www.legalwee.com - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 162.241.85.228, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.legalwee.com.

This is the only time www.legalwee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	162.241.85.228 162.241.85.228	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2600:9000:206... 2600:9000:206e:7a00:1d:3c83:f34f:5e61	16509 (AMAZON-02) (AMAZON-02)
1	195.154.113.34 195.154.113.34	12876 (Online SAS) (Online SAS)
3	4

1 162.241.85.228 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-85-228.unifiedlayer.com

www.legalwee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:7a00:1d:3c83:f34f:5e61 (United States)

ASN16509 (AMAZON-02, US)

media.tenor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.154.113.34 (Ivry-sur-Seine, France)

ASN12876 (Online SAS, FR)
PTR: 195-154-113-34.rev.poneytelecom.eu

e.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	top4top.io e.top4top.io
1	tenor.com media.tenor.com	29 KB
1	legalwee.com www.legalwee.com	2 KB
3	3

	Domain	Requested by
1	e.top4top.io	www.legalwee.com
1	media.tenor.com	www.legalwee.com
1	www.legalwee.com
3	3

This site contains no links.

Subject Issuer	Validity	Valid
*.tenor.com GTS CA 1O1	`2020-12-03` - `2021-12-02`	a year	crt.sh
top4top.io R3	`2021-04-18` - `2021-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.legalwee.com/fii.html
Frame ID: CA5A903800C20C1BC9D395E5CF1F61C9
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

3
Requests

67 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

30 kB
Transfer

96 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request fii.html Show response www.legalwee.com/	3 KB 2 KB	267ms 233ms	Document text/html	162.241.85.228 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://www.legalwee.com/fii.html Protocol HTTP/1.1 Server 162.241.85.228 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-85-228.unifiedlayer.com Software Apache / Resource Hash `e96b87f37fcf97e8d6286c9adcdff45bbf670eab0f4fd9094bb49c14f172bfbd` Request headers Host www.legalwee.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 11 Jun 2021 15:14:40 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Last-Modified Fri, 11 Jun 2021 12:38:17 GMT Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 1314 Keep-Alive timeout=5, max=75 Content-Type text/html
GET H2	200	tenor.gif media.tenor.com/images/74a2b4b0fc38bc87c81f68b0bb24572d/	28 KB 29 KB	66ms 23ms	Image image/gif	2600:9000:206e:7a00:1d:3c83:f34f:5e61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.tenor.com/images/74a2b4b0fc38bc87c81f68b0bb24572d/tenor.gif Requested by Host: www.legalwee.com URL: http://www.legalwee.com/fii.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:7a00:1d:3c83:f34f:5e61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `6b161466d7a970dce1acba574073bc9c3e5a1a5db4345b45d7d338d32007eb31` Request headers Referer http://www.legalwee.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id IRYqCYI0YOmXvuhNsJ9FvRbGFGAnl5OV via 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront) last-modified Sun, 09 Sep 2018 02:42:26 GMT server AmazonS3 age 85798 etag "74a2b4b0fc38bc87c81f68b0bb24572d" x-cache Hit from cloudfront content-type image/gif date Fri, 11 Jun 2021 14:28:19 GMT x-amz-cf-pop VIE50-C1 accept-ranges bytes content-length 29153 x-amz-cf-id J9x-SRSsYXtuelIXD8Xq2ct17fAN9xbAMEg-Dvn0cdOrMRjKpVwcHg==
GET H2	206	m_18002pja50.mp3 e.top4top.io/	64 KB 0	106ms 39ms	Media audio/mpeg	195.154.113.34 Online SAS
General Check archive.org Show headers Download Go to Full URL https://e.top4top.io/m_18002pja50.mp3 Requested by Host: www.legalwee.com URL: http://www.legalwee.com/fii.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.154.113.34 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR), Reverse DNS 195-154-113-34.rev.poneytelecom.eu Software nginx / Resource Hash Request headers Referer http://www.legalwee.com/ Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers x-file-id x35675068x date Fri, 11 Jun 2021 15:14:41 GMT last-modified Sat, 05 Dec 2020 14:04:28 GMT server nginx etag "5fcb936c-447a54" content-type audio/mpeg Content-Range bytes 0-4487763/4487764 cache-control max-age=7200 content-disposition inline; filename="Kimi%20No%20Toriko%20(AMV)%20Anime%20Crush.mp3" Content-Length 4487764 expires Fri, 11 Jun 2021 17:14:41 GMT
GET DATA	200 OK	truncated /	382 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88` Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	180 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82` Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	354 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab` Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e.top4top.io
media.tenor.com
www.legalwee.com
162.241.85.228
195.154.113.34
2600:9000:206e:7a00:1d:3c83:f34f:5e61
6b161466d7a970dce1acba574073bc9c3e5a1a5db4345b45d7d338d32007eb31
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
e96b87f37fcf97e8d6286c9adcdff45bbf670eab0f4fd9094bb49c14f172bfbd

www.legalwee.com Open in urlscan Pro 162.241.85.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

3 Requests

67 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

30 kBTransfer

96 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

www.legalwee.com Open in urlscan Pro
162.241.85.228 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

30 kB
Transfer

96 kB
Size

0
Cookies

3 HTTP transactions
3 data transactions