urlscan.io logo urlscan.io
SecurityTrails logo

wetransfer.com Open in urlscan Pro
52.17.149.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mariereiko.com/
Effective URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Submission: On May 07 via automatic, source urlhaus
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 23 HTTP transactions. The main IP is 52.17.149.98, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is wetransfer.com.
TLS certificate: Issued by Amazon on October 2nd 2019. Valid for: a year.
This is the only time wetransfer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 192.185.189.40 46606 (UNIFIEDLA...)
1 1 52.222.182.11 16509 (AMAZON-02)
1 52.17.149.98 16509 (AMAZON-02)
14 52.222.190.62 16509 (AMAZON-02)
1 2600:9000:201... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.2 54113 (FASTLY)
2 52.209.65.34 16509 (AMAZON-02)
1 138.197.155.84 14061 (DIGITALOC...)
1 34.195.196.170 14618 (AMAZON-AES)
23 9
1    192.185.189.40 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: ns237.websitewelcome.com
mariereiko.com
1    52.222.182.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-11.ham50.r.cloudfront.net
we.tl
1    52.17.149.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-149-98.eu-west-1.compute.amazonaws.com
wetransfer.com
14    52.222.190.62 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-62.ham50.r.cloudfront.net
prod-cdn.wetransfer.net
1    2600:9000:2016:fe00:6:bbf2:440:21 (United States)

ASN16509 (AMAZON-02, US)
d19ptbnuzhibkh.cloudfront.net
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
app.launchdarkly.com
2    52.209.65.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-65-34.eu-west-1.compute.amazonaws.com
snowplow.wetransfer.com
1    138.197.155.84 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: prd-usage-1.tjsint.net
usage.trackjs.com
1    34.195.196.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-196-170.compute-1.amazonaws.com
events.launchdarkly.com
Domain Requested by
14 prod-cdn.wetransfer.net wetransfer.com
prod-cdn.wetransfer.net
2 snowplow.wetransfer.com prod-cdn.wetransfer.net
1 events.launchdarkly.com prod-cdn.wetransfer.net
1 usage.trackjs.com
1 app.launchdarkly.com prod-cdn.wetransfer.net
1 www.googletagmanager.com wetransfer.com
1 d19ptbnuzhibkh.cloudfront.net wetransfer.com
1 wetransfer.com
1 we.tl 1 redirects
1 mariereiko.com
23 10

This site contains links to these domains. Also see Links.

Domain
wetransfer.zendesk.com
Subject Issuer Validity Valid
mariereiko.com
Let's Encrypt Authority X3		 2020-04-01 -
2020-06-30		 3 months crt.sh
wetransfer.com
Amazon		 2019-10-02 -
2020-11-02		 a year crt.sh
wetransfer.net
Amazon		 2019-09-09 -
2020-10-09		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-22 -
2021-04-23		 a year crt.sh
snowplow.wetransfer.com
Amazon		 2019-06-14 -
2020-07-14		 a year crt.sh
*.trackjs.com
RapidSSL RSA CA 2018		 2019-06-11 -
2021-09-09		 2 years crt.sh
*.launchdarkly.com
Gandi Pro SSL CA 2		 2018-09-12 -
2020-10-30		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Frame ID: D42980B777E3C6B74209B63D34F39FBF
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mariereiko.com/ Page URL
  2. https://we.tl/t-8SlQn10Jf1 HTTP 302
    https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773 Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

23
Requests

100 %
HTTPS

20 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

834 kB
Transfer

2146 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mariereiko.com/ Page URL
  2. https://we.tl/t-8SlQn10Jf1 HTTP 302
    https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mariereiko.com/ 		73 B
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mariereiko.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.189.40 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
ns237.websitewelcome.com
Software
Apache /
Resource Hash
5e6df16cfa00ed6add7c507630d5c368dea74e491d2f9b342367e94ef9926b7c

Request headers

:method
GET
:authority
mariereiko.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 07 May 2020 16:04:00 GMT
server
Apache
vary
Accept-Encoding
content-encoding
gzip
content-length
91
content-type
text/html
Primary Request 585773
wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/
Redirect Chain
  • https://we.tl/t-8SlQn10Jf1
  • https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.149.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-149-98.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3548ea308efabd2dcea047d0a5110c364e435a81f31aff264b5922a96acd64d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
wetransfer.com
:scheme
https
:path
/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://mariereiko.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mariereiko.com/

Response headers

status
200
date
Thu, 07 May 2020 16:04:00 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
cache-control
no-cache, no-store
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
set-cookie
_wt_snowplowid.38f1=a74601ff-3bcc-400a-b50f-c50495374077.1588867440.0.1588867440.; domain=.wetransfer.com; path=/; expires=Sat, 07 May 2022 16:04:00 GMT; secure _wt_session=QnV1ZVJsTFN2Y2kxQWh6UWZmYUpmZ3hmVlFKUWV0ZlRUN09lbldobnZPR1UwZVRXdVFSVlVyU1pySnNXS3JvWGxFSTlHRW5Cc2ZGalZNYTVTaFpYcURCbjlZSjFnQ09ZVUdkVWYrWjBpc3pHRHo5M0p2NnV5eVdlOG85ZURKUFA3dGI3WnREYW9Yb2dLQlR2Q09GZDJnPT0tLTFiYmY0Y2JHRHhvMjhEMVJBenhmSWc9PQ%3D%3D--85e6a2f9a7fd7ddd9269d5afaa9f3121fd103c1d; domain=wetransfer.com; path=/; secure; HttpOnly; SameSite=Lax
vary
Accept-Encoding, Origin
content-encoding
gzip
etag
W/"80e52e3d887aa5d620c4eef12044bd94"
x-request-id
a00c275e-c9d2-4ca3-9380-79ea1af80334
x-opaque
c6adb5f9a89ab2c2ae92105279c70e497944ecd5-0d326fb030a152a41-23514
x-runtime
0.029936
strict-transport-security
max-age=15552000; includeSubDomains;

Redirect headers

Content-Type
text/html;charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
public, max-age=3600
Date
Thu, 07 May 2020 16:04:00 GMT
Expires
Thu, 07 May 2020 17:04:00 GMT
Location
https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Request-Id
e4f04a5706dc5da468c709d1b1c3e1cf
X-XSS-Protection
1; mode=block
X-Cache
Miss from cloudfront
Via
1.1 cadd28ddf17473bac9ce00c18f8e1bc2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C1
X-Amz-Cf-Id
QfbSMA_A4aNM4A7VYl-b_A1Li7dQFcm8k5mylOmflrxXMyeQY0MmHA==
runtime~application-c1f1701447a95635e6f2.es6.js
prod-cdn.wetransfer.net/packs/esm/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/runtime~application-c1f1701447a95635e6f2.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b51dfb9c9f8be79b156196fec4567b8f3c7ace220a49710bbf2cddeb0a15fdad

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 13:18:52 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 10:23:17 GMT
server
AmazonS3
age
269110
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
6Md39SZFd5RY3lsnRrVGffqE1S9Sezs0J6FCei5hySYhfkiiWbBLgg==
via
1.1 84465451fc5898ca8155a82c8976074f.cloudfront.net (CloudFront)
application-827ec25334ef3bc2bf54.es6.js
prod-cdn.wetransfer.net/packs/esm/ 		650 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/application-827ec25334ef3bc2bf54.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d25906433033406ebe58a2484bb03680b1a008887b2f66091bfad333a44b1e5

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 12:33:29 GMT
content-encoding
gzip
last-modified
Thu, 07 May 2020 12:23:10 GMT
server
AmazonS3
age
12633
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
bwoj60WHVczMJziOXOW7RJgH5wAo9qQI40NZxNM7guNzBVDo5MbfuA==
via
1.1 84465451fc5898ca8155a82c8976074f.cloudfront.net (CloudFront)
vendor-b2b87da46d6e7ec00022.es6.js
prod-cdn.wetransfer.net/packs/esm/ 		431 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae99ec14c3144146a80e9f097012ad4fb5c540e9e82aa4fb6cd35b32b573a1d5

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 13:18:52 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 10:23:18 GMT
server
AmazonS3
age
269110
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
4jcVj7pROcsWYrpFgvovrvLO8NsDai9q2XcUCPkv-qefj2_0q9pcXA==
via
1.1 84465451fc5898ca8155a82c8976074f.cloudfront.net (CloudFront)
application-c179a355.chunk.css
prod-cdn.wetransfer.net/packs/css/ 		362 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/css/application-c179a355.chunk.css
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a538a491588ce731ca8f491dc6c314eb9d83774fd8d3556fa3b0ccdb9d5cdfb8

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 06 May 2020 14:21:32 GMT
content-encoding
gzip
last-modified
Wed, 06 May 2020 09:32:18 GMT
server
AmazonS3
age
92550
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
s0DQ3_L-QyFQlWQq2nKWz-1RiBOpiiYegmuYBBfR08cuqCTeb3utIw==
via
1.1 84465451fc5898ca8155a82c8976074f.cloudfront.net (CloudFront)
en-b7fa86dcf33ddac708d0.es6.js
prod-cdn.wetransfer.net/packs/esm/runtime~locale/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/runtime~locale/en-b7fa86dcf33ddac708d0.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ea86c5305a73c5649a1e6107f0ccabe078a955bbd98c3af23849d2b767513f4

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 11:56:29 GMT
content-encoding
gzip
last-modified
Thu, 30 Apr 2020 09:56:57 GMT
server
AmazonS3
age
619653
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
etdi1UrOVP42avGVZhYCywI9oM9J0xKSaPtkfvEgdH3eOCDB0SsISA==
via
1.1 84465451fc5898ca8155a82c8976074f.cloudfront.net (CloudFront)
en-25931acab57f91a37c71.es6.js
prod-cdn.wetransfer.net/packs/esm/locale/ 		102 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/esm/locale/en-25931acab57f91a37c71.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75ddaa6d13a11f8aac731f9acb3d9d738efda617b8d0415f536f18baccfd8310

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 11:56:29 GMT
content-encoding
gzip
last-modified
Thu, 30 Apr 2020 09:56:56 GMT
server
AmazonS3
age
619653
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
hZXvNr244913KDFQJJc2z3W6qYMp76ufQX1yxdEGjATmAW7rHQ8_4Q==
via
1.1 84465451fc5898ca8155a82c8976074f.cloudfront.net (CloudFront)
advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
prod-cdn.wetransfer.net/assets/ 		349 B
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/assets/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 11:55:14 GMT
via
1.1 84465451fc5898ca8155a82c8976074f.cloudfront.net (CloudFront)
last-modified
Thu, 30 Apr 2020 09:57:28 GMT
server
AmazonS3
age
619728
etag
"019dafef616906d42b64043fce694aa3"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-length
349
x-amz-cf-id
UQsAlmhiWX0GUtFwKRpcoP8PsiVICvitpl-lwCzcVE9bHlR2FH9XUQ==
sp.js
d19ptbnuzhibkh.cloudfront.net/2.10.2/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:fe00:6:bbf2:440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:28:08 GMT
content-encoding
gzip
last-modified
Tue, 30 Apr 2019 15:14:08 GMT
server
AmazonS3
age
689754
etag
"c7b65b3f4e8761897af9a3ca5d76682e"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=315360000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-length
29895
via
1.1 d148104ad832292f01e6a1dab7079d58.cloudfront.net (CloudFront)
x-amz-cf-id
hqZo73tbAU7eAPqLLEfX_UoJCg8uoPxKqX3wZ2xJVg5AKoof6PE-QQ==
gtm.js
www.googletagmanager.com/ 		101 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N9N5GP
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/downloads/0658d52a5c9e22d6366ee6bf971ec22520200429154959/585773
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5bbb435af5638c98bcea9055c4bcec2326374441172ad316163c7bddc4c8f454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 16:04:01 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28639
x-xss-protection
0
last-modified
Thu, 07 May 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 May 2020 16:04:01 GMT
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ 		2 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

X-LaunchDarkly-User-Agent
JSClient/2.9.7
Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 16:04:01 GMT
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
status
200
access-control-max-age
300
content-length
26
x-served-by
cache-hhn4071-HHN
access-control-allow-origin
*
x-timer
S1588867441.364211,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
323
FaktProWeb-Normal-797cd375.woff
prod-cdn.wetransfer.net/packs/media/faktpro/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/faktpro/FaktProWeb-Normal-797cd375.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prod-cdn.wetransfer.net/packs/css/application-c179a355.chunk.css
Origin
https://wetransfer.com

Response headers

date
Thu, 30 Apr 2020 11:55:15 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
619727
x-cache
Hit from cloudfront
status
200
content-length
77227
last-modified
Thu, 30 Apr 2020 09:57:01 GMT
server
AmazonS3
etag
"21ad0e7e0794c2b771203c61d35d9b38"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
x-amz-cf-id
Hg6-sqdoWxKK84xtbyDS58YXt7hJ-JGq976gsJLPjX96Kk35wU3Wdw==
FaktProWeb-Medium-f905d7a8.woff
prod-cdn.wetransfer.net/packs/media/faktpro/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/faktpro/FaktProWeb-Medium-f905d7a8.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prod-cdn.wetransfer.net/packs/css/application-c179a355.chunk.css
Origin
https://wetransfer.com

Response headers

date
Thu, 30 Apr 2020 11:55:15 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
619727
x-cache
Hit from cloudfront
status
200
content-length
79755
last-modified
Thu, 30 Apr 2020 09:57:01 GMT
server
AmazonS3
etag
"0897073eff44c06cf745ca836b0a5fbb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
x-amz-cf-id
abgWECJksnZW_J7I0xf-p6uuj5Nxx9-cUFLWBbYAcpKzCVZpVuMRKQ==
FreightSans-Pro-Medium-1243d73c.woff
prod-cdn.wetransfer.net/packs/media/freightsans/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/freightsans/FreightSans-Pro-Medium-1243d73c.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prod-cdn.wetransfer.net/packs/css/application-c179a355.chunk.css
Origin
https://wetransfer.com

Response headers

date
Thu, 30 Apr 2020 11:55:15 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
619727
x-cache
Hit from cloudfront
status
200
content-length
55500
last-modified
Thu, 30 Apr 2020 09:57:01 GMT
server
AmazonS3
etag
"ad8147768c14e6e7ecc52ab7550f74d1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
x-amz-cf-id
62mmQsyaLtt9vcTiDYHswI2OtE3doVSzXzPyvVeS8mXbrUXSPPt13Q==
FreightSans-Pro-Semibold-b548f89b.woff
prod-cdn.wetransfer.net/packs/media/freightsans/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/freightsans/FreightSans-Pro-Semibold-b548f89b.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prod-cdn.wetransfer.net/packs/css/application-c179a355.chunk.css
Origin
https://wetransfer.com

Response headers

date
Thu, 30 Apr 2020 11:55:15 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
619727
x-cache
Hit from cloudfront
status
200
content-length
59464
last-modified
Thu, 30 Apr 2020 09:57:01 GMT
server
AmazonS3
etag
"10e5a40bf97498cd39965488ce760603"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
x-amz-cf-id
5vIIy61azb6jNq0jLDdc67XKdfUpCa9MCKWGea7P3wcffK5z8dmoYg==
ActiefGrotesque_W_Rg-9bb6a06b.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Rg-9bb6a06b.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eaddc3fb78d635f6abe0194b732e54a2fb4fc0c71669b50c98b02ac36feb813d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prod-cdn.wetransfer.net/packs/css/application-c179a355.chunk.css
Origin
https://wetransfer.com

Response headers

date
Thu, 30 Apr 2020 11:55:15 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
619727
x-cache
Hit from cloudfront
status
200
content-length
31184
last-modified
Thu, 30 Apr 2020 09:57:00 GMT
server
AmazonS3
etag
"f3c9d0aa102428f3c31af12ff64e4a56"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
x-amz-cf-id
ownkRMTP-wzAfgCm0FNbvkew-TA7eDeYWRGjKhohbAtMaphOzqKTaw==
GTSuperWTBetav5-Super-e5e24a2e.woff
prod-cdn.wetransfer.net/packs/media/gtsuperwt/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-cdn.wetransfer.net/packs/media/gtsuperwt/GTSuperWTBetav5-Super-e5e24a2e.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
305cfa94ba8df2d4471eda00d7f7965e9bea76c1470b869bbd8e34d0fa5f75a0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prod-cdn.wetransfer.net/packs/css/application-c179a355.chunk.css
Origin
https://wetransfer.com

Response headers

date
Thu, 30 Apr 2020 11:55:15 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
619727
x-cache
Hit from cloudfront
status
200
content-length
73336
last-modified
Thu, 30 Apr 2020 09:57:01 GMT
server
AmazonS3
etag
"066eccf30e6074acc1ed82e8ca5e0ff3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
x-amz-cf-id
coMGURZtwWGj1p3KrcncZjFtXA3LqpcVTvekA6stNLE7_SSoUHjh8w==
transfer_expired-ebfa2259.png
prod-cdn.wetransfer.net/packs/media/transfer_window/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-cdn.wetransfer.net/packs/media/transfer_window/transfer_expired-ebfa2259.png
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
789f464f17b76616b3c96aeb28d6e3b7558acf9bf586d272ede6830ece109190

Request headers

Referer
https://prod-cdn.wetransfer.net/packs/css/application-c179a355.chunk.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 11:58:07 GMT
via
1.1 84465451fc5898ca8155a82c8976074f.cloudfront.net (CloudFront)
last-modified
Thu, 30 Apr 2020 09:57:04 GMT
server
AmazonS3
age
619555
etag
"a75ee8a5460dc5d83b45416d25b2cf95"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-length
15348
x-amz-cf-id
3ZrcKcCmJJjGA7JKwW7Lhh8fTqbn324h2wK_jBEzd_OGijy98X67KQ==
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 		2 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.65.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-65-34.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 07 May 2020 16:04:01 GMT
server
akka-http/10.1.10
status
200
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wetransfer.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
content-length
2
usage.gif
usage.trackjs.com/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usage.trackjs.com/usage.gif?token=c695133a6747471db439aca0a2500556&correlationId=f1825300-553d-4915-9f63-6c24b57cf438&application=frontend-wetransfer&x=3de56bb8-6f76-44c8-8f37-fdacb3f99861&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.197.155.84 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prd-usage-1.tjsint.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 07 May 2020 16:04:01 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 		2 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.65.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-65-34.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 07 May 2020 16:04:01 GMT
server
akka-http/10.1.10
status
200
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wetransfer.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
content-length
2
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-b2b87da46d6e7ec00022.es6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.196.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-196-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wetransfer.com/
X-LaunchDarkly-Event-Schema
3
X-LaunchDarkly-User-Agent
JSClient/2.9.7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 07 May 2020 16:04:03 GMT
Access-Control-Max-Age
300
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length
0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _preloaded_transfer_ object| webpackJsonp object| _i18n_ object| __app_settings__ undefined| __session__ object| Wallpapers object| GlobalSnowplowNamespace function| __snowplow__ object| dataLayer undefined| __trackjs__ object| __recaptcha__ object| recaptchaOptions object| __launch_darkly__ object| __curated_wallpapers__ boolean| __ads_enabled__ string| asset_host boolean| modernBrowser undefined| polyfillScript object| __stripe__ object| google_tag_manager function| Velocity function| onRecaptchaLoaded function| onRecaptchaCallback function| _typeof object| Snowplow

3 Cookies

Domain/Path Name / Value
.wetransfer.com/ Name: _wt_snowplowses.38f1
Value: *
.wetransfer.com/ Name: _wt_snowplowid.38f1
Value: a74601ff-3bcc-400a-b50f-c50495374077.1588867440.1.1588867441.1588867440.df0c3579-dcc5-4327-b494-5b5182204ec1
.wetransfer.com/ Name: _wt_session
Value: QnV1ZVJsTFN2Y2kxQWh6UWZmYUpmZ3hmVlFKUWV0ZlRUN09lbldobnZPR1UwZVRXdVFSVlVyU1pySnNXS3JvWGxFSTlHRW5Cc2ZGalZNYTVTaFpYcURCbjlZSjFnQ09ZVUdkVWYrWjBpc3pHRHo5M0p2NnV5eVdlOG85ZURKUFA3dGI3WnREYW9Yb2dLQlR2Q09GZDJnPT0tLTFiYmY0Y2JHRHhvMjhEMVJBenhmSWc9PQ%3D%3D--85e6a2f9a7fd7ddd9269d5afaa9f3121fd103c1d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
d19ptbnuzhibkh.cloudfront.net
events.launchdarkly.com
mariereiko.com
prod-cdn.wetransfer.net
snowplow.wetransfer.com
usage.trackjs.com
we.tl
wetransfer.com
www.googletagmanager.com
138.197.155.84
151.101.114.2
192.185.189.40
2600:9000:2016:fe00:6:bbf2:440:21
2a00:1450:4001:824::2008
34.195.196.170
52.17.149.98
52.209.65.34
52.222.182.11
52.222.190.62
054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
305cfa94ba8df2d4471eda00d7f7965e9bea76c1470b869bbd8e34d0fa5f75a0
3548ea308efabd2dcea047d0a5110c364e435a81f31aff264b5922a96acd64d3
3ea86c5305a73c5649a1e6107f0ccabe078a955bbd98c3af23849d2b767513f4
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5bbb435af5638c98bcea9055c4bcec2326374441172ad316163c7bddc4c8f454
5d25906433033406ebe58a2484bb03680b1a008887b2f66091bfad333a44b1e5
5e6df16cfa00ed6add7c507630d5c368dea74e491d2f9b342367e94ef9926b7c
688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad
75ddaa6d13a11f8aac731f9acb3d9d738efda617b8d0415f536f18baccfd8310
789f464f17b76616b3c96aeb28d6e3b7558acf9bf586d272ede6830ece109190
8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6
a538a491588ce731ca8f491dc6c314eb9d83774fd8d3556fa3b0ccdb9d5cdfb8
ae99ec14c3144146a80e9f097012ad4fb5c540e9e82aa4fb6cd35b32b573a1d5
b51dfb9c9f8be79b156196fec4567b8f3c7ace220a49710bbf2cddeb0a15fdad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaddc3fb78d635f6abe0194b732e54a2fb4fc0c71669b50c98b02ac36feb813d
fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994