jejjeiii4.w3spaces.com Open in urlscan Pro
2600:9000:2156:8000:b:df74:43c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html
Effective URL:
https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html
Submission Tags: @phish_report
Submission: On May 06 via api (May 6th 2024, 11:54:41 am UTC) from FI — Scanned from FI

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2600:9000:2156:8000:b:df74:43c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is jejjeiii4.w3spaces.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 11th 2023. Valid for: a year.

This is the only time jejjeiii4.w3spaces.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2600:9000:215... 2600:9000:2156:8000:b:df74:43c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:21f... 2600:9000:21f3:2000:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	52.222.232.144 52.222.232.144	16509 (AMAZON-02) (AMAZON-02)
8	3

1 2600:9000:2156:8000:b:df74:43c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

jejjeiii4.w3spaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:2000:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.232.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-144.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 6282	45 KB
3	cloudfront.net d3e54v103j8qbb.cloudfront.net	36 KB
1	w3spaces.com jejjeiii4.w3spaces.com	3 KB
8	3

	Domain	Requested by
4	assets-global.website-files.com	jejjeiii4.w3spaces.com
3	d3e54v103j8qbb.cloudfront.net	jejjeiii4.w3spaces.com
1	jejjeiii4.w3spaces.com
8	3

This site contains links to these domains. Also see Links.

Domain
webflow.com

Subject Issuer	Validity	Valid
*.w3spaces.com Amazon RSA 2048 M02	`2023-06-11` - `2024-07-08`	a year	crt.sh
*.website-files.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-08`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html
Frame ID: E77AA7D4EC11ACE48056E1668715E132
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HOME

Page URL History Show full URLs

http://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html HTTP 307
https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

84 kB
Transfer

200 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://webflow.com/?utm_campaign=brandjs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html HTTP 307
https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request saved-from-Tryit-2024-05-04-swfq3.html Show response jejjeiii4.w3spaces.com/ Redirect Chain http://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html	3 KB 3 KB	936ms 811ms	Document text/html	2600:9000:2156:8000:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:8000:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `4945cd9f141c1aad5f4eed99cdeaba07ec102d574fdb33f3aa5c29ea37347112` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers accept-ranges bytes content-length 3125 content-type text/html date Mon, 06 May 2024 11:54:37 GMT etag "39d849fdde7a880b5b4415f6b2c60e76" last-modified Sat, 04 May 2024 17:25:50 GMT server AmazonS3 via 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront) x-amz-cf-id Yjf0LU6ydPEgZTDLKIQLHWvNpWOTgBHcXv0oawzWpigbHtzWaMZMZg== x-amz-cf-pop FRA50-C1 x-amz-id-2 VO5bDv9m7d6N33XlftYi/bDYHkRHn/ainyzktfkSxwOr+QSfUEQcz/R8IE4wFyjOrsOpaKctIZM= x-amz-request-id FVS5237TJM86D0BX x-amz-server-side-encryption AES256 x-cache Miss from cloudfront Redirect headers Location https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html Non-Authoritative-Reason HttpsUpgrades
GET H2	200	ieii77474-563695-df7598c40cb4ef101f38.webflow.ec9ad07d9.css assets-global.website-files.com/6632c02e3983a4168c2edc46/css/	37 KB 9 KB	567ms 449ms	Stylesheet text/css	2600:9000:21f3:2000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/6632c02e3983a4168c2edc46/css/ieii77474-563695-df7598c40cb4ef101f38.webflow.ec9ad07d9.css Requested by Host: jejjeiii4.w3spaces.com URL: https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `263906d37bf6f44d3a61e54c4e0888eb4c1052254b9494b695acf61e69dba264` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://jejjeiii4.w3spaces.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Mon, 06 May 2024 11:54:38 GMT content-encoding gzip via 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront) x-amz-version-id 2Gx5qxDAcrF5_KZY3NV.isnmtq3pQLaC x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 8650 last-modified Sat, 04 May 2024 17:09:33 GMT server AmazonS3 etag "2a18c23129e4198553dee5b7be5b414f" content-type text/css access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id 7KFb5fV6u6Pa_BikrQqv98BsJ_l-1Ehz0iLoBW4Ya_GPdTTI6viDPQ==
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 31 KB	179ms 63ms	Script application/javascript	52.222.232.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6632c02e3983a4168c2edc46 Requested by Host: jejjeiii4.w3spaces.com URL: https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.144 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-144.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers Referer https://jejjeiii4.w3spaces.com/ Origin https://jejjeiii4.w3spaces.com Accept-Language fi-FI,fi;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Mon, 06 May 2024 04:54:09 GMT content-encoding gzip via 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront) age 31385 x-amz-cf-pop FRA56-P4 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary Accept-Encoding x-amz-cf-id _-laHeeo4ZtEZAGsIrCgvZ9q15R1sReFqQ2bDvoWTw5GQ11te4jq4Q==
GET H2	200	webflow.d198cd1e8.js Show response assets-global.website-files.com/6632c02e3983a4168c2edc46/js/	45 KB 17 KB	586ms 468ms	Script text/javascript	2600:9000:21f3:2000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/6632c02e3983a4168c2edc46/js/webflow.d198cd1e8.js Requested by Host: jejjeiii4.w3spaces.com URL: https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `62e649052123316f643d71c1b5eadc4d8989990bfa8125656bda14301c85afb3` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://jejjeiii4.w3spaces.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Mon, 06 May 2024 11:54:38 GMT content-encoding gzip via 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront) x-amz-version-id YuGjyxyWVO0GXOdIQrnlS7YN3w.4iw52 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 16810 last-modified Sat, 04 May 2024 17:09:33 GMT server AmazonS3 etag "53501831ea786583d44d602ba773b1e8" content-type text/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id hhwvJgOSzwz5dEZ5w_HZNBjSdWF1C6jKDS2k8jCSl7de8CJAxBJ7Sg==
GET H2	200	66366a8c6ff2152d9afc9e0f_eastlink%20logo11.jpg assets-global.website-files.com/6632c02e3983a4168c2edc46/	3 KB 4 KB	452ms 452ms	Image image/jpeg	2600:9000:21f3:2000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/6632c02e3983a4168c2edc46/66366a8c6ff2152d9afc9e0f_eastlink%20logo11.jpg Requested by Host: jejjeiii4.w3spaces.com URL: https://jejjeiii4.w3spaces.com/saved-from-Tryit-2024-05-04-swfq3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `547674809724a5fc5265dda6fa38b4d98de37ac749389f55594de6100b3f6586` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://jejjeiii4.w3spaces.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Mon, 06 May 2024 11:54:38 GMT x-amz-version-id C5mXe4aY8SpmWvIVXgNBf71DOzU2bp1X via 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront) last-modified Sat, 04 May 2024 17:04:16 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "02ac076ff4fa0e35ee6374d049845c25" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-length 3252 x-amz-cf-id CeGIxSosb33_n53qEeax61nAUXwP_jItgoyhGvD1yGWQj9DtK7rBnQ==
GET H2	200	webflow-badge-icon-d2.89e12c322e.svg d3e54v103j8qbb.cloudfront.net/img/	421 B 854 B	166ms 56ms	Image image/svg+xml	52.222.232.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3e54v103j8qbb.cloudfront.net/img/webflow-badge-icon-d2.89e12c322e.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.144 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-144.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `00f45354c11a12591485977633a0e03952cdf1ff2de403e10ec846db8cc508a9` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://jejjeiii4.w3spaces.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Mon, 06 May 2024 02:37:07 GMT via 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront) age 82796 x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 421 last-modified Thu, 21 Sep 2023 16:04:04 GMT server AmazonS3 etag "89e12c322e66c81213861fc9acb8b003" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id 1vO3jVVOGClC_wLIOzFoaQImHhlwBA50NXa82li_sO8WRmUVUcN0kA==
GET H2	200	webflow-badge-text-d2.c82cec3b78.svg d3e54v103j8qbb.cloudfront.net/img/	10 KB 4 KB	167ms 57ms	Image image/svg+xml	52.222.232.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3e54v103j8qbb.cloudfront.net/img/webflow-badge-text-d2.c82cec3b78.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.144 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-144.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `3202cb640fada345ab99415bd087f28e6fea1c3009dba51d183cc37bce036cd7` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://jejjeiii4.w3spaces.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Mon, 06 May 2024 08:43:30 GMT content-encoding br via 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront) last-modified Thu, 21 Sep 2023 16:04:31 GMT server AmazonS3 age 14249 x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 etag W/"c82cec3b78a2b2d267bbfe3c7e838068" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=84600, must-revalidate x-amz-cf-id reu0915Zw1oLpS0DiHNqpxE6g35eQmEYwwXJeFw8Kr2_jD2FirwJIA==
GET H2	200	favicon.ico assets-global.website-files.com/img/	15 KB 15 KB	66ms 66ms	Other image/x-icon	2600:9000:21f3:2000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/img/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `4239819d399860eb27d8a73417f9bd108d45d11676f68b5edaae328ec197d55e` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://jejjeiii4.w3spaces.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers x-amz-version-id C5TuT6ObkzP1GjuEGkIHJatwDHqj5J6N date Mon, 06 May 2024 00:47:48 GMT via 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront) age 40037 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 15086 last-modified Thu, 05 Oct 2023 23:38:20 GMT server AmazonS3 etag "1f894f487d068a2ced95d5cd4f88598c" vary Accept-Encoding content-type image/x-icon access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id ROZHu-azfujWtuwLzJX88blPztDdhqRdASht-ctEP8ilV2PDpHQUQw==

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| tram object| Webflow

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-global.website-files.com
d3e54v103j8qbb.cloudfront.net
jejjeiii4.w3spaces.com
2600:9000:2156:8000:b:df74:43c0:93a1
2600:9000:21f3:2000:12:9e5f:cac0:93a1
52.222.232.144
00f45354c11a12591485977633a0e03952cdf1ff2de403e10ec846db8cc508a9
263906d37bf6f44d3a61e54c4e0888eb4c1052254b9494b695acf61e69dba264
3202cb640fada345ab99415bd087f28e6fea1c3009dba51d183cc37bce036cd7
4239819d399860eb27d8a73417f9bd108d45d11676f68b5edaae328ec197d55e
4945cd9f141c1aad5f4eed99cdeaba07ec102d574fdb33f3aa5c29ea37347112
547674809724a5fc5265dda6fa38b4d98de37ac749389f55594de6100b3f6586
62e649052123316f643d71c1b5eadc4d8989990bfa8125656bda14301c85afb3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

jejjeiii4.w3spaces.com Open in urlscan Pro 2600:9000:2156:8000:b:df74:43c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

84 kBTransfer

200 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

jejjeiii4.w3spaces.com Open in urlscan Pro
2600:9000:2156:8000:b:df74:43c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

84 kB
Transfer

200 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions