onservlves.serv00.net Open in urlscan Pro
128.204.223.113 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onservlves.serv00.net/
Submission: On September 14 via manual (September 14th 2024, 5:38:04 pm UTC) from DO — Scanned from PL

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 128.204.223.113, located in Poland and belongs to ECO-ATMAN-PL ECO-ATMAN-, PL. The main domain is onservlves.serv00.net.
TLS certificate: Issued by R11 on July 1st 2024. Valid for: 3 months.

This is the only time onservlves.serv00.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
7	128.204.223.113 128.204.223.113	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
5	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2

7 128.204.223.113 (Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: web8.serv00.com

onservlves.serv00.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	serv00.net onservlves.serv00.net	417 KB
5	fontawesome.com ka-f.fontawesome.com — Cisco Umbrella Rank: 5344	177 KB
12	2

	Domain	Requested by
7	onservlves.serv00.net	onservlves.serv00.net
5	ka-f.fontawesome.com	onservlves.serv00.net
12	2

This site contains no links.

Subject Issuer	Validity	Valid
*.serv00.net R11	`2024-07-01` - `2024-09-29`	3 months	crt.sh
ka-f.fontawesome.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://onservlves.serv00.net/
Frame ID: DFC803E0786FECD3A1DCF35F3E9A7294
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inicio

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

595 kB
Transfer

693 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response onservlves.serv00.net/	2 KB 2 KB	401ms 161ms	Document text/html	128.204.223.113 ECO-ATMAN-PL ECO-...
General Check archive.org Show headers Download Go to Full URL https://onservlves.serv00.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 128.204.223.113 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL), Reverse DNS web8.serv00.com Software nginx / PHP/8.1.29 Resource Hash `6d139c3115ef0721d09ae9ca2da8e31186228a67f355f2b0425c067b3709b997` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-type text/html; charset=UTF-8 date Sat, 14 Sep 2024 17:37:59 GMT server nginx x-powered-by PHP/8.1.29
GET H2	200	index.css onservlves.serv00.net/arch/	3 KB 3 KB	117ms 116ms	Stylesheet text/css	128.204.223.113 ECO-ATMAN-PL ECO-...
General Check archive.org Show headers Download Go to Full URL https://onservlves.serv00.net/arch/index.css Requested by Host: onservlves.serv00.net URL: https://onservlves.serv00.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 128.204.223.113 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL), Reverse DNS web8.serv00.com Software nginx / Resource Hash `8bc0ba67fa8fc1e6a5f3a83250fa02aa6a635602d5b4060e6f5975fb43645962` Request headers Referer https://onservlves.serv00.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:37:59 GMT last-modified Mon, 21 Nov 2022 16:42:03 GMT server nginx accept-ranges bytes etag "637baa5b-ce5" content-length 3301 content-type text/css
GET H2	200	logo.png onservlves.serv00.net/arch/	1 KB 1 KB	115ms 114ms	Image image/png	128.204.223.113 ECO-ATMAN-PL ECO-...
General Check archive.org Show headers Download Go to Show image Full URL https://onservlves.serv00.net/arch/logo.png Requested by Host: onservlves.serv00.net URL: https://onservlves.serv00.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 128.204.223.113 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL), Reverse DNS web8.serv00.com Software nginx / Resource Hash `0268dfa7fe8087f128d440c90568ec97f58a8106a75a873e95c99ade6f782f94` Request headers Referer https://onservlves.serv00.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:37:59 GMT last-modified Sat, 22 Oct 2022 00:32:49 GMT server nginx accept-ranges bytes etag "63533a31-55b" content-length 1371 content-type image/png
GET H2	200	4a03c8ce1f.js Show response onservlves.serv00.net/arch/	11 KB 11 KB	116ms 116ms	Script application/javascript	128.204.223.113 ECO-ATMAN-PL ECO-...
General Check archive.org Show headers Download Go to Full URL https://onservlves.serv00.net/arch/4a03c8ce1f.js Requested by Host: onservlves.serv00.net URL: https://onservlves.serv00.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 128.204.223.113 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL), Reverse DNS web8.serv00.com Software nginx / Resource Hash `6b6269b202721230c8818a5bf4dab7049879bb5dd8e29b16c9f81492ee4f6535` Request headers Referer https://onservlves.serv00.net/ Origin https://onservlves.serv00.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:37:59 GMT last-modified Mon, 21 Nov 2022 16:28:47 GMT server nginx accept-ranges bytes etag "637ba73f-2b10" content-length 11024 content-type application/javascript
GET H2	200	functions.js Show response onservlves.serv00.net/arch/	2 KB 2 KB	115ms 114ms	Script application/javascript	128.204.223.113 ECO-ATMAN-PL ECO-...
General Check archive.org Show headers Download Go to Full URL https://onservlves.serv00.net/arch/functions.js Requested by Host: onservlves.serv00.net URL: https://onservlves.serv00.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 128.204.223.113 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL), Reverse DNS web8.serv00.com Software nginx / Resource Hash `1fe3aa4db1e71d7b765041ef9728d0d241c85a995c0129e2037285f048574f00` Request headers Referer https://onservlves.serv00.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:37:59 GMT last-modified Mon, 21 Nov 2022 17:04:56 GMT server nginx accept-ranges bytes etag "637bafb8-871" content-length 2161 content-type application/javascript
GET H2	200	fondo.png onservlves.serv00.net/arch/	394 KB 394 KB	128ms 127ms	Image image/png	128.204.223.113 ECO-ATMAN-PL ECO-...
General Check archive.org Show headers Download Go to Show image Full URL https://onservlves.serv00.net/arch/fondo.png Requested by Host: onservlves.serv00.net URL: https://onservlves.serv00.net/arch/index.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 128.204.223.113 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL), Reverse DNS web8.serv00.com Software nginx / Resource Hash `1952f2d7ec428aa08d086521dc27f72e64d5dedd6909be115155881b91765b12` Request headers Referer https://onservlves.serv00.net/arch/index.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:37:59 GMT last-modified Sat, 22 Oct 2022 00:26:48 GMT server nginx accept-ranges bytes etag "635338c8-627a9" content-length 403369 content-type image/png
GET H3	200	free.min.css Show response ka-f.fontawesome.com/releases/v6.2.0/css/	100 KB 22 KB	197ms 100ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.0/css/free.min.css?token=4a03c8ce1f Requested by Host: onservlves.serv00.net URL: https://onservlves.serv00.net/arch/4a03c8ce1f.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c1081c5c02309927ef4aa2929fc0e14122fb47302d81ea4118acb9d643a1c65e` Request headers Referer https://onservlves.serv00.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:37:59 GMT content-encoding gzip via 1.1 44a23a2f4d4e9659f5b008d1f39e1318.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop WAW51-P3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 30 Aug 2022 16:04:58 GMT server cloudflare etag W/"0fb4e5b70c498af98f246511192b899d" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZF%2FoRAbi4CQ19%2Bbxivs%2FVtNBZYLWlsnOYws%2BwDL3%2BGkmC2cgCj1%2FUeopqBlxCzo0VSs%2B4pl6KJKwFRgOE3BiVNlzQMKDylRwUwDLzfxqkIruiytjkCsgqq7TUHVVZS3oWv%2FFkSCZmg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 8c3225ea49c1c3f4-WAW access-control-allow-headers fa-kit-token x-amz-cf-id q-TYn7RJmzLLUZ2FtTuGfpKWeXBO8R-eLGIBj_IVolebo1BrDOwNJA==
GET H3	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v6.2.0/css/	27 KB 5 KB	490ms 393ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-shims.min.css?token=4a03c8ce1f Requested by Host: onservlves.serv00.net URL: https://onservlves.serv00.net/arch/4a03c8ce1f.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c6c1651291bdbeeaf76023bf75ea9e024acecc85244905df86a5bd98e294e3c0` Request headers Referer https://onservlves.serv00.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:37:59 GMT content-encoding gzip via 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop VIE50-P1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 30 Aug 2022 16:04:58 GMT server cloudflare etag W/"58dea8f45bf2685132179a837507637a" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtuybFJn5MpWBoVyzXYpX0PTzgAMibDf7Rpl2zn5hU3jy2PqdizgJRlUzHR4eep7yHfLGoQQ99JHEOYbzrzJJVijiQ0sRZ5CpbtYti8FzBpe0%2FDWRHS7bLAoej3Ty0SJfEO3wysgGw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 8c3225ea49c5c3f4-WAW access-control-allow-headers fa-kit-token x-amz-cf-id 5zIM0RCxroX6jG0FdQqu_LdpcgIT1tolCM3Hkp5fL5dNJjE9o_KswA==
GET H3	200	free-v5-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.2.0/css/	823 B 955 B	265ms 168ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.0/css/free-v5-font-face.min.css?token=4a03c8ce1f Requested by Host: onservlves.serv00.net URL: https://onservlves.serv00.net/arch/4a03c8ce1f.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `17e97452418b8595f162bfbd40f3fb96d1153cda5d2b0a49b0d0a05b01fce385` Request headers Referer https://onservlves.serv00.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:37:59 GMT via 1.1 08a2794556cdd396493f9dc2fa3e6ea4.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop WAW51-P3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 30 Aug 2022 16:04:58 GMT server cloudflare etag W/"e2e288c32f411dc30c0c399302a30654" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddcHO4qq92yh6mhBCOJAiEGjBltgNISVMorXwM6S0MzW1GELiVTcfrGSKj54XQG%2BdRV%2FfXi%2FbSoXbePD9wL8OiwhK%2Fm7neXOqNzH3p1GTSqkdG0SmkjWjkeQvA7fLUUj%2BvoxZbkNOw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 8c3225ea49bec3f4-WAW access-control-allow-headers fa-kit-token x-amz-cf-id C8ILaqB3YuqqvuPkCJwGT45tBjTTeBDHjdoXl0UtEVlffotDOh493g==
GET H3	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.2.0/css/	2 KB 1 KB	264ms 168ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-font-face.min.css?token=4a03c8ce1f Requested by Host: onservlves.serv00.net URL: https://onservlves.serv00.net/arch/4a03c8ce1f.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `657b38d408d6552df456c765be754c08e6dee14da828fcfc3a05d25567d01521` Request headers Referer https://onservlves.serv00.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:37:59 GMT content-encoding gzip via 1.1 a510ce56c300e2d885e99cf42a868640.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop WAW51-P3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 30 Aug 2022 16:04:58 GMT server cloudflare etag W/"a0adfe3c7bd1fa905b7f3b5ecea27889" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ohEZ736XMTKiB1pTxSm2xuZ%2FBASqPuJ14D01VrXHOZAgloolFlr5W2zdZr1WlRJh%2Fh3HyIbEYnIgOFavnMnFoJ9%2BiH8JGyPg55LrQpuT98Di6%2BBklysbHWieMlFeoQ2eYz3M%2F4M%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 8c3225ea49bcc3f4-WAW access-control-allow-headers fa-kit-token x-amz-cf-id i-o3szQDG68bHynEy7XRM4wiESf4dTKq1vDuyWmaPIalyqSUtSgfIg==
GET H3	200	free-fa-solid-900.woff2 ka-f.fontawesome.com/releases/v6.2.0/webfonts/	147 KB 148 KB	90ms 90ms	Font font/woff2	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.0/webfonts/free-fa-solid-900.woff2 Requested by Host: onservlves.serv00.net URL: https://onservlves.serv00.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ad28ece0bf48b1488c82aaf700201d7f6b56a62e11b5b6a0a12481780c8a3417` Request headers Referer https://onservlves.serv00.net/ Origin https://onservlves.serv00.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:37:59 GMT via 1.1 116bbd3369f3a47b2d68a49a57fa7b40.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop WAW51-P3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 150456 last-modified Tue, 30 Aug 2022 16:15:00 GMT server cloudflare etag "822fa3f2f51f169c970f713b88158737" access-control-max-age 3000 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FLw07yJuKabcVijpd7Wl6JWL%2BWUSoK%2FMoMZ0WdVcCCCkgbZJuH6mtyMI%2B5L97dh8AYov3veFXPT189OJuyFshvW7uYxhTbZrN4OyaFkoI%2BR%2BVXND9Fk85Vk1asMwzHGtafX5FzGBQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding accept-ranges bytes cf-ray 8c3225ecce65c3f4-WAW access-control-allow-headers fa-kit-token x-amz-cf-id XehbevnEw5ICeImOFRnGTSpgU_WH4VyeGOCrVZ0bjTdKLF_pjWHxMw==
GET H2	404	favicon.ico onservlves.serv00.net/	3 KB 3 KB	128ms 127ms	Other text/html	128.204.223.113 ECO-ATMAN-PL ECO-...
General Check archive.org Show headers Download Go to Full URL https://onservlves.serv00.net/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 128.204.223.113 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL), Reverse DNS web8.serv00.com Software nginx / Resource Hash `d4b62932da96f2e723714952390ba9e6ed5c3f44950280081f49bbad4bb9dba0` Request headers Referer https://onservlves.serv00.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:38:00 GMT server nginx etag "66a90474-a55" content-length 2645 content-type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://onservlves.serv00.net/(Line 6) Message: The key "minimun-sacale" is not recognized and ignored.
recommendation	verbose	URL: https://onservlves.serv00.net/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://onservlves.serv00.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ka-f.fontawesome.com
onservlves.serv00.net
128.204.223.113
172.67.139.119
0268dfa7fe8087f128d440c90568ec97f58a8106a75a873e95c99ade6f782f94
17e97452418b8595f162bfbd40f3fb96d1153cda5d2b0a49b0d0a05b01fce385
1952f2d7ec428aa08d086521dc27f72e64d5dedd6909be115155881b91765b12
1fe3aa4db1e71d7b765041ef9728d0d241c85a995c0129e2037285f048574f00
657b38d408d6552df456c765be754c08e6dee14da828fcfc3a05d25567d01521
6b6269b202721230c8818a5bf4dab7049879bb5dd8e29b16c9f81492ee4f6535
6d139c3115ef0721d09ae9ca2da8e31186228a67f355f2b0425c067b3709b997
8bc0ba67fa8fc1e6a5f3a83250fa02aa6a635602d5b4060e6f5975fb43645962
ad28ece0bf48b1488c82aaf700201d7f6b56a62e11b5b6a0a12481780c8a3417
c1081c5c02309927ef4aa2929fc0e14122fb47302d81ea4118acb9d643a1c65e
c6c1651291bdbeeaf76023bf75ea9e024acecc85244905df86a5bd98e294e3c0
d4b62932da96f2e723714952390ba9e6ed5c3f44950280081f49bbad4bb9dba0

onservlves.serv00.net Open in urlscan Pro 128.204.223.113 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

595 kBTransfer

693 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

onservlves.serv00.net Open in urlscan Pro
128.204.223.113 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

595 kB
Transfer

693 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!