juvenin.com
Open in
urlscan Pro
209.59.155.202
Malicious Activity!
Public Scan
Submission: On August 14 via manual from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 20th 2019. Valid for: 3 months.
This is the only time juvenin.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 209.59.155.202 209.59.155.202 | 32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81b::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:819::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:400c:c00::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
16 | 6 |
ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: host.catchyserver.com
juvenin.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
juvenin.com
juvenin.com |
2 MB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
102 B |
1 |
googleapis.com
ajax.googleapis.com |
17 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
26 KB |
16 | 5 |
Domain | Requested by | |
---|---|---|
12 | juvenin.com |
juvenin.com
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
1 | stats.g.doubleclick.net |
juvenin.com
|
1 | ajax.googleapis.com |
juvenin.com
|
1 | www.googletagmanager.com |
juvenin.com
|
16 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
juvenin.com cPanel, Inc. Certification Authority |
2019-07-20 - 2019-10-18 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-07-29 - 2019-10-27 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Frame ID: 8EC254BDE8CC860D87DF45181BF7D41D
Requests: 15 HTTP requests in this frame
Frame:
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/silence.mp3
Frame ID: E5B6354D34E769C17536A717308DC874
Requests: 2 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://www.google-analytics.com/r/collect?v=1&_v=j78&a=1818152574&t=pageview&_s=1&dl=https%3A%2F%2Fjuvenin.com%2Fmicros0ft-help%2Fsecure-me%2FAlerts%2Fied%2Findex-2.html&ul=en-us&de=UTF-8&dt=Microsoft%20Official%20Support&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1245993705&gjid=394871907&cid=243978390.1565814221&tid=UA-77152316-11&_gid=1565224282.1565814221&_r=1>m=2ou874&z=1775302678 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77152316-11&cid=243978390.1565814221&jid=1245993705&_gid=1565224282.1565814221&gjid=394871907&_v=j78&z=1775302678
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index-2.html
juvenin.com/micros0ft-help/secure-me/Alerts/ied/ |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
68 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/bootstrap/3.3.7/css/ |
119 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
juvenin.com/micros0ft-help/secure-me/Alerts/ied/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.gif
juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.gif
juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/ |
87 KB 87 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rsod.png
juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
335158-windows-8-window.png
juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.2.6/ |
54 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
functions.js
juvenin.com/micros0ft-help/secure-me/Alerts/ied/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
silence.mp3
juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/ Frame E5B6 |
0 0 |
Document
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sound.mp3
juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/ |
96 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
992 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.png
juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/ |
181 KB 181 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
silence.mp3
juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/ Frame E5B6 |
144 B 537 B |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| confirmExit function| _toggleFullScreen function| catchControlKeys function| getBrowser function| getPopUp string| ua function| getEp function| prepareFrame function| open1 function| forceDownload object| modal object| btn object| span function| addEvent0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
juvenin.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
209.59.155.202
2a00:1450:4001:808::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81b::200a
2a00:1450:400c:c00::9a
20e3d98c79f2257ddfe8ff1cb1ceb585392a86528a7f5ba9aab98f0f08d14232
249f13774603b1d28aaa9dabcce3f1462e3cfd52f89bcd8710206c609c4c7ec3
2b9c6ade0b28f240327b929a25393f89d523903ed5de9530e561d029bb2e07da
312c6606235f1ba63b2141b812fef5398536390a76c85f5ab8bcc35a7aa8737e
35cd11a02f684b4828b1c84d53c1376cd48b2ec5991553041b7106582238fa47
46e9d3ff1254ccd8a6fc7e7a0d5fc0c4adbaa873cd7b2f874911578fab92e7fd
55fb6c15c95965e9e55de3fcee5ecdc43fdc842591d06f464b3184fa07d9f7b4
606a248227b8bfb26e81383ad9d7fa4d01a31ed02a31b282dc57790cf285d42a
817c144a7de95c03dd00337f2e6c0011e9afa24044999d4c52615ee90a6765a8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
928f0f1361a114f4b965df98e1b4cc11a9766a5292a29c79f13318edc3461dbc
bad5e73a01b18aff5a16206a44fedf7efff9c3c7ef83bd73d5e83a0a33b4edbd
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
d4d07b85079a57f75337e2fecd7b0b97ff18d38deb011e8b426261e36ca48b2a
daeffe0383a7d3fca1c957b61aa3101ca1be7c308abcf654741762c1b39f0a0c