dev-yunmenched.pantheonsite.io
Open in
urlscan Pro
2620:12a:8001::2
Malicious Activity!
Public Scan
Effective URL: https://dev-yunmenched.pantheonsite.io/jj/juno.html
Submission Tags: @phish_report
Submission: On September 04 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R11 on June 27th 2024. Valid for: 3 months.
This is the only time dev-yunmenched.pantheonsite.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Juno (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2620:12a:8001::2 2620:12a:8001::2 | 54113 (FASTLY) (FASTLY) | |
10 | 64.136.53.68 64.136.53.68 | 13446 (AS-NETZERO) (AS-NETZERO) | |
1 | 64.136.53.83 64.136.53.83 | 13446 (AS-NETZERO) (AS-NETZERO) | |
1 | 64.136.53.178 64.136.53.178 | 13446 (AS-NETZERO) (AS-NETZERO) | |
1 | 64.136.45.32 64.136.45.32 | 13446 (AS-NETZERO) (AS-NETZERO) | |
14 | 5 |
ASN13446 (AS-NETZERO, US)
PTR: account.vgs.juno.com
account.juno.com |
ASN13446 (AS-NETZERO, US)
PTR: webmail.vgs.netzero.net
webmail.uolstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
juno.com
account.juno.com store.juno.com track.juno.com — Cisco Umbrella Rank: 348419 |
50 KB |
1 |
uolstatic.com
webmail.uolstatic.com — Cisco Umbrella Rank: 298704 |
31 KB |
1 |
pantheonsite.io
dev-yunmenched.pantheonsite.io |
8 KB |
14 | 3 |
Domain | Requested by | |
---|---|---|
10 | account.juno.com |
dev-yunmenched.pantheonsite.io
account.juno.com |
1 | track.juno.com |
dev-yunmenched.pantheonsite.io
|
1 | store.juno.com |
dev-yunmenched.pantheonsite.io
|
1 | webmail.uolstatic.com |
dev-yunmenched.pantheonsite.io
|
1 | dev-yunmenched.pantheonsite.io | |
14 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.juno.com |
account.juno.com |
store.juno.com |
my.juno.com |
www.untd.com |
www.netzero.net |
www.mysite.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
pantheonsite.io R11 |
2024-06-27 - 2024-09-25 |
3 months | crt.sh |
account.juno.com Go Daddy Secure Certificate Authority - G2 |
2024-07-08 - 2025-07-19 |
a year | crt.sh |
webmail.netzero.net Go Daddy Secure Certificate Authority - G2 |
2024-08-08 - 2025-07-26 |
a year | crt.sh |
store.juno.com Go Daddy Secure Certificate Authority - G2 |
2024-05-14 - 2025-05-22 |
a year | crt.sh |
track.netzero.net Go Daddy Secure Certificate Authority - G2 |
2023-09-14 - 2024-09-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dev-yunmenched.pantheonsite.io/jj/juno.html
Frame ID: 0AB97DBE0DAE61486A89E4DB7F209B81
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Juno - My Account - Value-priced Internet Service Provider - ISP - Free, low-cost and fast Internet AccessPage URL History Show full URLs
-
http://dev-yunmenched.pantheonsite.io/jj/juno.html
HTTP 307
https://dev-yunmenched.pantheonsite.io/jj/juno.html Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: SUPPORT
Search URL Search Domain Scan URL
Title: password
Search URL Search Domain Scan URL
Title: sign in issues
Search URL Search Domain Scan URL
Title: Juno Store
Search URL Search Domain Scan URL
Title: My Juno
Search URL Search Domain Scan URL
Title: My Account
Search URL Search Domain Scan URL
Title: Our Services
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Your Privacy Rights: Do Not Sell My Info
Search URL Search Domain Scan URL
Title: About Ads
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: United Online
Search URL Search Domain Scan URL
Title: NetZero
Search URL Search Domain Scan URL
Title: MySite
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://dev-yunmenched.pantheonsite.io/jj/juno.html
HTTP 307
https://dev-yunmenched.pantheonsite.io/jj/juno.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
juno.html
dev-yunmenched.pantheonsite.io/jj/ Redirect Chain
|
20 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common-j.css
account.juno.com/static/account/view/css/ |
52 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jQuery.js
webmail.uolstatic.com/js_c/l/jq/3.6.0/ |
87 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.dcjqaccordion.2.7.min.js
account.juno.com/static/account/view/js/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
account.juno.com/static/account/view/js/ |
120 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
j_logo-black.gif
account.juno.com/static/account/view/img/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
j_sign-in-btn.gif
account.juno.com/static/account/view/img/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
j_signin-issue.gif
account.juno.com/static/account/view/img/ |
470 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
j_netzero-store.gif
account.juno.com/static/account/view/img/ |
402 B 984 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common-print.css
account.juno.com/static/account/view/css/ |
388 B 858 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event.do
store.juno.com/account/ |
43 B 756 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pv
track.juno.com/s/ |
43 B 506 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
j_header-keyline.gif
account.juno.com/static/account/view/img/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webicon_j.ico
account.juno.com/static/account/view/img/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Juno (Telecommunication)110 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| brandLetterLC function| $ function| jQuery string| href function| getCookieValue function| getCookieDomain function| setCookieValue object| d boolean| safari function| gebtn function| check_it function| turn_radio function| reverse function| logonValidate function| TabNext function| getAbsDimension function| showTip function| hideTip function| showEstimated function| showUPS function| collapseSummary function| changeSliderLight function| changeSliderWarp function| vpnAlertOverlay function| displayOrderCdOverlay function| displayTollfreeOverlay function| showUpgradeOverlay function| showDatashieldCancelOverlay function| showPaypalCancelOverlay function| helpNumbersOverlay function| showUmwb function| displayOverlay function| updateOverlayContent function| showConfOverlayContent function| showLoadingOverlay function| hideOverlay function| goToUrl function| selectTab function| changeClass function| addEvent function| removeEvent function| getIfrDoc function| setIfrHeight function| getQueryString function| createDateinJS function| updateSelectListValue function| ReloadUsage function| setIframeHeight function| setDynIframeHeight function| changePaymentInfo function| secretAnswerPop function| pwdStrengthPop function| pwdStrengthPopN function| faqPop function| rulesPop function| softwarePop function| securePop function| securePopEpay function| securePopN function| editRhinobootAddress function| tosbillingauthpop function| rights function| termsOfServicePop function| termsOfServiceEpay function| getEmailaddress function| submitForm function| pageWidth function| pageHeight function| getScrollX function| getScrollY function| hideToolTip function| displayToolTipPrevious function| displayToolTipOutstanding function| findPosX function| findPosY function| onlyCaptcha function| positionOverlay function| getPageSize function| getPageScroll string| phoneNumber string| areacode string| prefix string| suffix function| addErrorPhone function| phoneNoFormat function| phoneNoFormat1 function| areCookiesEnabled function| getPhoneNumber string| expire function| myErrorHandler string| store function| popup string| overridePageName object| member object| session object| order function| rememberJN object| env string| pagename function| trkEvent function| Set_Cookie function| Get_Cookie string| params2Str object| temp string| servlet string| omEnv string| pname object| pagesToTrack function| testForMSIE927917 function| logPageView1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dev-yunmenched.pantheonsite.io/ | Name: c_check Value: enabled |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=300 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account.juno.com
dev-yunmenched.pantheonsite.io
store.juno.com
track.juno.com
webmail.uolstatic.com
2620:12a:8001::2
64.136.45.32
64.136.53.178
64.136.53.68
64.136.53.83
002518b99d4b6301e81eed98543c9f8a8b459fca4222810b257ec5a24b7f606a
00d1f131e5622864f1b4eba30e315b6184dfb1f3ae452873c6da030084965c78
0856a6dd32e4bb7283e9ee5a16864a3455a483c53d9b3132852b910f2929a7b9
0a24d86f8db757c512ff637d91e3267085fa0be5a4a88daae0063af80fedaec5
2b4c6e154d4ce8a1a4d4970dcddb078f1d6480a8cd31d31a5db1e655435adfd4
5c5ac9a525fc89deff94641d337c75cf84ea8ec106d9bdbcb99453d3931adc68
5d9cfde10bdc06fb765e3c89753bc1d2eb97debaa266dcb23dabf01c630e000f
83e8763c495ec64bcd1fda5113b5cb349eb7b2cd541a57ff102167a7c13deec6
8612f65941164b6564d4e374615270c7442da86e95220b564a3817c93ee201e9
92097f1164abe88800e46a8c7143351c13924891b19f3a24e09897ad5173e24c
a5e76956ee90e7bd8734dff6e2318022cd07e21425c0f58e2590563fb412f9a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
f5e6b14721cde30c590db55c88cb4ad24b5770e406b8af6a330828a40ad78156