wetransfer.com
Open in
urlscan Pro
52.17.149.98
Public Scan
Effective URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Submission: On May 07 via automatic, source urlhaus
Summary
TLS certificate: Issued by Amazon on October 2nd 2019. Valid for: a year.
This is the only time wetransfer.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 192.185.189.40 192.185.189.40 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 1 | 52.222.182.11 52.222.182.11 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.17.149.98 52.17.149.98 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 52.222.190.62 52.222.190.62 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:201... 2600:9000:2016:fe00:6:bbf2:440:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.114.2 151.101.114.2 | 54113 (FASTLY) (FASTLY) | |
2 | 52.209.65.34 52.209.65.34 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 138.197.155.84 138.197.155.84 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 34.195.196.170 34.195.196.170 | 14618 (AMAZON-AES) (AMAZON-AES) | |
23 | 9 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: ns237.websitewelcome.com
mariereiko.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-11.ham50.r.cloudfront.net
we.tl |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-149-98.eu-west-1.compute.amazonaws.com
wetransfer.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-62.ham50.r.cloudfront.net
prod-cdn.wetransfer.net |
ASN16509 (AMAZON-02, US)
d19ptbnuzhibkh.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-65-34.eu-west-1.compute.amazonaws.com
snowplow.wetransfer.com |
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: prd-usage-1.tjsint.net
usage.trackjs.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-196-170.compute-1.amazonaws.com
events.launchdarkly.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
wetransfer.net
prod-cdn.wetransfer.net |
769 KB |
3 |
wetransfer.com
wetransfer.com snowplow.wetransfer.com |
6 KB |
2 |
launchdarkly.com
app.launchdarkly.com events.launchdarkly.com |
694 B |
1 |
trackjs.com
usage.trackjs.com |
229 B |
1 |
googletagmanager.com
www.googletagmanager.com |
28 KB |
1 |
cloudfront.net
d19ptbnuzhibkh.cloudfront.net |
30 KB |
1 |
we.tl
1 redirects
we.tl |
703 B |
1 |
mariereiko.com
mariereiko.com |
176 B |
23 | 8 |
Domain | Requested by | |
---|---|---|
14 | prod-cdn.wetransfer.net |
wetransfer.com
prod-cdn.wetransfer.net |
2 | snowplow.wetransfer.com |
prod-cdn.wetransfer.net
|
1 | events.launchdarkly.com |
prod-cdn.wetransfer.net
|
1 | usage.trackjs.com | |
1 | app.launchdarkly.com |
prod-cdn.wetransfer.net
|
1 | www.googletagmanager.com |
wetransfer.com
|
1 | d19ptbnuzhibkh.cloudfront.net |
wetransfer.com
|
1 | wetransfer.com | |
1 | we.tl | 1 redirects |
1 | mariereiko.com | |
23 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
wetransfer.zendesk.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mariereiko.com Let's Encrypt Authority X3 |
2020-04-01 - 2020-06-30 |
3 months | crt.sh |
wetransfer.com Amazon |
2019-10-02 - 2020-11-02 |
a year | crt.sh |
wetransfer.net Amazon |
2019-09-09 - 2020-10-09 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-04-22 - 2021-04-23 |
a year | crt.sh |
snowplow.wetransfer.com Amazon |
2019-06-14 - 2020-07-14 |
a year | crt.sh |
*.trackjs.com RapidSSL RSA CA 2018 |
2019-06-11 - 2021-09-09 |
2 years | crt.sh |
*.launchdarkly.com Gandi Pro SSL CA 2 |
2018-09-12 - 2020-10-30 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Frame ID: D42980B777E3C6B74209B63D34F39FBF
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://mariereiko.com/ Page URL
-
https://we.tl/t-8SlQn10Jf1
HTTP 302
https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773 Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /^authenticity_token$/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: help center
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://mariereiko.com/ Page URL
-
https://we.tl/t-8SlQn10Jf1
HTTP 302
https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
mariereiko.com/ |
73 B 176 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
585773
wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/ Redirect Chain
|
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime~application-c1f1701447a95635e6f2.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-827ec25334ef3bc2bf54.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
650 KB 166 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-b2b87da46d6e7ec00022.es6.js
prod-cdn.wetransfer.net/packs/esm/ |
431 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-c179a355.chunk.css
prod-cdn.wetransfer.net/packs/css/ |
362 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-b7fa86dcf33ddac708d0.es6.js
prod-cdn.wetransfer.net/packs/esm/runtime~locale/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-25931acab57f91a37c71.es6.js
prod-cdn.wetransfer.net/packs/esm/locale/ |
102 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
prod-cdn.wetransfer.net/assets/ |
349 B 714 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.js
d19ptbnuzhibkh.cloudfront.net/2.10.2/ |
96 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
101 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ |
2 B 230 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FaktProWeb-Normal-797cd375.woff
prod-cdn.wetransfer.net/packs/media/faktpro/ |
75 KB 76 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FaktProWeb-Medium-f905d7a8.woff
prod-cdn.wetransfer.net/packs/media/faktpro/ |
78 KB 78 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FreightSans-Pro-Medium-1243d73c.woff
prod-cdn.wetransfer.net/packs/media/freightsans/ |
54 KB 55 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FreightSans-Pro-Semibold-b548f89b.woff
prod-cdn.wetransfer.net/packs/media/freightsans/ |
58 KB 59 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ActiefGrotesque_W_Rg-9bb6a06b.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ |
30 KB 31 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GTSuperWTBetav5-Super-e5e24a2e.woff
prod-cdn.wetransfer.net/packs/media/gtsuperwt/ |
72 KB 72 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transfer_expired-ebfa2259.png
prod-cdn.wetransfer.net/packs/media/transfer_window/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ |
2 B 335 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usage.gif
usage.trackjs.com/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ |
2 B 335 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ |
0 464 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| _preloaded_transfer_ object| webpackJsonp object| _i18n_ object| __app_settings__ undefined| __session__ object| Wallpapers object| GlobalSnowplowNamespace function| __snowplow__ object| dataLayer undefined| __trackjs__ object| __recaptcha__ object| recaptchaOptions object| __launch_darkly__ object| __curated_wallpapers__ boolean| __ads_enabled__ string| asset_host boolean| modernBrowser undefined| polyfillScript object| __stripe__ object| google_tag_manager function| Velocity function| onRecaptchaLoaded function| onRecaptchaCallback function| _typeof object| Snowplow3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.wetransfer.com/ | Name: _wt_snowplowses.38f1 Value: * |
|
.wetransfer.com/ | Name: _wt_snowplowid.38f1 Value: a74601ff-3bcc-400a-b50f-c50495374077.1588867440.1.1588867441.1588867440.df0c3579-dcc5-4327-b494-5b5182204ec1 |
|
.wetransfer.com/ | Name: _wt_session Value: QnV1ZVJsTFN2Y2kxQWh6UWZmYUpmZ3hmVlFKUWV0ZlRUN09lbldobnZPR1UwZVRXdVFSVlVyU1pySnNXS3JvWGxFSTlHRW5Cc2ZGalZNYTVTaFpYcURCbjlZSjFnQ09ZVUdkVWYrWjBpc3pHRHo5M0p2NnV5eVdlOG85ZURKUFA3dGI3WnREYW9Yb2dLQlR2Q09GZDJnPT0tLTFiYmY0Y2JHRHhvMjhEMVJBenhmSWc9PQ%3D%3D--85e6a2f9a7fd7ddd9269d5afaa9f3121fd103c1d |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.launchdarkly.com
d19ptbnuzhibkh.cloudfront.net
events.launchdarkly.com
mariereiko.com
prod-cdn.wetransfer.net
snowplow.wetransfer.com
usage.trackjs.com
we.tl
wetransfer.com
www.googletagmanager.com
138.197.155.84
151.101.114.2
192.185.189.40
2600:9000:2016:fe00:6:bbf2:440:21
2a00:1450:4001:824::2008
34.195.196.170
52.17.149.98
52.209.65.34
52.222.182.11
52.222.190.62
054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
305cfa94ba8df2d4471eda00d7f7965e9bea76c1470b869bbd8e34d0fa5f75a0
3548ea308efabd2dcea047d0a5110c364e435a81f31aff264b5922a96acd64d3
3ea86c5305a73c5649a1e6107f0ccabe078a955bbd98c3af23849d2b767513f4
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5bbb435af5638c98bcea9055c4bcec2326374441172ad316163c7bddc4c8f454
5d25906433033406ebe58a2484bb03680b1a008887b2f66091bfad333a44b1e5
5e6df16cfa00ed6add7c507630d5c368dea74e491d2f9b342367e94ef9926b7c
688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad
75ddaa6d13a11f8aac731f9acb3d9d738efda617b8d0415f536f18baccfd8310
789f464f17b76616b3c96aeb28d6e3b7558acf9bf586d272ede6830ece109190
8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6
a538a491588ce731ca8f491dc6c314eb9d83774fd8d3556fa3b0ccdb9d5cdfb8
ae99ec14c3144146a80e9f097012ad4fb5c540e9e82aa4fb6cd35b32b573a1d5
b51dfb9c9f8be79b156196fec4567b8f3c7ace220a49710bbf2cddeb0a15fdad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaddc3fb78d635f6abe0194b732e54a2fb4fc0c71669b50c98b02ac36feb813d
fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994