viewer.grandtransfer.io Open in urlscan Pro
172.67.73.18 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://viewer.grandtransfer.io/receipt/o7acnml9
Submission Tags: @phish_report
Submission: On September 13 via api (September 13th 2024, 6:32:59 am UTC) from FI — Scanned from FI

Summary HTTP 27 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 27 HTTP transactions. The main IP is 172.67.73.18, located in United States and belongs to CLOUDFLARENET, US. The main domain is viewer.grandtransfer.io.
TLS certificate: Issued by WE1 on August 27th 2024. Valid for: 3 months.

This is the only time viewer.grandtransfer.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 24	172.67.73.18 172.67.73.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	172.67.69.226 172.67.69.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	4

24 172.67.73.18 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

viewer.grandtransfer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.69.226 (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	grandtransfer.io 1 redirects viewer.grandtransfer.io api.grandtransfer.io Failed	3 MB
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 20464	904 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641	31 KB
27	3

	Domain	Requested by
24	viewer.grandtransfer.io	1 redirects viewer.grandtransfer.io
1	ipapi.co	viewer.grandtransfer.io
1	ajax.googleapis.com	viewer.grandtransfer.io
0	api.grandtransfer.io Failed	viewer.grandtransfer.io
27	4

This site contains links to these domains. Also see Links.

Domain
www.grandtransfer.io
app.grandtransfer.io

Subject Issuer	Validity	Valid
grandtransfer.io WE1	`2024-08-27` - `2024-11-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
ipapi.co WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://viewer.grandtransfer.io/receipt/o7acnml9
Frame ID: 2948371C52243352A420FEF2DFC5CCC4
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GrandTransfer.io | ViewerReliable and Secure File Sharing – Send and Share All File Types Safely Online | GrandTransfer

Page URL History Show full URLs

https://viewer.grandtransfer.io/receipt/o7acnml9 Page URL
https://viewer.grandtransfer.io/cdn-cgi/phish-bypass?atok=64X4xh.QA9S4z53MZy1wDJsXDbvaA8a1GZwrAxM5Kf4-172620... HTTP 301
https://viewer.grandtransfer.io/receipt/o7acnml9 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

93 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

3272 kB
Transfer

12286 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.grandtransfer.io/
Title: Share confidential files safely

Search URL Search Domain Scan URL

URL: https://app.grandtransfer.io/?wqx=B5fG7hJ2kL8pZ9qR3sT6uY0vX4wE
Title: Sign up

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://viewer.grandtransfer.io/receipt/o7acnml9 Page URL
https://viewer.grandtransfer.io/cdn-cgi/phish-bypass?atok=64X4xh.QA9S4z53MZy1wDJsXDbvaA8a1GZwrAxM5Kf4-1726209137-0.0.1.1-%2Freceipt%2Fo7acnml9 HTTP 301
https://viewer.grandtransfer.io/receipt/o7acnml9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 o7acnml9 Show response
viewer.grandtransfer.io/receipt/ 4 KB
2 KB 6221ms
2810ms Document
text/html 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/receipt/o7acnml9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3e16edaeb6e2247ff2e0ba37c9297c58cea817a1edb2e5a26ced279187192c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-ray: 8c2619676ed68d54-HEL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 13 Sep 2024 06:32:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rcbkp4%2BVajAno5YqxpjYXzdKZ7WQOwmvpYqvW910lFr4UHNw8YHYepY3k7m0yMKd4yObUtYPe1drr2AF3DYfyF0gdqrpYMxLhzmq6mzrvIUesf4tXpFjqTVF%2By7miwK0JAb4od1QfKr0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cf.errors.css
viewer.grandtransfer.io/cdn-cgi/styles/ 23 KB
5 KB 1137ms
1136ms Stylesheet
text/css 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/cdn-cgi/styles/cf.errors.css

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/receipt/o7acnml9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2024 18:11:09 GMT
server: cloudflare
etag: W/"66e08bbd-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8c26197849ff8d54-HEL
expires: Fri, 13 Sep 2024 08:32:20 GMT

GET
H2 200 icon-exclamation.png
viewer.grandtransfer.io/cdn-cgi/images/ 452 B
586 B 1144ms
1144ms Image
image/png 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewer.grandtransfer.io/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://viewer.grandtransfer.io/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2024 18:11:09 GMT
server: cloudflare
etag: "66e08bbd-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8c26198068758d54-HEL
content-length: 452
expires: Fri, 13 Sep 2024 08:32:21 GMT

GET
H2 200 favicon.ico
viewer.grandtransfer.io/ 4 KB
1 KB 2407ms
2406ms Other
image/vnd.microsoft.icon 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a4a62197f98114d2b6297c6c0cb49f806d8d432395dc8806a4543da00458c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:23 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="favicon.ico"
x-vercel-id: arn1::g6hjl-1726209143113-28bc046d0546
server: cloudflare
etag: W/"1bbfb31462adc9aa6bc380baa3d540b6"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6nAqH%2Bw1VC9XW9g6Xkd6wfVwYeVBU8LO426xpj9y2q6VcR3tcurYFZ3p68nozN5SUUC4C%2BFc2yKgUQrZMToq2m1YVeJNVjUdNOMQIfRhIpoKvb5dmEnS%2FvNZLMZ8Yz5oGuguGHPhj%2Fuc"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8c2619883d8e8d54-HEL

GET
H2

200

Primary Request o7acnml9 Show response
viewer.grandtransfer.io/receipt/
Redirect Chain

https://viewer.grandtransfer.io/cdn-cgi/phish-bypass?atok=64X4xh.QA9S4z53MZy1wDJsXDbvaA8a1GZwrAxM5Kf4-1726209137-0.0.1.1-%2Freceipt%2Fo7acnml9
https://viewer.grandtransfer.io/receipt/o7acnml9

6 KB
1 KB

1746ms
1745ms

Document
text/html

172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/receipt/o7acnml9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6b63e42da51bd42c5e145f4780e391b7ab7f1dc48a7de981282230031826505

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 16
cache-control: s-maxage=0
cf-cache-status: DYNAMIC
cf-ray: 8c2619a58ba18d54-HEL
content-disposition: inline; filename="index.html"
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 13 Sep 2024 06:32:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBpiWVqv5kdlUSNt6MmSn736%2BS6y8wnMeGGVyLCcezH80ZAWk9Fzz0eq4OSuvL26qYBjpFGDW1f96Fzuq5MpMuofFzTOv5KmfTRU4mAsSheAB0SbdqYUkxE2u9k2444RBt3CDPS2e%2B%2BU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: arn1::z4x9z-1726209147804-363a01ea860f

Redirect headers

cache-control: private, no-cache
cf-ray: 8c26199a3aff8d54-HEL
content-length: 167
content-type: text/html
date: Fri, 13 Sep 2024 06:32:25 GMT
location: https://viewer.grandtransfer.io/receipt/o7acnml9
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 88 KB
31 KB 9307ms
4401ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/receipt/o7acnml9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://viewer.grandtransfer.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 17:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31191
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 17:58:41 GMT

GET
H2 200 script.js Show response
viewer.grandtransfer.io/javascripts/ 950 B
674 B 2211ms
2210ms Script
application/javascript 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/javascripts/script.js

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/receipt/o7acnml9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2824ba5b5f5e3a0799e17203500e81d78f1d588d350c8ef00cf1a839ed8e258

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:29 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="script.js"
x-vercel-id: arn1::l5jgr-1726209149212-0bbd9ff1cf9d
server: cloudflare
etag: W/"20e02f697d26d9ff43500c3aec9ff646"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrzL8Kn6M9npqRp%2FKl9UUFaFwO5gU6dMhBUL1%2BRUFtRreBeHa%2Bg2yFNZUVgpOTYLZqo%2FIyU7tDY5SnvmYffom6W3IVHvNYZQmT9a6i8p1eSsXmHDWJ0vYhhnJav%2BKx2Q7MCVotiW5PEM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8c2619ae59508d54-HEL

GET
H2 200 index.js Show response
viewer.grandtransfer.io/assets/js/ 0
367 B 1898ms
1897ms Script
application/javascript 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/assets/js/index.js

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/receipt/o7acnml9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:29 GMT
strict-transport-security: max-age=63072000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="index.js"
content-length: 0
x-vercel-id: arn1::2clc6-1726209149240-e168560482da
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPrU2jH0s8tZX0B0WBFwLiXAw0DoiAhsVTb%2FSfIfD2GSn1HL4Yd2ObpWoa%2F2A%2BmY%2FhuN30cIQ4emjhhWr%2FYTqH8PHCoBdpbXxOECVechtis3hyzM54O6BxxtNlIw%2Bf6vRKd4s95btvn2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8c2619ae896a8d54-HEL

GET
H2 200 main.4250a745.js Show response
viewer.grandtransfer.io/static/js/ 10 MB
2 MB 3188ms
3188ms Script
application/javascript 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/static/js/main.4250a745.js

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/receipt/o7acnml9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b75a68f5be5bb7ea3f864043063674d8dcc22a32b6d7577708cb1443fd6065bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:31 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="main.4250a745.js"
x-vercel-id: arn1::sb8js-1726209151401-263f8708deb8
server: cloudflare
etag: W/"d59cbe3438e8293dfd40d0dd8cda791a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSLrMTi9ostHlhQL6%2BNn68v390fHqxQ%2BGd06giRtyOjLu47fVin36Zq3DG%2B7UGM7wHC1z5jgjaaAjc1drFiBRU20AlDcIUQEAqOae4UWk9HOmvLcTcyiWe5IQlajB5Y1degUd6sQniLy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400, s-maxage=31536000, immutable
cf-ray: 8c2619bc0af68d54-HEL

GET
H2 200 main.f0f3ee50.css
viewer.grandtransfer.io/static/css/ 282 KB
45 KB 1502ms
1502ms Stylesheet
text/css 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/static/css/main.f0f3ee50.css

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/receipt/o7acnml9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a68330b27411d73d269f2a9ca165238438252f6574ccb22cf4c38a8c685ed747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:29 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="main.f0f3ee50.css"
x-vercel-id: arn1::4t55c-1726209149190-85df1058ac21
server: cloudflare
etag: W/"efe63cdb0e340cf34ff793254a2232e0"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vaVoS8GwHtsbzKkJ%2BRKrLHAnym1wsYpZ4157mLA0UZW3PEdwYk%2FYmrDyq9xvrTVdaAiVVIKg7J4LYKLi7JqEOdFk1sfj1590APvWVaR8cTmFeEs7RUnGQe2LYhatlruH3fwB2SoiNi%2Bi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400, s-maxage=31536000, immutable
cf-ray: 8c2619ae594f8d54-HEL

GET
H2 200 logo.svg
viewer.grandtransfer.io/assets/images/ 9 KB
4 KB 1529ms
1527ms Image
image/svg+xml 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewer.grandtransfer.io/assets/images/logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

694c28660f74b9ee34c1dda18ee2149419553a17d5c44dd3d6a3a230de07931c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:46 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="logo.svg"
x-vercel-id: arn1::5ktp2-1726209166412-728e391529da
server: cloudflare
etag: W/"3ffd158827535956abd53bca339336b0"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0RVyzaDocSnPwSMJGeV6g9pGpotl2UQt2SKwscsVSuIp%2F4htU7WQZfniGQdjUDtIZ7rrao0RPQgrwM1Ec9AMSf8LlqGhPdWr7x59OsR3yIUkJMAHYiCvYV1HKpQYe9Xra9wIu%2BJdJKg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8c261a19cab88d54-HEL

GET
H2 200 white-chevron.svg
viewer.grandtransfer.io/assets/images/ 199 B
591 B 1529ms
1528ms Image
image/svg+xml 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewer.grandtransfer.io/assets/images/white-chevron.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ba06edaa3dc52644b62efdd1baf3b48a8c0cf9e2f9c4487021ec6a9a2da39fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:46 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="white-chevron.svg"
x-vercel-id: arn1::4m8nb-1726209166416-767e1cf2aa74
server: cloudflare
etag: W/"1aea2fc3d4ea5eab69643b278b6845e6"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1AGCsScQXWhHlyEQQS5pocIyZwblB87GWsEuy8CNHPOucktGvcsv0f3JT%2FFcJmVxKyP2hbGNpkgAP0Af%2FAE8VHj73WZFcoUGuZAojja3Iu48j%2FlNGt61x6kXTBbmhvLqcivT1%2F3WnUb"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8c261a19cab98d54-HEL

GET
H2 200 BG.jpg
viewer.grandtransfer.io/assets/images/ 658 KB
659 KB 745ms
745ms Image
image/jpeg 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewer.grandtransfer.io/assets/images/BG.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

554c750597d3c9a53b5bc4612157c8f9a6c9d68de39df49efd6fc1315da72d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:46 GMT
strict-transport-security: max-age=63072000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="BG.jpg"
content-length: 673394
x-vercel-id: arn1::8f4n4-1726209166411-801738b812a4
server: cloudflare
etag: "5e88f4f8fb580d5eac6afde1d6e671e6"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xn%2BbxKe%2BtQB6FDu6Pnnc9M%2Ft2xwOAYXehSN%2F3Za0Wwk8FDbxUl1X4UAcMGrj%2BpCkM8fAqABKsVGYAWZbxUSmFbNk%2BXfg2rUqoxLUV3m5KVKaryYzS%2BQeC5lpfG61qYC%2BebV9botJXLuM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8c261a19caba8d54-HEL

GET
H2 200 favicon.ico
viewer.grandtransfer.io/assets/images/favicons/ 15 KB
3 KB 1809ms
1808ms Other
image/vnd.microsoft.icon 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/assets/images/favicons/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f337c6f576d81b6e365fac8bf6c6be235278c4bf34f5813ed60a51847f1980a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:46 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="favicon.ico"
x-vercel-id: arn1::lh95p-1726209166546-0185284f59bc
server: cloudflare
etag: W/"1b17499174260078aed6a6584be3016b"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CG6nWj8R2cJA7vWZt6AGPpjErSrFdtPhxeADsy2bwhXasSr3O486yGU64%2BKxYP10J3PsKM%2BoIBFiWOh5Ck%2Fw%2BUetCqtP%2BFGByuh23XKOjv%2BfurpPZhDwmQyj4U36AxeyWL%2B%2BnrKmjokP"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8c261a1aab528d54-HEL

GET
H2 200 / Show response
ipapi.co/json/ 747 B
904 B 6467ms
3513ms XHR
application/json 172.67.69.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/static/js/main.4250a745.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a4d4690867facd21925684a561b696b811760ebfff4884f4af383a31abe2bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://viewer.grandtransfer.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
server: cloudflare
vary: Host, origin
allow: GET, OPTIONS, POST, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://viewer.grandtransfer.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dGaHRIbFV4fPik6ywPS1j27Uqu77twFpgps26wFJxTTeptlMmaEaD1uxe290X%2FIJMfnRpbtBZpCrDBobPcjbDym6q%2BLf2WPR69IlyFKrFT09GVFyI%2FN9XHj%2F"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 8c261a2c5f258dc3-HEL

GET
H2 200 tiny_face_detector_model-weights_manifest.json Show response
viewer.grandtransfer.io/models/ 3 KB
1 KB 1591ms
1590ms Fetch
application/json 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/models/tiny_face_detector_model-weights_manifest.json

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/static/js/main.4250a745.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c60659a31b6b7b1320077171b8f8adcb24ef0e62dde62ce603bcb49a1b49b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:46 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
content-disposition: inline; filename="tiny_face_detector_model-weights_manifest.json"
x-vercel-id: arn1::2h5fw-1726209166522-8b9702a70f0c
server: cloudflare
etag: W/"5bab50532388f5da9b4cd85b15adc11c"
x-vercel-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OFiEkpDPWBOsxfg1RC77U24YfKVPuXMmqTOjnpGj6RQiR1s8c5HYTLXCN2%2FQlW%2F5Lwlz%2FuW3S5btr%2FAtED5BwovtooZTu85DjzO2vUJJ1LE%2FdrfhTjVgijvV%2FfxZ7FcUi2BnSPGIhUAj"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c261a1aab538d54-HEL

GET
H2 200 script.js Show response
viewer.grandtransfer.io/_vercel/insights/ 2 KB
2 KB 3464ms
3464ms Script
application/javascript 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/_vercel/insights/script.js

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/static/js/main.4250a745.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c33e15c3d7e4924c94171c8917a0239551234f0d3b602d5f4c55a244d839ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="script.js"
x-vercel-id: arn1:arn1:arn1::ps9dh-1726209169354-5e897ee1e970
server: cloudflare
etag: W/"fcf06e135949a699d8950fec18d1a14a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbZbLXjWVN0ss8hwYNXT8LIJUUS59gL47mCmWc4JRPk%2BKBTi6doVbeZR2pgIU97iRf%2FwtV9h7yFD6JuZRbZb0ET5i6pyOZSuifg0PSwRlofm80aRdiBepD94KlybuGU%2FZuzdjGqWVfzk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8c261a2c3ecc8d54-HEL

GET
H2 200 Inter-Regular.9ca9ba81e9dcaa12b3a1.ttf
viewer.grandtransfer.io/static/media/ 303 KB
140 KB 1586ms
1586ms Font
font/ttf 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/static/media/Inter-Regular.9ca9ba81e9dcaa12b3a1.ttf

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/static/css/main.f0f3ee50.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/static/css/main.f0f3ee50.css
Origin: https://viewer.grandtransfer.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:46 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="Inter-Regular.9ca9ba81e9dcaa12b3a1.ttf"
x-vercel-id: arn1::x9bxr-1726209166549-766060c03cfc
server: cloudflare
etag: W/"ea5879884a95551632e9eb1bba5b2128"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rx6zpP1QACqodLRS8UdtRrVTgkQKacKFa2C%2F5kanWUHjeQcZ3sHC8dnCMnoYp3lcEKmAPHpXf4vuhltgBO5VRR%2FKUXP8TpSxZRZnIygn84Kpx4yMmKfWrEdKZKpNlSC0v%2FowLHerK6%2Fu"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=14400, s-maxage=31536000, immutable
cf-ray: 8c261a1aab548d54-HEL

GET
H2 200 tiny_face_detector_model-shard1 Show response
viewer.grandtransfer.io/models/ 189 KB
189 KB 2316ms
2315ms Fetch
application/octet-stream 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/models/tiny_face_detector_model-shard1

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/static/js/main.4250a745.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7503ce7df31039b1c43316a9b865cab6a70dd748cc602d3fa28b551503c3871

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:48 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
content-disposition: inline; filename="tiny_face_detector_model-shard1"
content-length: 193321
x-vercel-id: arn1::lh95p-1726209168204-0dcbc000d349
server: cloudflare
etag: "2e48b20953b0c59df47459d0319843a0"
x-vercel-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ZfHhxEz27R4ahFmYjaq7qyOVdEjnWupdTzGm%2B0jzDO2Gv3cVZBTGBoinFyRsgYvHzTwWbnkwVsV9ktw6i%2FdQ4a0SIUVTKoayLgzPhzmBzbK1cpTCiIN9L7p24hdYRkbRoHB%2FMZcEaba"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 8c261a253a2b8d54-HEL

GET
H2 200 face_recognition_model-weights_manifest.json
viewer.grandtransfer.io/models/ 0
0 3835ms
3834ms Fetch
application/json 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/models/face_recognition_model-weights_manifest.json

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/static/js/main.4250a745.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:52 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
content-disposition: inline; filename="face_recognition_model-weights_manifest.json"
x-vercel-id: arn1::2kpzn-1726209171933-7a0cafdbcaa3
server: cloudflare
etag: W/"6ecdaf3ea10d4fd3792e485f971e8b96"
x-vercel-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dw4i7uCGCGcjIhgBqhfuCmL4mDGDOMzaOiG4EjHTzyqRWYVtz1vi7k%2BzrMJxWR7J7ajwcFtZUYvsypy6rsJJnwiSYeZjNip7WexChpvfjBIZSgMF6bNhcWwlZQvLrVf7wjuPa9tn9njR"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c261a3c7a368d54-HEL

POST
H2 200 view Show response
viewer.grandtransfer.io/_vercel/insights/ 2 B
420 B 4026ms
4024ms Fetch
text/plain 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.grandtransfer.io/_vercel/insights/view

Requested by

Host: viewer.grandtransfer.io
URL: https://viewer.grandtransfer.io/_vercel/insights/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Sep 2024 06:32:53 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: arn1::kwqzn-1726209172898-9b7026bd791d
server: cloudflare
x-ratelimit-remaining: 999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1xEhn%2Bp7GeLlBBb3HqyJHKvaaCdRqnBoE44uDCEiMvMoF37IHp1dO0Ujr5%2F%2BKTMMxfojvR2lcc8fgFlhqVKpNUsfT1PxBmlJROho9rZJC6JZjckKkypDy4IGA%2BAkxZlXwQynj5ojcGH"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: public, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
x-ratelimit-limit: 1000
x-ratelimit-reset: 60
cf-ray: 8c261a424e038d54-HEL
content-length: 2

OPTIONS o7acnml9
api.grandtransfer.io/api/get_share_link_by_slug/ 0
0

POST o7acnml9
api.grandtransfer.io/api/get_share_link_by_slug/ 0
0

GET
H2 200 tick.svg
viewer.grandtransfer.io/assets/images/ 663 B
799 B 2758ms
2757ms Image
image/svg+xml 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewer.grandtransfer.io/assets/images/tick.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b527325e8a1f6610e61b32188501115f8b9939ce5f1c491c500094e75585cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:56 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="tick.svg"
x-vercel-id: arn1::rvdrp-1726209176063-79545ff5474f
server: cloudflare
etag: W/"ae11249eeaa0421d62497e4a3f00fbc3"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=naDFg%2B7f1GgqVEOWId3EUZD6%2Fja9WBE3SHJa%2BDBbgkr%2BvJfpaaBJ%2BNVP%2Fh7lyHE6on1ajczFghuqbL6J5oNqQKXk9GoAUhEX3jaKLlrLFZh48l6OJuiwp3gIe%2Bq%2BvKV9J%2FBHG%2BUKZkIo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8c261a562a3e8d54-HEL

GET
H2 200 logo.svg
viewer.grandtransfer.io/assets/images/ 9 KB
0 0ms
0ms Image
image/svg+xml 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viewer.grandtransfer.io/assets/images/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 694c28660f74b9ee34c1dda18ee2149419553a17d5c44dd3d6a3a230de07931c

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: arn1::5ktp2-1726209166412-728e391529da
server: cloudflare
etag: W/"3ffd158827535956abd53bca339336b0"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0RVyzaDocSnPwSMJGeV6g9pGpotl2UQt2SKwscsVSuIp%2F4htU7WQZfniGQdjUDtIZ7rrao0RPQgrwM1Ec9AMSf8LlqGhPdWr7x59OsR3yIUkJMAHYiCvYV1HKpQYe9Xra9wIu%2BJdJKg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
content-disposition: inline; filename="logo.svg"
cf-ray: 8c261a19cab88d54-HEL

GET
H2 200 white-chevron.svg
viewer.grandtransfer.io/assets/images/ 199 B
0 0ms
0ms Image
image/svg+xml 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viewer.grandtransfer.io/assets/images/white-chevron.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ba06edaa3dc52644b62efdd1baf3b48a8c0cf9e2f9c4487021ec6a9a2da39fb

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: arn1::4m8nb-1726209166416-767e1cf2aa74
server: cloudflare
etag: W/"1aea2fc3d4ea5eab69643b278b6845e6"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1AGCsScQXWhHlyEQQS5pocIyZwblB87GWsEuy8CNHPOucktGvcsv0f3JT%2FFcJmVxKyP2hbGNpkgAP0Af%2FAE8VHj73WZFcoUGuZAojja3Iu48j%2FlNGt61x6kXTBbmhvLqcivT1%2F3WnUb"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
content-disposition: inline; filename="white-chevron.svg"
cf-ray: 8c261a19cab98d54-HEL

GET
H2 200 BG.jpg
viewer.grandtransfer.io/assets/images/ 658 KB
0 0ms
0ms Image
image/jpeg 172.67.73.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viewer.grandtransfer.io/assets/images/BG.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554c750597d3c9a53b5bc4612157c8f9a6c9d68de39df49efd6fc1315da72d72

Request headers

Referer: https://viewer.grandtransfer.io/receipt/o7acnml9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 06:32:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="BG.jpg"
content-length: 673394
x-vercel-id: arn1::8f4n4-1726209166411-801738b812a4
server: cloudflare
etag: "5e88f4f8fb580d5eac6afde1d6e671e6"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xn%2BbxKe%2BtQB6FDu6Pnnc9M%2Ft2xwOAYXehSN%2F3Za0Wwk8FDbxUl1X4UAcMGrj%2BpCkM8fAqABKsVGYAWZbxUSmFbNk%2BXfg2rUqoxLUV3m5KVKaryYzS%2BQeC5lpfG61qYC%2BebV9botJXLuM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8c261a19caba8d54-HEL

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.grandtransfer.io
URL: https://api.grandtransfer.io/api/get_share_link_by_slug/o7acnml9

Domain: api.grandtransfer.io
URL: https://api.grandtransfer.io/api/get_share_link_by_slug/o7acnml9

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.viewer.grandtransfer.io/	1970-01-20 23:31:35	Name: __cf_mw_byp Value: 64X4xh.QA9S4z53MZy1wDJsXDbvaA8a1GZwrAxM5Kf4-1726209137-0.0.1.1-/receipt/o7acnml9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.grandtransfer.io
ipapi.co
viewer.grandtransfer.io
api.grandtransfer.io
142.250.186.42
172.67.69.226
172.67.73.18
14c60659a31b6b7b1320077171b8f8adcb24ef0e62dde62ce603bcb49a1b49b5
3127f0b873387ee37e2040135a06e9e9c05030f509eb63689529becf28b50384
4b527325e8a1f6610e61b32188501115f8b9939ce5f1c491c500094e75585cb3
52c33e15c3d7e4924c94171c8917a0239551234f0d3b602d5f4c55a244d839ea
554c750597d3c9a53b5bc4612157c8f9a6c9d68de39df49efd6fc1315da72d72
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
694c28660f74b9ee34c1dda18ee2149419553a17d5c44dd3d6a3a230de07931c
6a4d4690867facd21925684a561b696b811760ebfff4884f4af383a31abe2bdd
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
9ba06edaa3dc52644b62efdd1baf3b48a8c0cf9e2f9c4487021ec6a9a2da39fb
a68330b27411d73d269f2a9ca165238438252f6574ccb22cf4c38a8c685ed747
a6b63e42da51bd42c5e145f4780e391b7ab7f1dc48a7de981282230031826505
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b2824ba5b5f5e3a0799e17203500e81d78f1d588d350c8ef00cf1a839ed8e258
b3e16edaeb6e2247ff2e0ba37c9297c58cea817a1edb2e5a26ced279187192c7
b7503ce7df31039b1c43316a9b865cab6a70dd748cc602d3fa28b551503c3871
b75a68f5be5bb7ea3f864043063674d8dcc22a32b6d7577708cb1443fd6065bb
b9a4a62197f98114d2b6297c6c0cb49f806d8d432395dc8806a4543da00458c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f337c6f576d81b6e365fac8bf6c6be235278c4bf34f5813ed60a51847f1980a3

viewer.grandtransfer.io Open in urlscan Pro 172.67.73.18 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

93 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

3272 kBTransfer

12286 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

1 Cookies

viewer.grandtransfer.io Open in urlscan Pro
172.67.73.18 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

93 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

3272 kB
Transfer

12286 kB
Size

1
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!