ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com Open in urlscan Pro
149.137.137.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com/0172354eadc36793.html
Submission Tags: https://phish.report @phish_report Search All
Submission: On August 02 via api (August 2nd 2023, 7:40:25 am UTC) from FI — Scanned from US

Summary HTTP 6 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 149.137.137.254, located in United States and belongs to BACKBLAZE, US. The main domain is ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com.
TLS certificate: Issued by R3 on July 25th 2023. Valid for: 3 months.

This is the only time ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1	149.137.137.254 149.137.137.254		40401 (BACKBLAZE) (BACKBLAZE)
6	3

1 149.137.137.254 (United States)

ASN40401 (BACKBLAZE, US)
PTR: s3.us-east-005.backblazeb2.com

ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	backblazeb2.com ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com	14 KB
0	lordjesse-1.buzz Failed lordjesse-1.buzz Failed
6	2

	Domain	Requested by
1	ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com
0	lordjesse-1.buzz Failed	ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com text
6	2

This site contains no links.

Subject Issuer	Validity	Valid
backblazeb2.com R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com/0172354eadc36793.html
Frame ID: C6213EB91752641639DFBDAF8172074A
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: E5EE0163A31F85BBE3C756C16701F75F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ozow Instant Secure EFT Payments

Page Statistics

6
Requests

17 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

22 kB
Transfer

21 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200	Primary Request 0172354eadc36793.html Show response ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com/	13 KB 14 KB	215ms 84ms	Document text/html	149.137.137.254 BACKBLAZE
General Check archive.org Show headers Download Go to Full URL https://ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com/0172354eadc36793.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.137.137.254 , United States, ASN40401 (BACKBLAZE, US), Reverse DNS s3.us-east-005.backblazeb2.com Software / Resource Hash `6cf0489ba4fbd0e8a8db5615c1e6dc3dedc225ec11c9a838b19abf582e7cd54f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 13754 Content-Type text/html Date Wed, 02 Aug 2023 07:40:19 GMT ETag "22d483799e1a657e2d84834cede07156" Keep-Alive timeout=5 Last-Modified Tue, 01 Aug 2023 10:28:05 GMT x-amz-id-2 aM+1k12Q4MKM5P2XCY1A3fjEeNSs5rTEd x-amz-meta-src_last_modified_millis 1690871253687 x-amz-request-id 7d415f7d28ee1d6a x-amz-server-side-encryption AES256 x-amz-version-id 4_zf32d5d20a93ebc0781950911_f1066af2d1dfd47ab_d20230801_m102805_c005_v0501004_t0027_u01690885685633
GET DATA	200 OK	truncated Show response / Frame E5EE	8 KB 8 KB		Document text/html
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7055c5831170f93ef4777808a942dd5f9a4741ed8d8f8879a5dc44efb892dbab` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Content-Type text/html
GET		main.6e8e127e.chunk.css lordjesse-1.buzz/bries/index_files/ Frame E5EE	0 0

GET		inxxlogo.png lordjesse-1.buzz/bries/ Frame E5EE	0 0

GET		pci-cropped.15e67a49.svg lordjesse-1.buzz/bries/index_files/ Frame E5EE	0 0

GET		on-white.0f8e3df6.svg lordjesse-1.buzz/bries/index_files/ Frame E5EE	0 0

GET		poweredby.e4aefab8.png lordjesse-1.buzz/bries/index_files/ Frame E5EE	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lordjesse-1.buzz
URL: https://lordjesse-1.buzz/bries/index_files/main.6e8e127e.chunk.css

Domain: lordjesse-1.buzz
URL: https://lordjesse-1.buzz/bries/inxxlogo.png

Domain: lordjesse-1.buzz
URL: https://lordjesse-1.buzz/bries/index_files/pci-cropped.15e67a49.svg

Domain: lordjesse-1.buzz
URL: https://lordjesse-1.buzz/bries/index_files/on-white.0f8e3df6.svg

Domain: lordjesse-1.buzz
URL: https://lordjesse-1.buzz/bries/index_files/poweredby.e4aefab8.png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	Message: The key "target-densitydpi" is not supported.
rendering	warning	Message: The key "target-densitydpi" is not supported.
network	error	URL: https://lordjesse-1.buzz/bries/index_files/main.6e8e127e.chunk.css Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://lordjesse-1.buzz/bries/inxxlogo.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://lordjesse-1.buzz/bries/index_files/pci-cropped.15e67a49.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://lordjesse-1.buzz/bries/index_files/on-white.0f8e3df6.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://lordjesse-1.buzz/bries/index_files/poweredby.e4aefab8.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lordjesse-1.buzz
ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com
lordjesse-1.buzz
149.137.137.254
6cf0489ba4fbd0e8a8db5615c1e6dc3dedc225ec11c9a838b19abf582e7cd54f
7055c5831170f93ef4777808a942dd5f9a4741ed8d8f8879a5dc44efb892dbab

ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com Open in urlscan Pro 149.137.137.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

17 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

22 kBTransfer

21 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

7 Console Messages

Indicators

ozowpayment-paymentisnowreadypleaseconfirm87549549869.s3.us-east-005.backblazeb2.com Open in urlscan Pro
149.137.137.254 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

17 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

22 kB
Transfer

21 kB
Size

0
Cookies

6 HTTP transactions
1 data transactions