juno.seb.green Open in urlscan Pro
195.201.186.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://haven.ingest.cryptoknight.cc/
Effective URL:
https://juno.seb.green/
Submission Tags: phishing malicious Search All
Submission: On April 29 via api (April 29th 2019, 3:53:20 am UTC) from GB

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 195.201.186.172, located in Russian Federation and belongs to HETZNER-AS, DE. The main domain is juno.seb.green.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 4th 2018. Valid for: 3 months.

This is the only time juno.seb.green was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	195.201.186.172 195.201.186.172	24940 (HETZNER-AS) (HETZNER-AS)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	192.99.124.211 192.99.124.211	16276 (OVH) (OVH)
9	3

8 195.201.186.172 (Russian Federation) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.172.186.201.195.clients.your-server.de

haven.ingest.cryptoknight.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
juno.seb.green	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.124.211 (Boisbriand, Canada)

ASN16276 (OVH, FR)
PTR: titanembeds.com

titanembeds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	seb.green juno.seb.green	64 KB
1	titanembeds.com titanembeds.com
1	aspnetcdn.com ajax.aspnetcdn.com	30 KB
1	cryptoknight.cc 1 redirects haven.ingest.cryptoknight.cc	191 B
9	4

	Domain	Requested by
7	juno.seb.green	juno.seb.green
1	titanembeds.com	juno.seb.green
1	ajax.aspnetcdn.com	juno.seb.green
1	haven.ingest.cryptoknight.cc	1 redirects
9	4

This site contains no links.

Subject Issuer	Validity	Valid
juno.seb.green Let's Encrypt Authority X3	`2018-09-04` - `2018-12-03`	3 months	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
titanembeds.com Let's Encrypt Authority X3	`2019-03-14` - `2019-06-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://juno.seb.green/
Frame ID: CAF28A9E2D0075C6D9484E3F2ABF4F9A
Requests: 8 HTTP requests in this frame

Frame: https://titanembeds.com/embed/400495224511791104?defaultchannel=420103146975657994&theme=DiscordDark
Frame ID: C6FFC2D12CFE7E443823C03949F9C0F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://haven.ingest.cryptoknight.cc/ HTTP 301
https://juno.seb.green/ Page URL

Detected technologies

Node.js (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /socket.io.*\.js/i
env /^io$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /socket.io.*\.js/i
env /^io$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

9
Requests

22 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

93 kB
Transfer

154 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://haven.ingest.cryptoknight.cc/ HTTP 301
https://juno.seb.green/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
juno.seb.green/
Redirect Chain

http://haven.ingest.cryptoknight.cc/
https://juno.seb.green/

10 KB
3 KB

84ms
10ms

Document
text/html

195.201.186.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://juno.seb.green/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.186.172 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.172.186.201.195.clients.your-server.de
Software: nginx /
Resource Hash: bc0b76fd170124f6384a5f214e3ac37fa0fba47c15217eb88ede9f12468e3b9a

Request headers

:method: GET
:authority: juno.seb.green
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 29 Apr 2019 03:53:03 GMT
content-type: text/html
last-modified: Sat, 07 Jul 2018 13:53:03 GMT
etag: W/"5b40c5bf-2699"
content-encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 29 Apr 2019 03:53:03 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://juno.seb.green/

GET
H2 200 socket.io.js Show response
juno.seb.green/misc/ 59 KB
60 KB 19ms
19ms Script
application/javascript 195.201.186.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://juno.seb.green/misc/socket.io.js
Requested by: Host: juno.seb.green
URL: https://juno.seb.green/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.186.172 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.172.186.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 58f7853d60f73d94140eba459c333537629a74d57009f352e1c099efc6fbe93f

Request headers

Referer: https://juno.seb.green/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Apr 2019 03:53:03 GMT
last-modified: Sat, 09 Jun 2018 05:36:10 GMT
server: nginx
etag: "5b1b674a-ed3a"
content-type: application/javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 60730
expires: Tue, 28 Apr 2020 03:53:03 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
30 KB 69ms
8ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: juno.seb.green
URL: https://juno.seb.green/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8E87) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://juno.seb.green/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Apr 2019 03:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 30394
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (frc/8E87)
etag: "80288516b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 400495224511791104
titanembeds.com/embed/ Frame C6FF 0
0 524ms
314ms Document
text/html 192.99.124.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://titanembeds.com/embed/400495224511791104?defaultchannel=420103146975657994&theme=DiscordDark

Requested by

Host: juno.seb.green
URL: https://juno.seb.green/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.99.124.211 Boisbriand, Canada, ASN16276 (OVH, FR),

Reverse DNS

titanembeds.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: titanembeds.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://juno.seb.green/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://juno.seb.green/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 29 Apr 2019 03:53:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

GET
H2 200 / Show response
juno.seb.green/socket.io/ 103 B
269 B 18ms
17ms XHR
text/plain 195.201.186.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://juno.seb.green/socket.io/?EIO=3&transport=polling&t=MfdEO7k
Requested by: Host: juno.seb.green
URL: https://juno.seb.green/misc/socket.io.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.186.172 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.172.186.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 59d315ec0f8ae7afa4a228470602a7f18489c00b3beacc885c4c60e31fa0b1ff

Request headers

Accept: */*
Referer: https://juno.seb.green/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 29 Apr 2019 03:53:03 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
juno.seb.green/socket.io/ 2 B
172 B 12ms
12ms XHR
text/html 195.201.186.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://juno.seb.green/socket.io/?EIO=3&transport=polling&t=MfdEO84&sid=GLlpfLfKxboJNEQTADhG
Requested by: Host: juno.seb.green
URL: https://juno.seb.green/misc/socket.io.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.186.172 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.172.186.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://juno.seb.green/
Origin: https://juno.seb.green
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

status: 200
date: Mon, 29 Apr 2019 03:53:03 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-origin: https://juno.seb.green
content-length: 2
content-type: text/html

GET
H2 200 / Show response
juno.seb.green/socket.io/ 31 B
199 B 77ms
18ms XHR
text/plain 195.201.186.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://juno.seb.green/socket.io/?EIO=3&transport=polling&t=MfdEO85&sid=GLlpfLfKxboJNEQTADhG
Requested by: Host: juno.seb.green
URL: https://juno.seb.green/misc/socket.io.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.186.172 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.172.186.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 8c2a54ced9a7a011476cd79727eb82413d4c95c7dedd68984e6918811ccd9d8f

Request headers

Accept: */*
Referer: https://juno.seb.green/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 29 Apr 2019 03:53:03 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
juno.seb.green/socket.io/ 2 B
172 B 11ms
11ms XHR
text/html 195.201.186.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://juno.seb.green/socket.io/?EIO=3&transport=polling&t=MfdEO9J&sid=GLlpfLfKxboJNEQTADhG
Requested by: Host: juno.seb.green
URL: https://juno.seb.green/misc/socket.io.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.186.172 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.172.186.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://juno.seb.green/
Origin: https://juno.seb.green
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

status: 200
date: Mon, 29 Apr 2019 03:53:03 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-origin: https://juno.seb.green
content-length: 2
content-type: text/html

GET
H2 200 / Show response
juno.seb.green/socket.io/ 3 B
142 B 110ms
110ms XHR
text/plain 195.201.186.172
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://juno.seb.green/socket.io/?EIO=3&transport=polling&t=MfdEO9L&sid=GLlpfLfKxboJNEQTADhG
Requested by: Host: juno.seb.green
URL: https://juno.seb.green/misc/socket.io.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.186.172 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.172.186.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept: */*
Referer: https://juno.seb.green/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 29 Apr 2019 03:53:03 GMT
server: nginx
access-control-allow-origin: *
content-length: 3
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.titanembeds.com/	1970-01-19 00:21:50	Name: _gat Value: 1
.titanembeds.com/	1970-01-19 00:23:16	Name: _gid Value: GA1.2.271291510.1556509984
.titanembeds.com/	1970-01-19 17:53:01	Name: _ga Value: GA1.2.1415888928.1556509984
juno.seb.green/	1969-12-31 23:59:59	Name: io Value: GLlpfLfKxboJNEQTADhG

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
haven.ingest.cryptoknight.cc
juno.seb.green
titanembeds.com
152.199.19.160
192.99.124.211
195.201.186.172
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
58f7853d60f73d94140eba459c333537629a74d57009f352e1c099efc6fbe93f
59d315ec0f8ae7afa4a228470602a7f18489c00b3beacc885c4c60e31fa0b1ff
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
8c2a54ced9a7a011476cd79727eb82413d4c95c7dedd68984e6918811ccd9d8f
bc0b76fd170124f6384a5f214e3ac37fa0fba47c15217eb88ede9f12468e3b9a

juno.seb.green Open in urlscan Pro 195.201.186.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

22 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

93 kBTransfer

154 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

4 Cookies

Indicators

juno.seb.green Open in urlscan Pro
195.201.186.172 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

22 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

93 kB
Transfer

154 kB
Size

4
Cookies

9 HTTP transactions
0 data transactions