Submitted URL: https://prod-cdn.wetransfer.net/
Effective URL: https://wetransfer.com/
Submission: On May 29 via api from CH

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 34.240.21.9, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is wetransfer.com.
TLS certificate: Issued by Amazon on October 2nd 2019. Valid for: a year.
This is the only time wetransfer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 13.224.95.92 16509 (AMAZON-02)
1 34.240.21.9 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.2 54113 (FASTLY)
2 52.209.65.34 16509 (AMAZON-02)
1 107.23.6.29 14618 (AMAZON-AES)
20 7
Domain Requested by
13 prod-cdn.wetransfer.net wetransfer.com
prod-cdn.wetransfer.net
2 snowplow.wetransfer.com d19ptbnuzhibkh.cloudfront.net
1 events.launchdarkly.com prod-cdn.wetransfer.net
1 app.launchdarkly.com prod-cdn.wetransfer.net
1 www.googletagmanager.com wetransfer.com
1 d19ptbnuzhibkh.cloudfront.net wetransfer.com
1 wetransfer.com prod-cdn.wetransfer.net
20 7

This site contains links to these domains. Also see Links.

Domain
wetransfer.zendesk.com
Subject Issuer Validity Valid
wetransfer.net
Amazon
2019-09-09 -
2020-10-09
a year crt.sh
wetransfer.com
Amazon
2019-10-02 -
2020-11-02
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-22 -
2021-04-23
a year crt.sh
snowplow.wetransfer.com
Amazon
2020-05-16 -
2021-06-16
a year crt.sh
*.launchdarkly.com
Gandi Pro SSL CA 2
2018-09-12 -
2020-10-30
2 years crt.sh

This page contains 1 frames:

Primary Page: https://wetransfer.com/
Frame ID: 15A07B1046C783358030144F3D1B83B7
Requests: 20 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://prod-cdn.wetransfer.net/ Page URL
  2. https://wetransfer.com/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

20
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

667 kB
Transfer

1967 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://prod-cdn.wetransfer.net/ Page URL
  2. https://wetransfer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
prod-cdn.wetransfer.net/
686 B
1011 B
Document
General
Full URL
https://prod-cdn.wetransfer.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99d2816db7e72378d21d6ca51872d9524382cae4e2b83e56f8a604ed161f3842

Request headers

:method
GET
:authority
prod-cdn.wetransfer.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html
content-length
686
date
Fri, 29 May 2020 07:28:28 GMT
last-modified
Wed, 18 Mar 2020 16:12:57 GMT
etag
"3ee1d0339a008c9c15345226df986e30"
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Lod3zWoUtO5AHDishshvxi6zI17NbXD0yIp7JkNbfOMDfqer-ngj9w==
age
27076
Primary Request /
wetransfer.com/
15 KB
6 KB
Document
General
Full URL
https://wetransfer.com/
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.21.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-21-9.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
69f1ac07b4c174a15c0d99d93e1f08a863be5f369b45d641b412a15c1cdef2df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
wetransfer.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://prod-cdn.wetransfer.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://prod-cdn.wetransfer.net/

Response headers

status
200
date
Fri, 29 May 2020 14:59:44 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
cache-control
no-cache, no-store
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
set-cookie
_wt_snowplowid.38f1=a69cf657-1b09-4417-bba7-3c3bd40d2e37.1590764383.0.1590764383.; domain=.wetransfer.com; path=/; expires=Sun, 29 May 2022 14:59:43 GMT; secure _wt_session=QWhkV3dQQ09ISU5tRG05WVhPdTIvejFWc0tVNUJ2UlFVRHdmTURENVloMTlIeXpsQ3c0dXhmK0N2bUs4VzJIRGhuc1RRM0ZuZ2ZRUkhjaVEva0s5VEUySHJma1E1YS9HNkRaUWwzb0E3cHBjcE1HdjlMNklyc0pEelpwMHRGVWZyOCtWZG5OdnRuNC9UTHVNTWd6UmZnPT0tLVlQUEMxLzh6SzNxVlltS3JEb1E2OVE9PQ%3D%3D--2e7197d3c8d26dd2abf97204b941f8fb482fe11b; domain=wetransfer.com; path=/; secure; HttpOnly; SameSite=Lax
vary
Accept-Encoding, Origin
content-encoding
gzip
etag
W/"17b932946a062ae732795698365f5124"
x-request-id
01b51f8a-48ba-4fbf-aa50-ffe37122d697
x-opaque
3b87571911cae2c4becd96b886f044afda3bae02-0c61501d10b2c863a-24449
x-runtime
0.023019
strict-transport-security
max-age=15552000; includeSubDomains;
runtime~application-136a6805e028f42c7cca.es6.js
prod-cdn.wetransfer.net/packs/esm/
5 KB
3 KB
Script
General
Full URL
https://prod-cdn.wetransfer.net/packs/esm/runtime~application-136a6805e028f42c7cca.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f5134f55aa00c4fd6a596f2549348ccb7174f7060ea378c76ae34572b704a38

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 May 2020 11:52:10 GMT
content-encoding
gzip
last-modified
Fri, 29 May 2020 11:03:35 GMT
server
AmazonS3
age
11255
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
ZbjmTgk9KSLwQiee36xxi-rL_0UygQbette09T7oV_LoSijYgeFr6w==
via
1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
application-c338eda83f56e2d445a0.es6.js
prod-cdn.wetransfer.net/packs/esm/
646 KB
165 KB
Script
General
Full URL
https://prod-cdn.wetransfer.net/packs/esm/application-c338eda83f56e2d445a0.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e33fdd5b658ab5b7f5fe9aeaffbb87d1fd44651dd765369e06c244be7bbbc8be

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 May 2020 10:35:18 GMT
content-encoding
gzip
last-modified
Thu, 28 May 2020 10:10:27 GMT
server
AmazonS3
age
102267
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
-3GCoRFROYfoIrPXmSXzSIom0c-pWyPeCBV7wq9VBB4xYnOTZxrY7Q==
via
1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
vendor-3a8cca01bdaa83836a0e.es6.js
prod-cdn.wetransfer.net/packs/esm/
432 KB
134 KB
Script
General
Full URL
https://prod-cdn.wetransfer.net/packs/esm/vendor-3a8cca01bdaa83836a0e.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe9d9c701d4172aa577d31adf9468155799ea04a225091b00094a2342e160d0e

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 May 2020 12:34:19 GMT
content-encoding
gzip
last-modified
Mon, 25 May 2020 12:02:21 GMT
server
AmazonS3
age
354325
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
qirpJ3rg4KvPoiiXjHXamt5XRUMo43Nt3-ZD3xXihlBblYbeVi1_FA==
via
1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
ActiefGrotesque_W_Rg-1f437876.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/
30 KB
31 KB
Font
General
Full URL
https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Rg-1f437876.woff
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wetransfer.com/
Origin
https://wetransfer.com

Response headers

date
Mon, 18 May 2020 14:39:44 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
951601
x-cache
Hit from cloudfront
status
200
content-length
31120
last-modified
Mon, 18 May 2020 13:52:08 GMT
server
AmazonS3
etag
"57cbbfdafc43e0deecc75a309dd042c6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
OpOMtV21vm_H0b32sbfsdCGO0ZFcl69_WZv59zJAoPRScgRXkczWgA==
ActiefGrotesque_W_Md-293e86f0.woff
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/
31 KB
32 KB
Font
General
Full URL
https://prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Md-293e86f0.woff
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wetransfer.com/
Origin
https://wetransfer.com

Response headers

date
Mon, 18 May 2020 14:39:44 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
951601
x-cache
Hit from cloudfront
status
200
content-length
32124
last-modified
Mon, 18 May 2020 13:52:08 GMT
server
AmazonS3
etag
"868aedeefe7669e8a4f7196f7df5d058"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
tyEPJ7iqdQbFPyO0gmcVCAzjHop8uv6jZD2GYGWLFewVHfaQ5n_f3A==
GT-Super-WT-Super-1b214df1.woff
prod-cdn.wetransfer.net/packs/media/gtsuperwt/
42 KB
43 KB
Font
General
Full URL
https://prod-cdn.wetransfer.net/packs/media/gtsuperwt/GT-Super-WT-Super-1b214df1.woff
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wetransfer.com/
Origin
https://wetransfer.com

Response headers

date
Mon, 18 May 2020 14:39:44 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
951601
x-cache
Hit from cloudfront
status
200
content-length
43188
last-modified
Mon, 18 May 2020 13:52:08 GMT
server
AmazonS3
etag
"55576599a2d772f9297c5036d355b1fb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
RLP2JEenTuhHaCXs6GQLT0eeqLlEwZ093WDDkbUyq_zqViq6mNoxeA==
application-a647ec84.chunk.css
prod-cdn.wetransfer.net/packs/css/
351 KB
46 KB
Stylesheet
General
Full URL
https://prod-cdn.wetransfer.net/packs/css/application-a647ec84.chunk.css
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c37fd6571ce4373ad5b8bf93f63b906640644d0796406d52d722da9601855c7

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 May 2020 10:35:18 GMT
content-encoding
gzip
last-modified
Thu, 28 May 2020 10:10:27 GMT
server
AmazonS3
age
102266
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
HEc2wPkv-xzNguT_9McyIykZ8ynztB4K48EjG06rzjX5zgTmSy8Iwg==
via
1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
en-b7fa86dcf33ddac708d0.es6.js
prod-cdn.wetransfer.net/packs/esm/runtime~locale/
2 KB
1 KB
Script
General
Full URL
https://prod-cdn.wetransfer.net/packs/esm/runtime~locale/en-b7fa86dcf33ddac708d0.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ea86c5305a73c5649a1e6107f0ccabe078a955bbd98c3af23849d2b767513f4

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 11:55:14 GMT
content-encoding
gzip
last-modified
Thu, 30 Apr 2020 09:56:57 GMT
server
AmazonS3
age
2516670
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
PDJR32hpRwJf17hmHsPNXj4YH8AcDIFHdXVbl9J1Lm5zMRik7oaswg==
via
1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
en-11440700772eb68417d2.es6.js
prod-cdn.wetransfer.net/packs/esm/locale/
102 KB
31 KB
Script
General
Full URL
https://prod-cdn.wetransfer.net/packs/esm/locale/en-11440700772eb68417d2.es6.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2914bb5ac538f031b23bf44a60e709a1a4f1a55e3d8bc339504474582222611

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 May 2020 12:34:19 GMT
content-encoding
gzip
last-modified
Mon, 25 May 2020 12:02:20 GMT
server
AmazonS3
age
354326
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
ljE35GiR9iBwArtFTF2fbwkC53Eb_KuWQ1nb53RzqSURBlO7KUMQew==
via
1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
prod-cdn.wetransfer.net/assets/
349 B
716 B
Script
General
Full URL
https://prod-cdn.wetransfer.net/assets/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Apr 2020 11:55:03 GMT
via
1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
last-modified
Thu, 30 Apr 2020 09:57:28 GMT
server
AmazonS3
age
2516682
etag
"019dafef616906d42b64043fce694aa3"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
349
x-amz-cf-id
ohFASnXLhHeh2Gu7hPFQYZmNoYYdOpVhwQ6f5L3TTqUxmGkZ8BZJNg==
sp.js
d19ptbnuzhibkh.cloudfront.net/2.10.2/
96 KB
30 KB
Script
General
Full URL
https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2190:ba00:6:bbf2:440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 23:40:34 GMT
content-encoding
gzip
last-modified
Tue, 30 Apr 2019 15:14:08 GMT
server
AmazonS3
age
7399151
etag
"c7b65b3f4e8761897af9a3ca5d76682e"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
29895
via
1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
x-amz-cf-id
iLzAVcOez_uKSjTExhCfFMf_Olfl5dnDWeClnyiJ4Ikp0WAI9hQlBA==
gtm.js
www.googletagmanager.com/
103 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N9N5GP
Requested by
Host: wetransfer.com
URL: https://wetransfer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2270685d1c96a7c6884490cdf9c07c753e04bd69f9a7e9fac6f1c3a60700ed1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 May 2020 14:59:44 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31084
x-xss-protection
0
last-modified
Fri, 29 May 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 May 2020 14:59:44 GMT
5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/
2 B
229 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-3a8cca01bdaa83836a0e.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

X-LaunchDarkly-User-Agent
JSClient/2.9.7
Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 May 2020 14:59:44 GMT
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
status
200
access-control-max-age
300
content-length
26
x-served-by
cache-hhn4031-HHN
access-control-allow-origin
*
x-timer
S1590764384.288510,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
151
FreightSans-Pro-Medium-1243d73c.woff
prod-cdn.wetransfer.net/packs/media/freightsans/
54 KB
55 KB
Font
General
Full URL
https://prod-cdn.wetransfer.net/packs/media/freightsans/FreightSans-Pro-Medium-1243d73c.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-3a8cca01bdaa83836a0e.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://prod-cdn.wetransfer.net/packs/css/application-a647ec84.chunk.css
Origin
https://wetransfer.com

Response headers

date
Thu, 30 Apr 2020 11:55:04 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2516681
x-cache
Hit from cloudfront
status
200
content-length
55500
last-modified
Thu, 30 Apr 2020 09:57:01 GMT
server
AmazonS3
etag
"ad8147768c14e6e7ecc52ab7550f74d1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
1e9B7z9cVuJ-xDaZVm7R8UW9m49o3pMsHYtFieDF1i9u5ElwFBzIGw==
FreightSans-Pro-Semibold-b548f89b.woff
prod-cdn.wetransfer.net/packs/media/freightsans/
58 KB
59 KB
Font
General
Full URL
https://prod-cdn.wetransfer.net/packs/media/freightsans/FreightSans-Pro-Semibold-b548f89b.woff
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-3a8cca01bdaa83836a0e.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://prod-cdn.wetransfer.net/packs/css/application-a647ec84.chunk.css
Origin
https://wetransfer.com

Response headers

date
Thu, 30 Apr 2020 11:55:04 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2516681
x-cache
Hit from cloudfront
status
200
content-length
59464
last-modified
Thu, 30 Apr 2020 09:57:01 GMT
server
AmazonS3
etag
"10e5a40bf97498cd39965488ce760603"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
https://wetransfer.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
FUNmlYl0OJA-GI8gMrwUcd3yh-MS1vJnrgdlSnmOWSbgjiSZapfm1Q==
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/
2 B
336 B
XHR
General
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d19ptbnuzhibkh.cloudfront.net
URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.65.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-65-34.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 29 May 2020 14:59:44 GMT
server
akka-http/10.1.10
status
200
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wetransfer.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
content-length
2
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/
2 B
336 B
XHR
General
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d19ptbnuzhibkh.cloudfront.net
URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.65.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-65-34.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wetransfer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 29 May 2020 14:59:44 GMT
server
akka-http/10.1.10
status
200
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wetransfer.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
content-length
2
5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/
0
464 B
XHR
General
Full URL
https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e
Requested by
Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/packs/esm/vendor-3a8cca01bdaa83836a0e.es6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.6.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-6-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wetransfer.com/
X-LaunchDarkly-Event-Schema
3
X-LaunchDarkly-User-Agent
JSClient/2.9.7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 29 May 2020 14:59:46 GMT
Access-Control-Max-Age
300
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length
0

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonp object| _i18n_ object| __app_settings__ undefined| __session__ object| Wallpapers object| GlobalSnowplowNamespace function| __snowplow__ object| dataLayer object| transferExpiryOptions undefined| __trackjs__ object| __recaptcha__ object| recaptchaOptions object| __launch_darkly__ object| __curated_wallpapers__ boolean| __ads_enabled__ string| asset_host boolean| modernBrowser undefined| polyfillScript object| __stripe__ object| __walter_api__ function| Velocity function| onRecaptchaLoaded function| onRecaptchaCallback object| google_tag_manager function| _typeof object| Snowplow

3 Cookies

Domain/Path Name / Value
.wetransfer.com/ Name: _wt_snowplowses.38f1
Value: *
.wetransfer.com/ Name: _wt_snowplowid.38f1
Value: a69cf657-1b09-4417-bba7-3c3bd40d2e37.1590764383.1.1590764384.1590764383.4fe1a5e9-84c3-4b96-a453-959d5d9ba19e
.wetransfer.com/ Name: _wt_session
Value: QWhkV3dQQ09ISU5tRG05WVhPdTIvejFWc0tVNUJ2UlFVRHdmTURENVloMTlIeXpsQ3c0dXhmK0N2bUs4VzJIRGhuc1RRM0ZuZ2ZRUkhjaVEva0s5VEUySHJma1E1YS9HNkRaUWwzb0E3cHBjcE1HdjlMNklyc0pEelpwMHRGVWZyOCtWZG5OdnRuNC9UTHVNTWd6UmZnPT0tLVlQUEMxLzh6SzNxVlltS3JEb1E2OVE9PQ%3D%3D--2e7197d3c8d26dd2abf97204b941f8fb482fe11b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
d19ptbnuzhibkh.cloudfront.net
events.launchdarkly.com
prod-cdn.wetransfer.net
snowplow.wetransfer.com
wetransfer.com
www.googletagmanager.com
107.23.6.29
13.224.95.92
151.101.114.2
2600:9000:2190:ba00:6:bbf2:440:21
2a00:1450:4001:800::2008
34.240.21.9
52.209.65.34
054b231d728f2c6bd02c7fcac7adf79475e47cc8a9509a94bd727a25603c8781
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f5134f55aa00c4fd6a596f2549348ccb7174f7060ea378c76ae34572b704a38
3ea86c5305a73c5649a1e6107f0ccabe078a955bbd98c3af23849d2b767513f4
4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712b2feb788c8f89f4
4c37fd6571ce4373ad5b8bf93f63b906640644d0796406d52d722da9601855c7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad
69f1ac07b4c174a15c0d99d93e1f08a863be5f369b45d641b412a15c1cdef2df
99d2816db7e72378d21d6ca51872d9524382cae4e2b83e56f8a604ed161f3842
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
e2914bb5ac538f031b23bf44a60e709a1a4f1a55e3d8bc339504474582222611
e33fdd5b658ab5b7f5fe9aeaffbb87d1fd44651dd765369e06c244be7bbbc8be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2270685d1c96a7c6884490cdf9c07c753e04bd69f9a7e9fac6f1c3a60700ed1
fe9d9c701d4172aa577d31adf9468155799ea04a225091b00094a2342e160d0e