secure-pi.vercel.app
Open in
urlscan Pro
76.76.21.164
Malicious Activity!
Public Scan
URL:
https://secure-pi.vercel.app/
Submission: On November 16 via api from US — Scanned from US
Submission: On November 16 via api from US — Scanned from US
Summary
This website contacted 5 IPs
in 1 countries
across 3 domains to perform 14 HTTP transactions.
The main IP is 76.76.21.164, located in
Walnut, United States and
belongs to AMAZON-02, US.
The main domain is secure-pi.vercel.app.
TLS certificate: Issued by R11 on October 17th 2024. Valid for: 3 months.
This is the only time secure-pi.vercel.app was scanned on urlscan.io!
TLS certificate: Issued by R11 on October 17th 2024. Valid for: 3 months.
This is the only time secure-pi.vercel.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Juno (Telecommunication)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 76.76.21.164 76.76.21.164 | 16509 (AMAZON-02) (AMAZON-02) | |
| 10 | 64.136.45.68 64.136.45.68 | 13446 (AS-NETZERO) (AS-NETZERO) | |
| 1 | 64.136.45.83 64.136.45.83 | 13446 (AS-NETZERO) (AS-NETZERO) | |
| 1 | 64.136.53.178 64.136.53.178 | 13446 (AS-NETZERO) (AS-NETZERO) | |
| 1 | 64.136.53.32 64.136.53.32 | 13446 (AS-NETZERO) (AS-NETZERO) | |
| 14 | 5 |
10
64.136.45.68
(United States)
ASN13446 (AS-NETZERO, US)
PTR: account.dca.juno.com
ASN13446 (AS-NETZERO, US)
PTR: account.dca.juno.com
| account.juno.com |
1
64.136.45.83
(United States)
ASN13446 (AS-NETZERO, US)
PTR: webmail.dca.netzero.net
ASN13446 (AS-NETZERO, US)
PTR: webmail.dca.netzero.net
| webmail.uolstatic.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
juno.com
account.juno.com store.juno.com track.juno.com — Cisco Umbrella Rank: 276687 |
50 KB |
| 1 |
uolstatic.com
webmail.uolstatic.com — Cisco Umbrella Rank: 238216 |
31 KB |
| 1 |
vercel.app
secure-pi.vercel.app |
7 KB |
| 14 | 3 |
| Domain | Requested by | |
|---|---|---|
| 10 | account.juno.com |
secure-pi.vercel.app
account.juno.com |
| 1 | track.juno.com |
secure-pi.vercel.app
|
| 1 | store.juno.com |
secure-pi.vercel.app
|
| 1 | webmail.uolstatic.com |
secure-pi.vercel.app
|
| 1 | secure-pi.vercel.app | |
| 14 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.juno.com |
| account.juno.com |
| store.juno.com |
| my.juno.com |
| www.untd.com |
| www.netzero.net |
| www.mysite.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.vercel.app R11 |
2024-10-17 - 2025-01-15 |
3 months | crt.sh |
| account.juno.com Go Daddy Secure Certificate Authority - G2 |
2024-07-08 - 2025-07-19 |
a year | crt.sh |
| webmail.netzero.net Go Daddy Secure Certificate Authority - G2 |
2024-08-08 - 2025-07-26 |
a year | crt.sh |
| store.juno.com Go Daddy Secure Certificate Authority - G2 |
2024-05-14 - 2025-05-22 |
a year | crt.sh |
| track.netzero.net Go Daddy Secure Certificate Authority - G2 |
2024-09-17 - 2025-09-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://secure-pi.vercel.app/
Frame ID: A769F3CDCDD331B2FC23C273790EB6C7
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Juno - My Account - Value-priced Internet Service Provider - ISP - Free, low-cost and fast Internet AccessDetected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
URL: http://www.juno.com/
Search URL Search Domain Scan URL
URL: http://www.juno.com/support/
Title: SUPPORT
Title: SUPPORT
Search URL Search Domain Scan URL
URL: https://account.juno.com/static/account/acmg/forgotPassword.do
Title: password
Title: password
Search URL Search Domain Scan URL
URL: https://www.juno.com/support/errors/eb06-myacct.html
Title: sign in issues
Title: sign in issues
Search URL Search Domain Scan URL
URL: http://store.juno.com/
Title: Juno Store
Title: Juno Store
Search URL Search Domain Scan URL
URL: http://my.juno.com/
Title: My Juno
Title: My Juno
Search URL Search Domain Scan URL
URL: http://account.juno.com/s/account
Title: My Account
Title: My Account
Search URL Search Domain Scan URL
URL: http://account.juno.com/s/landing
Title: Our Services
Title: Our Services
Search URL Search Domain Scan URL
URL: http://www.juno.com/start/landing.do?page=www/legal/privacy
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: http://www.juno.com/start/landing.do?page=www/legal/yourprivacyrights
Title: Your Privacy Rights: Do Not Sell My Info
Title: Your Privacy Rights: Do Not Sell My Info
Search URL Search Domain Scan URL
URL: http://www.juno.com/start/landing.do?page=www/legal/privacy#3
Title: About Ads
Title: About Ads
Search URL Search Domain Scan URL
URL: https://www.juno.com/start/landing.do?page=www/legal/terms
Title: Terms of Service
Title: Terms of Service
Search URL Search Domain Scan URL
URL: http://www.untd.com/
Title: United Online
Title: United Online
Search URL Search Domain Scan URL
URL: http://www.netzero.net/
Title: NetZero
Title: NetZero
Search URL Search Domain Scan URL
URL: http://www.mysite.com/
Title: MySite
Title: MySite
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
secure-pi.vercel.app/ |
19 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common-j.css
account.juno.com/static/account/view/css/ |
52 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jQuery.js
webmail.uolstatic.com/js_c/l/jq/3.6.0/ |
87 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.dcjqaccordion.2.7.min.js
account.juno.com/static/account/view/js/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
account.juno.com/static/account/view/js/ |
120 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
j_logo-black.gif
account.juno.com/static/account/view/img/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
j_sign-in-btn.gif
account.juno.com/static/account/view/img/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
j_signin-issue.gif
account.juno.com/static/account/view/img/ |
470 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
j_netzero-store.gif
account.juno.com/static/account/view/img/ |
402 B 984 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common-print.css
account.juno.com/static/account/view/css/ |
388 B 858 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
event.do
store.juno.com/account/ |
43 B 756 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pv
track.juno.com/s/ |
43 B 506 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
j_header-keyline.gif
account.juno.com/static/account/view/img/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
webicon_j.ico
account.juno.com/static/account/view/img/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Juno (Telecommunication)110 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| brandLetterLC function| $ function| jQuery string| href function| getCookieValue function| getCookieDomain function| setCookieValue object| d boolean| safari function| gebtn function| check_it function| turn_radio function| reverse function| logonValidate function| TabNext function| getAbsDimension function| showTip function| hideTip function| showEstimated function| showUPS function| collapseSummary function| changeSliderLight function| changeSliderWarp function| vpnAlertOverlay function| displayOrderCdOverlay function| displayTollfreeOverlay function| showUpgradeOverlay function| showDatashieldCancelOverlay function| showPaypalCancelOverlay function| helpNumbersOverlay function| showUmwb function| displayOverlay function| updateOverlayContent function| showConfOverlayContent function| showLoadingOverlay function| hideOverlay function| goToUrl function| selectTab function| changeClass function| addEvent function| removeEvent function| getIfrDoc function| setIfrHeight function| getQueryString function| createDateinJS function| updateSelectListValue function| ReloadUsage function| setIframeHeight function| setDynIframeHeight function| changePaymentInfo function| secretAnswerPop function| pwdStrengthPop function| pwdStrengthPopN function| faqPop function| rulesPop function| softwarePop function| securePop function| securePopEpay function| securePopN function| editRhinobootAddress function| tosbillingauthpop function| rights function| termsOfServicePop function| termsOfServiceEpay function| getEmailaddress function| submitForm function| pageWidth function| pageHeight function| getScrollX function| getScrollY function| hideToolTip function| displayToolTipPrevious function| displayToolTipOutstanding function| findPosX function| findPosY function| onlyCaptcha function| positionOverlay function| getPageSize function| getPageScroll string| phoneNumber string| areacode string| prefix string| suffix function| addErrorPhone function| phoneNoFormat function| phoneNoFormat1 function| areCookiesEnabled function| getPhoneNumber string| expire function| myErrorHandler string| store function| popup string| overridePageName object| member object| session object| order function| rememberJN object| env string| pagename function| trkEvent function| Set_Cookie function| Get_Cookie string| params2Str object| temp string| servlet string| omEnv string| pname object| pagesToTrack function| testForMSIE927917 function| logPageView1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| secure-pi.vercel.app/ | Name: c_check Value: enabled |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account.juno.com
secure-pi.vercel.app
store.juno.com
track.juno.com
webmail.uolstatic.com
64.136.45.68
64.136.45.83
64.136.53.178
64.136.53.32
76.76.21.164
002518b99d4b6301e81eed98543c9f8a8b459fca4222810b257ec5a24b7f606a
00d1f131e5622864f1b4eba30e315b6184dfb1f3ae452873c6da030084965c78
0856a6dd32e4bb7283e9ee5a16864a3455a483c53d9b3132852b910f2929a7b9
0a24d86f8db757c512ff637d91e3267085fa0be5a4a88daae0063af80fedaec5
5c5ac9a525fc89deff94641d337c75cf84ea8ec106d9bdbcb99453d3931adc68
5d9cfde10bdc06fb765e3c89753bc1d2eb97debaa266dcb23dabf01c630e000f
83e8763c495ec64bcd1fda5113b5cb349eb7b2cd541a57ff102167a7c13deec6
8612f65941164b6564d4e374615270c7442da86e95220b564a3817c93ee201e9
a38b575a1717999b10666a8e8160e9bdc411ae38f2836b4dcddb360502f17a8a
a5e76956ee90e7bd8734dff6e2318022cd07e21425c0f58e2590563fb412f9a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd690c255994a4cd845ec4346fc7a442a05121de8aed93e4132cba7442337ae8
f5e6b14721cde30c590db55c88cb4ad24b5770e406b8af6a330828a40ad78156