wetransfer.com
Open in
urlscan Pro
54.216.161.59
Public Scan
Effective URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc2021061...
Submission: On June 15 via manual from IN
Summary
TLS certificate: Issued by Amazon on September 4th 2020. Valid for: a year.
This is the only time wetransfer.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 35.210.200.138 35.210.200.138 | 15169 (GOOGLE) (GOOGLE) | |
3 | 54.216.161.59 54.216.161.59 | 16509 (AMAZON-02) (AMAZON-02) | |
12 | 99.86.241.48 99.86.241.48 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:21f... 2600:9000:21f3:2200:6:bbf2:440:21 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 151.101.14.217 151.101.14.217 | 54113 (FASTLY) (FASTLY) | |
4 | 52.16.190.76 52.16.190.76 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 54.85.85.145 54.85.85.145 | 14618 (AMAZON-AES) (AMAZON-AES) | |
28 | 8 |
ASN15169 (GOOGLE, US)
PTR: 138.200.210.35.bc.googleusercontent.com
scanner.topsec.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-161-59.eu-west-1.compute.amazonaws.com
wetransfer.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-48.vie50.r.cloudfront.net
prod-cdn.wetransfer.net |
ASN16509 (AMAZON-02, US)
d19ptbnuzhibkh.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-190-76.eu-west-1.compute.amazonaws.com
snowplow.wetransfer.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-85-145.compute-1.amazonaws.com
events.launchdarkly.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
wetransfer.net
prod-cdn.wetransfer.net |
1 MB |
7 |
wetransfer.com
wetransfer.com snowplow.wetransfer.com |
9 KB |
4 |
launchdarkly.com
app.launchdarkly.com events.launchdarkly.com |
685 B |
2 |
googletagmanager.com
www.googletagmanager.com |
90 KB |
2 |
topsec.com
scanner.topsec.com |
18 KB |
1 |
cloudfront.net
d19ptbnuzhibkh.cloudfront.net |
30 KB |
28 | 6 |
Domain | Requested by | |
---|---|---|
12 | prod-cdn.wetransfer.net |
wetransfer.com
prod-cdn.wetransfer.net |
4 | snowplow.wetransfer.com |
d19ptbnuzhibkh.cloudfront.net
|
3 | wetransfer.com |
prod-cdn.wetransfer.net
|
2 | events.launchdarkly.com |
prod-cdn.wetransfer.net
|
2 | app.launchdarkly.com |
prod-cdn.wetransfer.net
|
2 | www.googletagmanager.com |
wetransfer.com
www.googletagmanager.com |
2 | scanner.topsec.com |
scanner.topsec.com
|
1 | d19ptbnuzhibkh.cloudfront.net |
wetransfer.com
|
28 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
wetransfer.zendesk.com |
about.wetransfer.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
topsec.com Sectigo RSA Organization Validation Secure Server CA |
2020-11-19 - 2021-11-19 |
a year | crt.sh |
wetransfer.com Amazon |
2020-09-04 - 2021-10-04 |
a year | crt.sh |
wetransfer.net Amazon |
2020-08-11 - 2021-09-10 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2021-02-22 - 2022-02-21 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-05-17 - 2021-08-09 |
3 months | crt.sh |
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-03-22 - 2022-04-23 |
a year | crt.sh |
snowplow.wetransfer.com Amazon |
2021-04-18 - 2022-05-17 |
a year | crt.sh |
events.launchdarkly.com Amazon |
2020-10-19 - 2021-11-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Frame ID: 89230BDFF940DE9592D0370598FAF6CA
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://scanner.topsec.com/?t=62b402338789ff8ae2cc0d2d92d9abca88a01327&r=show&d=2496&u=https%3A%2F%2Fwe... Page URL
- https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea... Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /^authenticity_token$/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: help center
Search URL Search Domain Scan URL
Title: Products
Search URL Search Domain Scan URL
Title: Company
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://scanner.topsec.com/?t=62b402338789ff8ae2cc0d2d92d9abca88a01327&r=show&d=2496&u=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fe3fc9dfe5104483edccc73d2866bce7620210615094707%2F5298a0195599ab12eea274bb5e6837dc20210615094804%2Fb52b79%3Futm_campaign%3DWT_email_tracking%26utm_content%3Dgeneral%26utm_medium%3Ddownload_button%26utm_source%3Dnotify_recipient_email Page URL
- https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
scanner.topsec.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
topsec_logo.png
scanner.topsec.com/images/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
b52b79
wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/ |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime~application-89c4265a895f8014797f.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-eeb3703c4925b8326770.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
803 KB 210 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-723b282ec219c70d9bdd.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
989 KB 300 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ActiefGrotesque_W_Regular-1f437876.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ |
30 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ActiefGrotesque_W_Medium-293e86f0.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ |
31 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-Super-WT-Super-1b214df1.woff
prod-cdn.wetransfer.net/packs/media/gt-super-wt/ |
42 KB 43 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-e9e70d4a.chunk.css
prod-cdn.wetransfer.net/packs/css/ |
364 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-0d65947306b8b68f172b.es6.js
prod-cdn.wetransfer.net/packs/esm/runtime~locale/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-f2f9986d8a8175c789f5.es6.js
prod-cdn.wetransfer.net/packs/esm/locale/ |
127 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
prod-cdn.wetransfer.net/assets/ |
349 B 706 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.js
d19ptbnuzhibkh.cloudfront.net/2.10.2/ |
96 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
114 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
gtm.js
www.googletagmanager.com/ |
198 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ |
2 B 176 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
wetransfer.com/api/ |
432 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie-wall-art-792f76ae.png
prod-cdn.wetransfer.net/packs/media/images/ |
746 KB 747 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core-shape-d22f0e47.svg
prod-cdn.wetransfer.net/packs/media/transfer_window/ |
485 B 836 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ |
2 B 336 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pricing
wetransfer.com/api/v4/nu_subscriptions/ |
895 B 922 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ |
2 B 335 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ |
0 509 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackJsonp object| _i18n_ undefined| __session__ object| GlobalSnowplowNamespace function| __snowplow__ object| dataLayer undefined| __trackjs__ object| __recaptcha__ object| recaptchaOptions object| __launch_darkly__ object| __curated_wallpapers__ boolean| __ads_enabled__ string| asset_host boolean| modernBrowser undefined| polyfillScript object| __stripe__ object| __walter_api__ object| __auth0_config__ string| accountAppUrl object| google_tag_manager function| applyFocusVisiblePolyfill function| __tcfapi object| pbjs object| _pbjsGlobals function| Velocity function| onRecaptchaLoaded function| onRecaptchaCallback function| setImmediate function| clearImmediate function| _typeof object| Snowplow object| google_tag_data4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.wetransfer.com/ | Name: _wt_session Value: cHJEQWV6QjVjVVJtdDluVjEvYndXNkM0S1dmVnpGV1RVWE9iK25pZjNpeFh6aVpMVlphUlpDWkJOc0pmRXlTMmpQRDExUFBZVlBEbDBmR29KSy9lTDVQMThERFJvNk9VU2FSNUI2UkJxL0FYZjF4eTVCWDlaZmdrbUFTcURSOFZTMWRTTnNyZHd0SGNqeld3cXlSN2NRPT0tLUszVWVIMzcyTnR4Y2hXRDZWWmRSM3c9PQ%3D%3D--436b39bc53f3e9a414004a4e3fa42e36bc065d99 |
|
.wetransfer.com/ | Name: _wt_snowplowid.38f1 Value: 2816ab52-fbdd-474e-b10f-df91d6845f01.1623757240.1.1623757242.1623757240.d405864e-cf58-445a-8427-847d64af084e |
|
.wetransfer.com/ | Name: _gcl_au Value: 1.1.1094441843.1623757242 |
|
.wetransfer.com/ | Name: _wt_snowplowses.38f1 Value: * |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.launchdarkly.com
d19ptbnuzhibkh.cloudfront.net
events.launchdarkly.com
prod-cdn.wetransfer.net
scanner.topsec.com
snowplow.wetransfer.com
wetransfer.com
www.googletagmanager.com
151.101.14.217
2600:9000:21f3:2200:6:bbf2:440:21
2a00:1450:4001:827::2008
35.210.200.138
52.16.190.76
54.216.161.59
54.85.85.145
99.86.241.48
196572e8f27540d635d8f876b1a3d05b7593df8a5c0ba793042bd7a9527bd8d6
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73
246124bfdfbc23dac56a19ac8a486d4742f6da9fc08c8c73e0cef624abc23e8f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
32cc5c9b91d6bfa3f6be5ac76c99fa7053352ebc7ec502ca58f61a5feec147ab
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
6dfd27323527d91bff64e25792695e4c204abf6c8b841b24ac0913974f1d4a77
7ad7d4f79b26cee0a72de1a1cfba6f5c24dafc44f1999bb3acbabf155738e653
7df924cc70821b6412756590712c90299e1f99794e3410e26ea73085767b6a08
85b7524ed1ad9a0992d9fee7f1a884138774ce0a72c33a45e889bf3e31f804a8
a2fe38c0e4e2b96fabe903bb32c79d2120b253a42eb6e0a1b2983e1da53144b0
a41cab3374674fb912cc0e0b9a02db73b57d22f72d0fa09f7608ad6104991d5a
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
ae0f875dd6932b727217bc8901fb421722ab8bc3005110d27e8d842659a39734
b027be4ddd567f3a0abb04757d1b84675246f1dd7f0d89ada9b68f29e5894033
c7b919e57945e339252f35a32d12654a46784a06be0fe6a5b895e0320952b398
cc7e0d7cc08310915a992a565748976a2e945200370d181bdcf2316b7c43bf0a
d4a7c1d8e5a4ca0525b599787d31efeec1edd20e3dd6aa620f669a590263faaa
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9744ea4c8fc672f704d33e411682ebed96840e08649733dadf8214b927ed509