Submitted URL: https://scanner.topsec.com/?t=62b402338789ff8ae2cc0d2d92d9abca88a01327&r=show&d=2496&u=https%3A%2F%2Fwetransfer.com%2Fdownl...
Effective URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc2021061...
Submission: On June 15 via manual from IN

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 28 HTTP transactions. The main IP is 54.216.161.59, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is wetransfer.com.
TLS certificate: Issued by Amazon on September 4th 2020. Valid for: a year.
This is the only time wetransfer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 35.210.200.138 15169 (GOOGLE)
3 54.216.161.59 16509 (AMAZON-02)
12 99.86.241.48 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.14.217 54113 (FASTLY)
4 52.16.190.76 16509 (AMAZON-02)
2 54.85.85.145 14618 (AMAZON-AES)
28 8
Domain Requested by
12 prod-cdn.wetransfer.net wetransfer.com
prod-cdn.wetransfer.net
4 snowplow.wetransfer.com d19ptbnuzhibkh.cloudfront.net
3 wetransfer.com prod-cdn.wetransfer.net
2 events.launchdarkly.com prod-cdn.wetransfer.net
2 app.launchdarkly.com prod-cdn.wetransfer.net
2 www.googletagmanager.com wetransfer.com
www.googletagmanager.com
2 scanner.topsec.com scanner.topsec.com
1 d19ptbnuzhibkh.cloudfront.net wetransfer.com
28 8

This site contains links to these domains. Also see Links.

Domain
wetransfer.zendesk.com
about.wetransfer.com
Subject Issuer Validity Valid
topsec.com
Sectigo RSA Organization Validation Secure Server CA
2020-11-19 -
2021-11-19
a year crt.sh
wetransfer.com
Amazon
2020-09-04 -
2021-10-04
a year crt.sh
wetransfer.net
Amazon
2020-08-11 -
2021-09-10
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2021-02-22 -
2022-02-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
snowplow.wetransfer.com
Amazon
2021-04-18 -
2022-05-17
a year crt.sh
events.launchdarkly.com
Amazon
2020-10-19 -
2021-11-17
a year crt.sh

This page contains 1 frames:

Primary Page: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Frame ID: 89230BDFF940DE9592D0370598FAF6CA
Requests: 24 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://scanner.topsec.com/?t=62b402338789ff8ae2cc0d2d92d9abca88a01327&r=show&d=2496&u=https%3A%2F%2Fwe... Page URL
  2. https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea... Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Page Statistics

28
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

1602 kB
Transfer

3586 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://scanner.topsec.com/?t=62b402338789ff8ae2cc0d2d92d9abca88a01327&r=show&d=2496&u=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fe3fc9dfe5104483edccc73d2866bce7620210615094707%2F5298a0195599ab12eea274bb5e6837dc20210615094804%2Fb52b79%3Futm_campaign%3DWT_email_tracking%26utm_content%3Dgeneral%26utm_medium%3Ddownload_button%26utm_source%3Dnotify_recipient_email Page URL
  2. https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
scanner.topsec.com/
2 KB
2 KB
Document
General
Full URL
https://scanner.topsec.com/?t=62b402338789ff8ae2cc0d2d92d9abca88a01327&r=show&d=2496&u=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fe3fc9dfe5104483edccc73d2866bce7620210615094707%2F5298a0195599ab12eea274bb5e6837dc20210615094804%2Fb52b79%3Futm_campaign%3DWT_email_tracking%26utm_content%3Dgeneral%26utm_medium%3Ddownload_button%26utm_source%3Dnotify_recipient_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.210.200.138 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
138.200.210.35.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
85b7524ed1ad9a0992d9fee7f1a884138774ce0a72c33a45e889bf3e31f804a8

Request headers

Host
scanner.topsec.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.10.3
Date
Tue, 15 Jun 2021 11:40:37 GMT
Content-Type
text/html; charset=utf-8
Content-Length
2081
Connection
keep-alive
topsec_logo.png
scanner.topsec.com/images/
15 KB
16 KB
Image
General
Full URL
https://scanner.topsec.com/images/topsec_logo.png
Requested by
Host: scanner.topsec.com
URL: https://scanner.topsec.com/?t=62b402338789ff8ae2cc0d2d92d9abca88a01327&r=show&d=2496&u=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fe3fc9dfe5104483edccc73d2866bce7620210615094707%2F5298a0195599ab12eea274bb5e6837dc20210615094804%2Fb52b79%3Futm_campaign%3DWT_email_tracking%26utm_content%3Dgeneral%26utm_medium%3Ddownload_button%26utm_source%3Dnotify_recipient_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.210.200.138 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
138.200.210.35.bc.googleusercontent.com
Software
nginx/1.10.3 /
Resource Hash
246124bfdfbc23dac56a19ac8a486d4742f6da9fc08c8c73e0cef624abc23e8f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
scanner.topsec.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://scanner.topsec.com/?t=62b402338789ff8ae2cc0d2d92d9abca88a01327&r=show&d=2496&u=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fe3fc9dfe5104483edccc73d2866bce7620210615094707%2F5298a0195599ab12eea274bb5e6837dc20210615094804%2Fb52b79%3Futm_campaign%3DWT_email_tracking%26utm_content%3Dgeneral%26utm_medium%3Ddownload_button%26utm_source%3Dnotify_recipient_email
Connection
keep-alive
Referer
https://scanner.topsec.com/?t=62b402338789ff8ae2cc0d2d92d9abca88a01327&r=show&d=2496&u=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fe3fc9dfe5104483edccc73d2866bce7620210615094707%2F5298a0195599ab12eea274bb5e6837dc20210615094804%2Fb52b79%3Futm_campaign%3DWT_email_tracking%26utm_content%3Dgeneral%26utm_medium%3Ddownload_button%26utm_source%3Dnotify_recipient_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Tue, 15 Jun 2021 11:40:37 GMT
Last-Modified
Fri, 20 Sep 2019 11:43:12 GMT
Server
nginx/1.10.3
ETag
"5d84bb50-3cd3"
Content-Type
image/png
Cache-Control
max-age=315360000 public, must-validate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15571
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Primary Request b52b79
wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/
19 KB
6 KB
Document
General
Full URL
https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.161.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-161-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a2fe38c0e4e2b96fabe903bb32c79d2120b253a42eb6e0a1b2983e1da53144b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
wetransfer.com
:scheme
https
:path
/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://scanner.topsec.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://scanner.topsec.com/

Response headers

date
Tue, 15 Jun 2021 11:40:40 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
set-cookie
_wt_snowplowid.38f1=2816ab52-fbdd-474e-b10f-df91d6845f01.1623757240.0.1623757240.; domain=.wetransfer.com; path=/; expires=Thu, 15 Jun 2023 11:40:40 GMT; secure _wt_session=RjVHZmc2RUNDYm5NcWh1andsMHBVYWlyQjFDbGlSWTZjUDNQY1Q5UnJabGRZYzdRUlpVZXFmaHN6NmFka1Y5UXNMNzJSTE41S2c3SVc1Yzh1SUFBVWNmSllaT3dHdjBZU0todHRMZUZId1JNbmprbGRKMndiRTM4ZXpZQ0c2b1NZazB5K3orbHVHUjFyR3VqU1dWZXFRPT0tLUhONDZkSHBCMjZVaVY0Y2hlaVRZOUE9PQ%3D%3D--534b790fc3a41b901eae66e5f2abf1b4ce0314f0; domain=wetransfer.com; path=/; secure; HttpOnly; SameSite=Lax
cache-control
no-cache, no-store
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
vary
Accept-Encoding, Origin
content-encoding
gzip
etag
W/"9a3063207722688d92f23cf05f9b8152"
x-request-id
fbc17f3b-ad7a-47d2-964f-38ac7ee93cad
x-opaque
b5606b841e89a473413d692aa587002f9bf8d1fa-0efa049be73400be1-10211
x-runtime
0.048853
strict-transport-security
max-age=15552000; includeSubDomains;
runtime~application-89c4265a895f8014797f.es6.js
prod-cdn.wetransfer.net/packs/esm/
6 KB
3 KB
Script
General
Full URL
https://prod-cdn.wetransfer.net/packs/esm/runtime~application-89c4265a895f8014797f.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae0f875dd6932b727217bc8901fb421722ab8bc3005110d27e8d842659a39734

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 07:16:40 GMT
content-encoding
gzip
last-modified
Mon, 14 Jun 2021 18:27:35 GMT
server
AmazonS3
age
15842
etag
W/"36139228c14e8fd5a3157ac546af0574"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
bZKvYf8woZHyDC0_-7DRLlgn3mhzOtaNaQiFt16rDvwbknpxHIEAlQ==
application-eeb3703c4925b8326770.es6.js
prod-cdn.wetransfer.net/packs/esm/
803 KB
210 KB
Script
General
Full URL
https://prod-cdn.wetransfer.net/packs/esm/application-eeb3703c4925b8326770.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9744ea4c8fc672f704d33e411682ebed96840e08649733dadf8214b927ed509

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 07:16:40 GMT
content-encoding
gzip
last-modified
Mon, 14 Jun 2021 18:27:34 GMT
server
AmazonS3
age
15842
etag
W/"f73d6a9cbe1e4cc035cde8cf24978d55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
xMjjh0hTc7WdtLwK1LM2E3BzcP9RwXkAPd-RCsAhNxPyqa_QZaRGMA==
vendor-723b282ec219c70d9bdd.es6.js
prod-cdn.wetransfer.net/packs/esm/
989 KB
300 KB
Script
General
Full URL
https://prod-cdn.wetransfer.net/packs/esm/vendor-723b282ec219c70d9bdd.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
196572e8f27540d635d8f876b1a3d05b7593df8a5c0ba793042bd7a9527bd8d6

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 07:16:40 GMT
content-encoding
gzip
last-modified
Mon, 14 Jun 2021 18:27:35 GMT
server
AmazonS3
age
15842
etag
W/"f2969697e5a64542a2b59dd0cce23eaa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
flZf3h9jn1dW93ZitvCznnHxTDYE-JCXCz2Opy9jECrCabr9LBBhIA==
ActiefGrotesque_W_Regular-1f437876.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/
30 KB
31 KB
Font
General
Full URL
https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6

Request headers

Origin
https://wetransfer.com
Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 22:57:05 GMT
via
1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
823417
x-cache
Hit from cloudfront
content-length
31120
last-modified
Fri, 04 Jun 2021 10:52:11 GMT
server
AmazonS3
etag
"57cbbfdafc43e0deecc75a309dd042c6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-amz-cf-id
C3NpWoIyqZfKQ4nIoo_xd_fOUyka7pef_G0qO2ISEkGv-ih7Rveb8A==
ActiefGrotesque_W_Medium-293e86f0.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/
31 KB
32 KB
Font
General
Full URL
https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555

Request headers

Origin
https://wetransfer.com
Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 19:15:55 GMT
via
1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
3687887
x-cache
Hit from cloudfront
content-length
32124
last-modified
Mon, 03 May 2021 14:40:31 GMT
server
AmazonS3
etag
"868aedeefe7669e8a4f7196f7df5d058"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-amz-cf-id
e98V0UWXe3SfY0QEM1HfiiAPck5LiT-rRVpEXCfeJpQ1dn1I9BubNw==
GT-Super-WT-Super-1b214df1.woff
prod-cdn.wetransfer.net/packs/media/gt-super-wt/
42 KB
43 KB
Font
General
Full URL
https://prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73

Request headers

Origin
https://wetransfer.com
Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 23:00:01 GMT
via
1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
6612041
x-cache
Hit from cloudfront
content-length
43188
last-modified
Tue, 30 Mar 2021 14:51:10 GMT
server
AmazonS3
etag
"55576599a2d772f9297c5036d355b1fb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-amz-cf-id
wh1f1DxVLkLf368801p97w8Yyfpr7gsizKNe1nYxy2BX0TSS5fswPg==
application-e9e70d4a.chunk.css
prod-cdn.wetransfer.net/packs/css/
364 KB
49 KB
Stylesheet
General
Full URL
https://prod-cdn.wetransfer.net/packs/css/application-e9e70d4a.chunk.css
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6dfd27323527d91bff64e25792695e4c204abf6c8b841b24ac0913974f1d4a77

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:32:48 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 09:25:12 GMT
server
AmazonS3
age
428874
etag
W/"817722f60631c110902ab272671e5f41"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
LpdPJCYchRel3Iz1HGb5WBn_E4yEXzFHWXr4WQEneWUUN3fRUqQgTw==
en-0d65947306b8b68f172b.es6.js
prod-cdn.wetransfer.net/packs/esm/runtime~locale/
1 KB
1 KB
Script
General
Full URL
https://prod-cdn.wetransfer.net/packs/esm/runtime~locale/en-0d65947306b8b68f172b.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ad7d4f79b26cee0a72de1a1cfba6f5c24dafc44f1999bb3acbabf155738e653

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 23:43:21 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 13:40:28 GMT
server
AmazonS3
age
302241
etag
W/"17e97b3ba4bb354fb2bdd008fab99947"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
zY3VU4s6QxVXVJ6UNPzP4s1TeWJoTXfNMRIgHp-lqje1QtqaUp3TFA==
en-f2f9986d8a8175c789f5.es6.js
prod-cdn.wetransfer.net/packs/esm/locale/
127 KB
38 KB
Script
General
Full URL
https://prod-cdn.wetransfer.net/packs/esm/locale/en-f2f9986d8a8175c789f5.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7df924cc70821b6412756590712c90299e1f99794e3410e26ea73085767b6a08

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 11:02:17 GMT
content-encoding
gzip
last-modified
Mon, 14 Jun 2021 10:42:46 GMT
server
AmazonS3
age
88705
etag
W/"e71d562da3b30315ef7fb186fa055bf4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
kLj_1AVAm16ZeDhSCG89paZlCopAf1J6ylObnTGziBChdyKDUxrFMQ==
advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
prod-cdn.wetransfer.net/assets/
349 B
706 B
Script
General
Full URL
https://prod-cdn.wetransfer.net/assets/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 14:39:35 GMT
via
1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
last-modified
Fri, 11 Jun 2021 13:40:41 GMT
server
AmazonS3
age
334867
etag
"019dafef616906d42b64043fce694aa3"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
349
x-amz-cf-id
4fofhLUIbeOXHTF6bbbtjxYTIocXIC-IBAMZYRLQRj_weajmVyAJ4A==
sp.js
d19ptbnuzhibkh.cloudfront.net/2.10.2/
96 KB
30 KB
Script
General
Full URL
https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2200:6:bbf2:440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 00:11:45 GMT
content-encoding
gzip
last-modified
Tue, 30 Apr 2019 15:14:08 GMT
server
AmazonS3
age
3065337
etag
"c7b65b3f4e8761897af9a3ca5d76682e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
29895
x-amz-cf-id
xS6rvOhEzhdkjJcLLsOgJsevOo_7KekdyaCIHHzTMgTK-8KoIUKL8g==
gtm.js
www.googletagmanager.com/
114 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/e3fc9dfe5104483edccc73d2866bce7620210615094707/5298a0195599ab12eea274bb5e6837dc20210615094804/b52b79?utm_campaign=WT_email_tracking&utm_content=general&utm_medium=download_button&utm_source=notify_recipient_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc7e0d7cc08310915a992a565748976a2e945200370d181bdcf2316b7c43bf0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:40:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32667
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Jun 2021 11:40:41 GMT
gtm.js
www.googletagmanager.com/
198 KB
58 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K878LCS&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32cc5c9b91d6bfa3f6be5ac76c99fa7053352ebc7ec502ca58f61a5feec147ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:40:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58897
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Jun 2021 11:40:41 GMT
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e
Protocol
H2
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-launchdarkly-user-agent
Origin
https://wetransfer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
300
allow
GET, OPTIONS, HEAD
content-encoding
gzip
ld-region
us-east-1
strict-transport-security
max-age=31536000
accept-ranges
bytes
date
Tue, 15 Jun 2021 11:40:41 GMT
via
1.1 varnish
x-served-by
cache-fra19157-FRA
x-cache
HIT
x-cache-hits
277
x-timer
S1623757241.389609,VS0,VE0
vary
Accept-Encoding
age
0
content-length
23
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/
2 B
176 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-723b282ec219c70d9bdd.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

X-LaunchDarkly-User-Agent
JSClient/2.9.7
Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
access-control-max-age
300
date
Tue, 15 Jun 2021 11:40:41 GMT
content-length
26
x-served-by
cache-fra19157-FRA
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1623757241.420762,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
60
graphql
wetransfer.com/api/
432 B
1 KB
Fetch
General
Full URL
https://wetransfer.com/api/graphql
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-723b282ec219c70d9bdd.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.161.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-161-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c7b919e57945e339252f35a32d12654a46784a06be0fe6a5b895e0320952b398
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://wetransfer.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
_wt_snowplowid.38f1=2816ab52-fbdd-474e-b10f-df91d6845f01.1623757240.0.1623757240.; _wt_session=RjVHZmc2RUNDYm5NcWh1andsMHBVYWlyQjFDbGlSWTZjUDNQY1Q5UnJabGRZYzdRUlpVZXFmaHN6NmFka1Y5UXNMNzJSTE41S2c3SVc1Yzh1SUFBVWNmSllaT3dHdjBZU0todHRMZUZId1JNbmprbGRKMndiRTM4ZXpZQ0c2b1NZazB5K3orbHVHUjFyR3VqU1dWZXFRPT0tLUhONDZkSHBCMjZVaVY0Y2hlaVRZOUE9PQ%3D%3D--534b790fc3a41b901eae66e5f2abf1b4ce0314f0
content-length
369
:path
/api/graphql
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
wetransfer.com
referer
https://wetransfer.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Tue, 15 Jun 2021 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-origin
https://wetransfer.com
strict-transport-security
max-age=15552000; includeSubDomains;
x-opaque
b5606b841e89a473413d692aa587002f9bf8d1fa-0ea54e12a0321c8d0-16405
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
x-request-id
b11aedd2-717d-41db-b180-0317cbff3e0c
x-runtime
0.005254
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"c24dd9d161a5c3f98d796d4c77fe0468"
x-download-options
noopen
access-control-max-age
60
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
cache-control
no-cache, no-store
set-cookie
_wt_snowplowid.38f1=2816ab52-fbdd-474e-b10f-df91d6845f01.1623757240.0.1623757240; domain=.wetransfer.com; path=/; expires=Thu, 15 Jun 2023 11:40:41 GMT; secure _wt_snowplowid.38f1=2816ab52-fbdd-474e-b10f-df91d6845f01.1623757240.0.1623757240; domain=.wetransfer.com; path=/; expires=Thu, 15 Jun 2023 11:40:41 GMT; secure _wt_session=eFZqTE9RSlQ1aDBNVk1LMGFGcUgvOXFIcGNUblVvSUlOZ3U3UFlTOU1OVlZrblRNNlpSdVMzaEhISFEyVUI3WUNPM2RIeGE3bWpWZ2NqMGswMzNyS3QxRWQyTlJWczR5eGt0U1had2Vzenl6OTEyYjcvRVdkTjNxZWJzOXV1ZWlWNFJ4WS9zdytrNGJnVWVjNTQvVE93PT0tLUhCYmlIUEp2V01ick9sUXU5RjI1VkE9PQ%3D%3D--b45dd2ddcbc7001d8e951b6dee9f0f76ec2b09c1; domain=wetransfer.com; path=/; secure; HttpOnly; SameSite=Lax
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-wall-art-792f76ae.png
prod-cdn.wetransfer.net/packs/media/images/
746 KB
747 KB
Image
General
Full URL
https://prod-cdn.wetransfer.net/packs/media/images/cookie-wall-art-792f76ae.png
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-e9e70d4a.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4a7c1d8e5a4ca0525b599787d31efeec1edd20e3dd6aa620f669a590263faaa

Request headers

Referer
https://prod-cdn.wetransfer.net/packs/css/application-e9e70d4a.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:06:56 GMT
via
1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
last-modified
Thu, 04 Mar 2021 13:28:28 GMT
server
AmazonS3
age
8890426
etag
"421ffa97f475166ba26ce232615a7817"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
763841
x-amz-cf-id
JMBUX4hHI3TW6kZLJlsp3fQAquPdiHg6I2taVXFiPnS4VBZzmAdNvg==
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/
0
0
Preflight
General
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Server
52.16.190.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-190-76.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://wetransfer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 11:40:41 GMT
content-length
0
access-control-allow-origin
https://wetransfer.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
server
akka-http/10.1.12
core-shape-d22f0e47.svg
prod-cdn.wetransfer.net/packs/media/transfer_window/
485 B
836 B
Image
General
Full URL
https://prod-cdn.wetransfer.net/packs/media/transfer_window/core-shape-d22f0e47.svg
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/css/application-e9e70d4a.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-48.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a41cab3374674fb912cc0e0b9a02db73b57d22f72d0fa09f7608ad6104991d5a

Request headers

Referer
https://prod-cdn.wetransfer.net/packs/css/application-e9e70d4a.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 14:07:16 GMT
via
1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 13:52:21 GMT
server
AmazonS3
age
9149606
etag
"9c5640120e49affc48fe61cda0b5b08d"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
485
x-amz-cf-id
QGj2Hxiutj5Q5t2XqZYQrhLPYBnhdFtelYGXzgok0CDuWnvZ2NnBfg==
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/
2 B
336 B
XHR
General
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d19ptbnuzhibkh.cloudfront.net
URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.190.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-190-76.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://wetransfer.com
date
Tue, 15 Jun 2021 11:40:41 GMT
access-control-allow-credentials
true
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
content-type
text/plain; charset=UTF-8
pricing
wetransfer.com/api/v4/nu_subscriptions/
895 B
922 B
XHR
General
Full URL
https://wetransfer.com/api/v4/nu_subscriptions/pricing?country_code=FR&plan_tier=plus
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-723b282ec219c70d9bdd.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.161.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-161-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b027be4ddd567f3a0abb04757d1b84675246f1dd7f0d89ada9b68f29e5894033
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Frame-Options deny

Request headers

:path
/api/v4/nu_subscriptions/pricing?country_code=FR&plan_tier=plus
pragma
no-cache
cookie
_wt_session=eFZqTE9RSlQ1aDBNVk1LMGFGcUgvOXFIcGNUblVvSUlOZ3U3UFlTOU1OVlZrblRNNlpSdVMzaEhISFEyVUI3WUNPM2RIeGE3bWpWZ2NqMGswMzNyS3QxRWQyTlJWczR5eGt0U1had2Vzenl6OTEyYjcvRVdkTjNxZWJzOXV1ZWlWNFJ4WS9zdytrNGJnVWVjNTQvVE93PT0tLUhCYmlIUEp2V01ick9sUXU5RjI1VkE9PQ%3D%3D--b45dd2ddcbc7001d8e951b6dee9f0f76ec2b09c1; _wt_snowplowses.38f1=*; _wt_snowplowid.38f1=2816ab52-fbdd-474e-b10f-df91d6845f01.1623757240.1.1623757242.1623757240.d405864e-cf58-445a-8427-847d64af084e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
wetransfer.com
referer
https://wetransfer.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime
0.007081
date
Tue, 15 Jun 2021 11:40:41 GMT
content-encoding
gzip
x-frame-options
deny
etag
W/"b2a3944c408563ec2f510c13996bd8a8"
vary
Accept-Encoding, Origin
content-type
application/json
set-cookie
_wt_session=cHJEQWV6QjVjVVJtdDluVjEvYndXNkM0S1dmVnpGV1RVWE9iK25pZjNpeFh6aVpMVlphUlpDWkJOc0pmRXlTMmpQRDExUFBZVlBEbDBmR29KSy9lTDVQMThERFJvNk9VU2FSNUI2UkJxL0FYZjF4eTVCWDlaZmdrbUFTcURSOFZTMWRTTnNyZHd0SGNqeld3cXlSN2NRPT0tLUszVWVIMzcyTnR4Y2hXRDZWWmRSM3c9PQ%3D%3D--436b39bc53f3e9a414004a4e3fa42e36bc065d99; domain=wetransfer.com; path=/; secure; HttpOnly; SameSite=Lax
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=15552000; includeSubDomains;
x-opaque
b5606b841e89a473413d692aa587002f9bf8d1fa-0c2f9f10b6b4348d9-5026
x-request-id
af6aa784-10fb-46f9-b554-c850822fa82e
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/
2 B
335 B
XHR
General
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d19ptbnuzhibkh.cloudfront.net
URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.190.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-190-76.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://wetransfer.com
date
Tue, 15 Jun 2021 11:40:41 GMT
access-control-allow-credentials
true
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
content-type
text/plain; charset=UTF-8
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/
0
0
Preflight
General
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Server
52.16.190.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-190-76.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://wetransfer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 11:40:41 GMT
content-length
0
access-control-allow-origin
https://wetransfer.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
server
akka-http/10.1.12
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/
0
509 B
XHR
General
Full URL
https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-723b282ec219c70d9bdd.es6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.85.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-85-145.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://wetransfer.com/
X-LaunchDarkly-Event-Schema
3
X-LaunchDarkly-User-Agent
JSClient/2.9.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 15 Jun 2021 11:40:44 GMT
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
300
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length
0
Access-Control-Expose-Headers
Date
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e
Protocol
HTTP/1.1
Server
54.85.85.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-85-145.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Origin
https://wetransfer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Tue, 15 Jun 2021 11:40:43 GMT
Content-Type
application/json
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date
Access-Control-Max-Age
300
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackJsonp object| _i18n_ undefined| __session__ object| GlobalSnowplowNamespace function| __snowplow__ object| dataLayer undefined| __trackjs__ object| __recaptcha__ object| recaptchaOptions object| __launch_darkly__ object| __curated_wallpapers__ boolean| __ads_enabled__ string| asset_host boolean| modernBrowser undefined| polyfillScript object| __stripe__ object| __walter_api__ object| __auth0_config__ string| accountAppUrl object| google_tag_manager function| applyFocusVisiblePolyfill function| __tcfapi object| pbjs object| _pbjsGlobals function| Velocity function| onRecaptchaLoaded function| onRecaptchaCallback function| setImmediate function| clearImmediate function| _typeof object| Snowplow object| google_tag_data

4 Cookies

Domain/Path Name / Value
.wetransfer.com/ Name: _wt_session
Value: cHJEQWV6QjVjVVJtdDluVjEvYndXNkM0S1dmVnpGV1RVWE9iK25pZjNpeFh6aVpMVlphUlpDWkJOc0pmRXlTMmpQRDExUFBZVlBEbDBmR29KSy9lTDVQMThERFJvNk9VU2FSNUI2UkJxL0FYZjF4eTVCWDlaZmdrbUFTcURSOFZTMWRTTnNyZHd0SGNqeld3cXlSN2NRPT0tLUszVWVIMzcyTnR4Y2hXRDZWWmRSM3c9PQ%3D%3D--436b39bc53f3e9a414004a4e3fa42e36bc065d99
.wetransfer.com/ Name: _wt_snowplowid.38f1
Value: 2816ab52-fbdd-474e-b10f-df91d6845f01.1623757240.1.1623757242.1623757240.d405864e-cf58-445a-8427-847d64af084e
.wetransfer.com/ Name: _gcl_au
Value: 1.1.1094441843.1623757242
.wetransfer.com/ Name: _wt_snowplowses.38f1
Value: *

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
d19ptbnuzhibkh.cloudfront.net
events.launchdarkly.com
prod-cdn.wetransfer.net
scanner.topsec.com
snowplow.wetransfer.com
wetransfer.com
www.googletagmanager.com
151.101.14.217
2600:9000:21f3:2200:6:bbf2:440:21
2a00:1450:4001:827::2008
35.210.200.138
52.16.190.76
54.216.161.59
54.85.85.145
99.86.241.48
196572e8f27540d635d8f876b1a3d05b7593df8a5c0ba793042bd7a9527bd8d6
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73
246124bfdfbc23dac56a19ac8a486d4742f6da9fc08c8c73e0cef624abc23e8f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
32cc5c9b91d6bfa3f6be5ac76c99fa7053352ebc7ec502ca58f61a5feec147ab
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
6dfd27323527d91bff64e25792695e4c204abf6c8b841b24ac0913974f1d4a77
7ad7d4f79b26cee0a72de1a1cfba6f5c24dafc44f1999bb3acbabf155738e653
7df924cc70821b6412756590712c90299e1f99794e3410e26ea73085767b6a08
85b7524ed1ad9a0992d9fee7f1a884138774ce0a72c33a45e889bf3e31f804a8
a2fe38c0e4e2b96fabe903bb32c79d2120b253a42eb6e0a1b2983e1da53144b0
a41cab3374674fb912cc0e0b9a02db73b57d22f72d0fa09f7608ad6104991d5a
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
ae0f875dd6932b727217bc8901fb421722ab8bc3005110d27e8d842659a39734
b027be4ddd567f3a0abb04757d1b84675246f1dd7f0d89ada9b68f29e5894033
c7b919e57945e339252f35a32d12654a46784a06be0fe6a5b895e0320952b398
cc7e0d7cc08310915a992a565748976a2e945200370d181bdcf2316b7c43bf0a
d4a7c1d8e5a4ca0525b599787d31efeec1edd20e3dd6aa620f669a590263faaa
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9744ea4c8fc672f704d33e411682ebed96840e08649733dadf8214b927ed509