urlscan.io logo urlscan.io
SecurityTrails logo

juvenin.com Open in urlscan Pro
209.59.155.202  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Submission: On August 14 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 209.59.155.202, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is juvenin.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 20th 2019. Valid for: 3 months.
This is the only time juvenin.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
12 209.59.155.202 32244 (LIQUIDWEB)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 6
12    209.59.155.202 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: host.catchyserver.com
juvenin.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
Domain Requested by
12 juvenin.com juvenin.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 stats.g.doubleclick.net juvenin.com
1 ajax.googleapis.com juvenin.com
1 www.googletagmanager.com juvenin.com
16 5

This site contains no links.

Subject Issuer Validity Valid
juvenin.com
cPanel, Inc. Certification Authority		 2019-07-20 -
2019-10-18		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Frame ID: 8EC254BDE8CC860D87DF45181BF7D41D
Requests: 15 HTTP requests in this frame

Frame: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/silence.mp3
Frame ID: E5B6354D34E769C17536A717308DC874
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

2433 kB
Transfer

2746 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://www.google-analytics.com/r/collect?v=1&_v=j78&a=1818152574&t=pageview&_s=1&dl=https%3A%2F%2Fjuvenin.com%2Fmicros0ft-help%2Fsecure-me%2FAlerts%2Fied%2Findex-2.html&ul=en-us&de=UTF-8&dt=Microsoft%20Official%20Support&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1245993705&gjid=394871907&cid=243978390.1565814221&tid=UA-77152316-11&_gid=1565224282.1565814221&_r=1&gtm=2ou874&z=1775302678 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77152316-11&cid=243978390.1565814221&jid=1245993705&_gid=1565224282.1565814221&gjid=394871907&_v=j78&z=1775302678

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index-2.html
juvenin.com/micros0ft-help/secure-me/Alerts/ied/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash
35cd11a02f684b4828b1c84d53c1376cd48b2ec5991553041b7106582238fa47

Request headers

Host
juvenin.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Wed, 14 Aug 2019 20:23:39 GMT
Server
Apache
Last-Modified
Sun, 14 Jul 2019 04:49:04 GMT
Accept-Ranges
bytes
Cache-Control
max-age=600
Expires
Wed, 14 Aug 2019 20:33:39 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
5430
Keep-Alive
timeout=2, max=500
Connection
Keep-Alive
Content-Type
text/html
js
www.googletagmanager.com/gtag/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-77152316-11
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
249f13774603b1d28aaa9dabcce3f1462e3cfd52f89bcd8710206c609c4c7ec3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 14 Aug 2019 20:23:40 GMT
content-encoding
br
last-modified
Wed, 14 Aug 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
26583
x-xss-protection
0
expires
Wed, 14 Aug 2019 20:23:40 GMT
bootstrap.min.css
juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/bootstrap/3.3.7/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash
817c144a7de95c03dd00337f2e6c0011e9afa24044999d4c52615ee90a6765a8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 20:23:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jul 2019 00:09:24 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
19765
Expires
Fri, 13 Sep 2019 20:23:40 GMT
style.css
juvenin.com/micros0ft-help/secure-me/Alerts/ied/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/css/style.css
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash
d4d07b85079a57f75337e2fecd7b0b97ff18d38deb011e8b426261e36ca48b2a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 20:23:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jul 2019 00:08:52 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
1576
Expires
Fri, 13 Sep 2019 20:23:40 GMT
4.gif
juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/4.gif
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash
55fb6c15c95965e9e55de3fcee5ecdc43fdc842591d06f464b3184fa07d9f7b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 20:23:40 GMT
Last-Modified
Fri, 12 Jul 2019 00:09:10 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Content-Length
2085574
Expires
Fri, 13 Sep 2019 20:23:40 GMT
3.gif
juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/3.gif
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash
daeffe0383a7d3fca1c957b61aa3101ca1be7c308abcf654741762c1b39f0a0c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 20:23:40 GMT
Last-Modified
Fri, 12 Jul 2019 00:08:54 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=496
Content-Length
88638
Expires
Fri, 13 Sep 2019 20:23:40 GMT
rsod.png
juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/rsod.png
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash
606a248227b8bfb26e81383ad9d7fa4d01a31ed02a31b282dc57790cf285d42a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 20:23:41 GMT
Last-Modified
Fri, 12 Jul 2019 00:09:04 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=495
Content-Length
10908
Expires
Fri, 13 Sep 2019 20:23:41 GMT
335158-windows-8-window.png
juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/335158-windows-8-window.png
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash
312c6606235f1ba63b2141b812fef5398536390a76c85f5ab8bcc35a7aa8737e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 20:23:40 GMT
Last-Modified
Fri, 12 Jul 2019 00:08:56 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
28697
Expires
Fri, 13 Sep 2019 20:23:40 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.2.6/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
928f0f1361a114f4b965df98e1b4cc11a9766a5292a29c79f13318edc3461dbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 12 Aug 2019 22:53:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163782
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
16841
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Aug 2020 22:53:58 GMT
functions.js
juvenin.com/micros0ft-help/secure-me/Alerts/ied/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/js/functions.js
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash
20e3d98c79f2257ddfe8ff1cb1ceb585392a86528a7f5ba9aab98f0f08d14232

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 20:23:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jul 2019 23:32:10 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
878
Expires
Fri, 13 Sep 2019 20:23:40 GMT
silence.mp3
juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/ Frame E5B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/silence.mp3
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash

Request headers

Host
juvenin.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html

Response headers

Date
Wed, 14 Aug 2019 20:23:40 GMT
Server
Apache
Last-Modified
Fri, 12 Jul 2019 00:09:16 GMT
Accept-Ranges
bytes
Cache-Control
max-age=172800
Expires
Fri, 16 Aug 2019 20:23:40 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
54
Keep-Alive
timeout=2, max=499
Connection
Keep-Alive
Content-Type
audio/mpeg
sound.mp3
juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/ 		96 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/sound.mp3
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 14 Aug 2019 20:23:41 GMT
Last-Modified
Fri, 12 Jul 2019 00:09:18 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
audio/mpeg
Content-Range
bytes 0-269672/269673
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=496
Content-Length
269673
Expires
Fri, 16 Aug 2019 20:23:41 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77152316-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2019 21:35:27 GMT
server
Golfe2
age
3929
date
Wed, 14 Aug 2019 19:18:11 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17724
expires
Wed, 14 Aug 2019 21:18:11 GMT
truncated
/ 		992 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b9c6ade0b28f240327b929a25393f89d523903ed5de9530e561d029bb2e07da

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j78&a=1818152574&t=pageview&_s=1&dl=https%3A%2F%2Fjuvenin.com%2Fmicros0ft-help%2Fsecure-me%2FAlerts%2Fied%2Findex-2.html&ul=en-us&de=UTF-8&dt=Micro...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77152316-11&cid=243978390.1565814221&jid=1245993705&_gid=1565224282.1565814221&gjid=394871907&_v=j78&z=1775302678
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77152316-11&cid=243978390.1565814221&jid=1245993705&_gid=1565224282.1565814221&gjid=394871907&_v=j78&z=1775302678
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 14 Aug 2019 20:23:40 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Aug 2019 20:23:40 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-77152316-11&cid=243978390.1565814221&jid=1245993705&_gid=1565224282.1565814221&gjid=394871907&_v=j78&z=1775302678
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
background.png
juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/ 		181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/images/background.png
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash
bad5e73a01b18aff5a16206a44fedf7efff9c3c7ef83bd73d5e83a0a33b4edbd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 20:23:40 GMT
Last-Modified
Fri, 12 Jul 2019 00:08:58 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Content-Length
185238
Expires
Fri, 13 Sep 2019 20:23:40 GMT
silence.mp3
juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/ Frame E5B6 		144 B
537 B 		Media
General
Check archive.org
Download Go to
Full URL
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/silence.mp3
Requested by
Host: juvenin.com
URL: https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/index-2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.155.202 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.catchyserver.com
Software
Apache /
Resource Hash
46e9d3ff1254ccd8a6fc7e7a0d5fc0c4adbaa873cd7b2f874911578fab92e7fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://juvenin.com/micros0ft-help/secure-me/Alerts/ied/assets/audio/silence.mp3
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 14 Aug 2019 20:23:41 GMT
Last-Modified
Fri, 12 Jul 2019 00:09:16 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
audio/mpeg
Content-Range
bytes 0-143/144
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
144
Expires
Fri, 16 Aug 2019 20:23:41 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| confirmExit function| _toggleFullScreen function| catchControlKeys function| getBrowser function| getPopUp string| ua function| getEp function| prepareFrame function| open1 function| forceDownload object| modal object| btn object| span function| addEvent

0 Cookies