download.wetransfer.com

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 13.224.196.6, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is download.wetransfer.com.
TLS certificate: Issued by Amazon on October 2nd 2019. Valid for: a year.

This is the only time download.wetransfer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.224.196.6 13.224.196.6	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	13.224.196.88 13.224.196.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2

1 13.224.196.6 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-6.fra2.r.cloudfront.net

download.wetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.196.88 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-88.fra2.r.cloudfront.net

assets.wetransfer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	wetransfer.net assets.wetransfer.net	151 KB
1	wetransfer.com download.wetransfer.com	9 KB
3	2

	Domain	Requested by
2	assets.wetransfer.net	download.wetransfer.com
1	download.wetransfer.com
3	2

This site contains links to these domains. Also see Links.

Domain
wetransfer.com

Subject Issuer	Validity	Valid
wetransfer.com Amazon	`2019-10-02` - `2020-11-02`	a year	crt.sh
wetransfer.net Amazon	`2019-09-09` - `2020-10-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://download.wetransfer.com//eu2/cccd6a624a1930c69796fb6b4d8acd3220191111085602/6ac107e5983ccb1c1794f99ac78540a8daff13b0/PackMLConnector.1.17.4.1.exe?cf=y&token=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NzM0NjkzODEsInVuaXF1ZSI6ImNjY2Q2YTYyNGExOTMwYzY5Nzk2ZmI2Y
Frame ID: AC8365CCFC4A5C03778D42890C9B30E7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

161 kB
Transfer

159 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wetransfer.com/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	400 Bad Request	Primary Request PackMLConnector.1.17.4.1.exe Show response download.wetransfer.com//eu2/cccd6a624a1930c69796fb6b4d8acd3220191111085602/6ac107e5983ccb1c1794f99ac78540a8daff13b0/	9 KB 9 KB	95ms 38ms	Document text/html	13.224.196.6 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://download.wetransfer.com//eu2/cccd6a624a1930c69796fb6b4d8acd3220191111085602/6ac107e5983ccb1c1794f99ac78540a8daff13b0/PackMLConnector.1.17.4.1.exe?cf=y&token=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NzM0NjkzODEsInVuaXF1ZSI6ImNjY2Q2YTYyNGExOTMwYzY5Nzk2ZmI2Y Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.6 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-6.fra2.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash `2e87473c184fd3e8529a9197d802f25b22b943d51a0a1a41d8744eefe6ffd965` Request headers Host download.wetransfer.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Sec-Fetch-Mode navigate Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-User ?1 Response headers Content-Type text/html Content-Length 9119 Connection keep-alive Server nginx/1.14.0 (Ubuntu) Date Tue, 03 Dec 2019 05:44:10 GMT Content-Transfer-Encoding binary Content-Encoding none Cache-Control private, no-transform, no-store X-Cache Error from cloudfront Via 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C1 X-Amz-Cf-Id LA4g7qeVpeU6Rz_eM-4WCSHoL92vwFZ726Ct4t-aYFawR4bzc677gQ==
GET H/1.1	200 OK	FreightSans-Pro-Medium.woff assets.wetransfer.net/fonts/	74 KB 75 KB	47ms 6ms	Font application/font-woff	13.224.196.88 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://assets.wetransfer.net/fonts/FreightSans-Pro-Medium.woff Requested by Host: download.wetransfer.com URL: https://download.wetransfer.com//eu2/cccd6a624a1930c69796fb6b4d8acd3220191111085602/6ac107e5983ccb1c1794f99ac78540a8daff13b0/PackMLConnector.1.17.4.1.exe?cf=y&token=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NzM0NjkzODEsInVuaXF1ZSI6ImNjY2Q2YTYyNGExOTMwYzY5Nzk2ZmI2Y Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.88 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-88.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `dc614c1fadd029529cbadd31a6694975c2c46a369357b89888b6c3c78631129e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://download.wetransfer.com//eu2/cccd6a624a1930c69796fb6b4d8acd3220191111085602/6ac107e5983ccb1c1794f99ac78540a8daff13b0/PackMLConnector.1.17.4.1.exe?cf=y&token=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NzM0NjkzODEsInVuaXF1ZSI6ImNjY2Q2YTYyNGExOTMwYzY5Nzk2ZmI2Y Origin https://download.wetransfer.com Response headers x-amz-version-id null Via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Age 86243 X-Cache Hit from cloudfront Date Mon, 02 Dec 2019 05:46:48 GMT Connection keep-alive Content-Length 75860 Last-Modified Sat, 24 Sep 2016 12:42:39 GMT Server AmazonS3 ETag "d49e1526cc8a32f4ca6438311c7bc8f7" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/font-woff Access-Control-Allow-Origin * X-Amz-Cf-Pop FRA2-C1 Accept-Ranges bytes X-Amz-Cf-Id w5_pY4jF3V-on5J-7QLTKogxGKZOsP9w2s9RfEeN86nRmAR-Dd3Q1g==
GET H/1.1	200 OK	FaktPro-Normal.woff assets.wetransfer.net/fonts/	76 KB 77 KB	48ms 8ms	Font application/font-woff	13.224.196.88 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://assets.wetransfer.net/fonts/FaktPro-Normal.woff Requested by Host: download.wetransfer.com URL: https://download.wetransfer.com//eu2/cccd6a624a1930c69796fb6b4d8acd3220191111085602/6ac107e5983ccb1c1794f99ac78540a8daff13b0/PackMLConnector.1.17.4.1.exe?cf=y&token=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NzM0NjkzODEsInVuaXF1ZSI6ImNjY2Q2YTYyNGExOTMwYzY5Nzk2ZmI2Y Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.88 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-196-88.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `94b790784c5d43e91abac3d41b2e210248a70c6def5973555b44abef7f7d975c` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://download.wetransfer.com//eu2/cccd6a624a1930c69796fb6b4d8acd3220191111085602/6ac107e5983ccb1c1794f99ac78540a8daff13b0/PackMLConnector.1.17.4.1.exe?cf=y&token=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NzM0NjkzODEsInVuaXF1ZSI6ImNjY2Q2YTYyNGExOTMwYzY5Nzk2ZmI2Y Origin https://download.wetransfer.com Response headers x-amz-version-id null Via 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront) Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Age 86243 X-Cache Hit from cloudfront Date Mon, 02 Dec 2019 05:46:48 GMT Connection keep-alive Content-Length 77690 Last-Modified Mon, 29 Aug 2016 15:21:53 GMT Server AmazonS3 ETag "81174403a581c5cf0ded1de72e0b98e9" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/font-woff Access-Control-Allow-Origin * X-Amz-Cf-Pop FRA2-C1 Accept-Ranges bytes X-Amz-Cf-Id Eoh6xbW7uduxyHvmY9rwigDje7xhn14o0QAyYQovlCff1nEioUAggw==

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| encodedError

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://download.wetransfer.com//eu2/cccd6a624a1930c69796fb6b4d8acd3220191111085602/6ac107e5983ccb1c1794f99ac78540a8daff13b0/PackMLConnector.1.17.4.1.exe?cf=y&token=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NzM0NjkzODEsInVuaXF1ZSI6ImNjY2Q2YTYyNGExOTMwYzY5Nzk2ZmI2Y(Line 174) Message: v0:w9YORid92e1IGvyxPoekL+f0QQ2xwR3ivpz0l U/mvJPk/DiBZvlddttw24RY69t3dH1lG2IhgnBUl x1cqk36XmJkA4TAcMq+grky2+ASPKr5qwCjNE2Tm fzrNbCMyasqZWXPSH/lNwyTvq79wjvXGV1ZxVme3 bt/r/xVIqGPdUpmcQTYm8jMbrPvuCS2v8Kge3EcF K0sAH1xB7Quhlh0Zlc73sy7H8UaJ65B9E4ezq8eq EnetYN4L+cLUohOfRJ2xshMwj080RYnpMLwxWUq6 Fl4Nx8gkIHVhHqsalPfEAd5bBN4a9Z2OdZ0o5yAb exML1HatY/k8y4OWVtwMNrxoYAro6v4HUHZFSYrc 1SrKM1Ot6gJxfFqO0jNSPwrangSvKRG7Hcib7ZED wh9uoN/rtFJBchVzpTsx2PG0fmJwL0q2dEdg/D9z AqLeDtJtIZ/dYmFgRzIOIhG8JZALNJQVnOgOxhCZ YAPDkxm7BRokPTIg6KqRDSu0TFcZzxVbU9PgPGF0 r8/oJeVwnnJwjHnkuiYzIFnYfNp63O3b4UlvN+f4 ft81fR8TOp2C7smYo0lqFaYHnlpYwB0pZI0hjDsh YuatVe/h6zakWVUwu1fqQrZstmv2fYz8VZfLEFJn BoXZMiGZJ1X7qU2VL+4SYm2n4Z7VCORZBigrCPbx awNSxC9gcTCvssm7KXxmVsH6iPQEdj+Ab1fMOr4M AcNftZ8i1WoE0MKEaoiPktkTmfhLNMz5ECXHzCvL XPrpysMPkbPYQfDPSeAY+/MGts394ZwLesEha4+v bBGmd8DAQfF77+oWw4hTqJxKQC8rJxXjhjTT0b/o MenUd+4uiHb6zfSNTWSBpkveU4WLpBLmwnk2ho2/ 1zqjTVNhkjda+QNbhF5c0KBP9EYNIlAOCIQFPUy0 /zwrNRWnoqbGchMX73KtysETj+37FDuUoyM2ljsj KI4IFnCoTpt05YzZOr5atq86zZdEwmDZTQeJbl03 eZqzdL0XumQyI9uOEci+1bk8yU0tTU5y7peM6RBv V+VSTJ2siXMuaeeDPZ7HclHFM19kPmOD6413lVmC Nt69tMA6H+qmM6Y7yCZBu8VMpHVyza376ihcGu9F 4hzOT5uHDAxKjbIxuv1vnGTqi6q9LUZO7ocyYTrk BOiBm49yW3ao3cuFoDdrp215Q0ySspn4VgVFTim1 J0Yfh43bwwBS94tkpjH+hfv127tUeyhBrECH5T7s EW9KrsXBQb2UW5vl/aqfmPUP3RH0m8iGNrkLEl0S Z49C5xdrVqh6XNiElMjGQ47cawvJuyxDNnEZN144 wiINSb763f32Fuhl+WKPkVz8shRU7Z+NhUs7pEjw Just1TTP3FZe9xh1nACGln3GxU3zvPZhYbSkEiTf zI/DVa+dfBr4TMDHzeUn6mjAyXqv/cqm4ojcp3RE S+HpPiT1NBt7gfhof+Gc4gqqZmpXx7OZjwlCdiTc g7rSM9wW6eJh1fTyj7bBmtxhf06SiOtXuEye0S/j dn+z0o8R00QJoejEURZfepuRJP9gR88pC5Y4lSEm P+A00f0gz4N+UIVni0vGZ87AfCAclZTM+F2Lznax uK2Zh4+uB/DCh8mx2kzoqoniF3Om3Csdxvkwa98k BI3cWGp0rP8u2Lax8nwRxdVdZVTzBbudSx6merOz YUhv8BRNeBEH5Usqh7lgY4rXO4Vv9N9FmPx/pf2m RUWUowQMSOwy2utlJIv9sYSoPQIgoMIwV1HE/14+ 7hBxL+z3Lqk2XP1cKH2KxSBXbVKm4iFtbQ5Atu+T EGQK8H8CJkMug/Q/+zvS10jfmX2pZKIEbhKTXQ=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.wetransfer.net
download.wetransfer.com
13.224.196.6
13.224.196.88
2e87473c184fd3e8529a9197d802f25b22b943d51a0a1a41d8744eefe6ffd965
94b790784c5d43e91abac3d41b2e210248a70c6def5973555b44abef7f7d975c
dc614c1fadd029529cbadd31a6694975c2c46a369357b89888b6c3c78631129e

download.wetransfer.com Open in urlscan Pro 13.224.196.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

161 kBTransfer

159 kBSize

0 Cookies

1 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

download.wetransfer.com Open in urlscan Pro
13.224.196.6 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

161 kB
Transfer

159 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions