up to 2GB Free

Page URL History Show full URLs

https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bC... Page URL
https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

100 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

2440 kB
Transfer

5644 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wetransfer.zendesk.com/
Title: Hilfecenter

Search URL Search Domain Scan URL

URL: https://about.wetransfer.com/
Title: Unternehmen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.emailprotection.link/?b0brhw27yJaYzff4SA9_RLObEEx-_R-NbZooWizgaj2SrnoOErR3QZ0FPoCofnGaRa4sHnCP-bCLFpgQ91RBdaQAu1mUFbEUtfR6ua3JxRUeZ0tKmtsfB7XRinKBFkNcKX2v3iEJYQMvZRd6KuG8uL5sepxGbcjZCUIwN9SubjwLikyBHHcTI-6iSr7QEJiOe-G3pKQqIbgoW0ly36rbeei9eXg0OHaO4gcaCL5gJnlWKTm9N64vB3wfa7soVXb33KZQQaRuNIca7VbVpcTucDns3NUoS80d7vNWABh_QMkU~ Page URL
https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
url.emailprotection.link/ 6 KB
4 KB 246ms
45ms Document
text/html 185.64.213.245
IMED

General

Domain/Path	Expires	Name / Value
.wetransfer.com/	1970-01-20 02:34:56	Name: _gcl_au Value: 1.1.803611538.1643120001
.wetransfer.com/	1970-01-20 17:56:32	Name: _ga Value: GA1.2.726530706.1643120001
.wetransfer.com/	1970-01-20 00:26:46	Name: _gid Value: GA1.2.1385709444.1643120001
auth.wetransfer.com/	1970-01-20 09:11:17	Name: did Value: s%3Av0%3Af33a1f40-7de8-11ec-a62b-590cff33298b.5c5keO0PKsSz6fTh1gkBTAzlDM0TEcG6XRA6P35W4Yw
auth.wetransfer.com/	1970-01-20 09:11:17	Name: did_compat Value: s%3Av0%3Af33a1f40-7de8-11ec-a62b-590cff33298b.5c5keO0PKsSz6fTh1gkBTAzlDM0TEcG6XRA6P35W4Yw
.wetransfer.com/	1970-01-20 00:25:21	Name: _wt_snowplowses.38f1 Value: *
.wetransfer.com/	1970-01-20 17:56:32	Name: _wt_snowplowid.38f1 Value: 571a2329-b5e2-48b1-b2fa-7a7a573f519c.1643119999.0.1643119999
.wetransfer.com/	1970-01-20 09:10:56	Name: sp Value: 1351cb52-a52c-4923-95c8-3bddaa806af6

Source	Level	URL Text
network	error	URL: https://wetransfer.com/downloads/e357db3ba482e3c555a0330e3f5cd5c620200924174934/b277e8546a7b92e72c3c58c374981d8720200924175027/679502?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://wetransfer.com/consent/purposes-DE.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://wetransfer.com/consent/purposes-DE.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://wetransfer.com/api/v4/transfers/e357db3ba482e3c555a0330e3f5cd5c620200924174934/prepare-download Message: Failed to load resource: the server responded with a status of 404 ()

wetransfer.com Open in urlscan Pro 52.212.148.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

27 %IPv6

8 Domains

11 Subdomains

11 IPs

4 Countries

2440 kBTransfer

5644 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wetransfer.com Open in urlscan Pro
52.212.148.183 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

2440 kB
Transfer

5644 kB
Size

8
Cookies

48 HTTP transactions
0 data transactions