hotusermail.serv00.net
Open in
urlscan Pro
128.204.223.113
Malicious Activity!
Public Scan
Submission: On August 30 via api from GB — Scanned from JP
Summary
TLS certificate: Issued by R11 on July 1st 2024. Valid for: 3 months.
This is the only time hotusermail.serv00.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Ficohsa (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 128.204.223.113 128.204.223.113 | 57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-) | |
5 | 2600:9000:21b... 2600:9000:21b7:8e00:15:c281:3500:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 13.225.183.18 13.225.183.18 | 16509 (AMAZON-02) (AMAZON-02) | |
16 | 4 |
ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: web8.serv00.com
hotusermail.serv00.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-183-18.nrt57.r.cloudfront.net
ik.imagekit.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
imagekit.io
ik.imagekit.io — Cisco Umbrella Rank: 22881 |
64 KB |
2 |
serv00.net
hotusermail.serv00.net |
517 KB |
16 | 2 |
Domain | Requested by | |
---|---|---|
14 | ik.imagekit.io |
hotusermail.serv00.net
ik.imagekit.io |
2 | hotusermail.serv00.net | |
16 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.serv00.net R11 |
2024-07-01 - 2024-09-29 |
3 months | crt.sh |
*.imagekit.io Amazon RSA 2048 M02 |
2024-01-23 - 2025-02-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://hotusermail.serv00.net/
Frame ID: 309B8E45CDDD813B2EC9CC0083FEB4CD
Requests: 18 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
hotusermail.serv00.net/ |
514 KB 514 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.c67bb0d13128c5f91471.chunk.js.descarga
ik.imagekit.io/eruobiiei/fico/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.990395a18aee052a02cb.chunk.js.descarga
ik.imagekit.io/eruobiiei/fico/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prismaWeb.css
ik.imagekit.io/eruobiiei/fico/ |
117 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles51.css
ik.imagekit.io/eruobiiei/fico/ |
143 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flecha.png
ik.imagekit.io/eruobiiei/fico/ |
174 B 756 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
eluser.png
ik.imagekit.io/eruobiiei/fico/ |
328 B 785 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
clv.png
ik.imagekit.io/eruobiiei/fico/ |
254 B 709 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
keyboardLowerCaseLowContrast.png
ik.imagekit.io/eruobiiei/fico/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
13f6ebd6-3a21-4455-8ac2-f131aaf35295.png
ik.imagekit.io/eruobiiei/fico/ |
3 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
interr.png
ik.imagekit.io/eruobiiei/fico/ |
202 B 658 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cand.png
ik.imagekit.io/eruobiiei/fico/ |
168 B 623 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prisma_fonts.css
ik.imagekit.io/css/ |
0 0 |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
streamline.8d9b0fde522024284eb5.woff
ik.imagekit.io/eruobiiei/fico/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
streamline.e985056bc25713f2f8cd.ttf
ik.imagekit.io/eruobiiei/fico/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
hotusermail.serv00.net/ |
3 KB 3 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Ficohsa (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hotusermail.serv00.net
ik.imagekit.io
128.204.223.113
13.225.183.18
2600:9000:21b7:8e00:15:c281:3500:93a1
185e0b4bf2388eccaaf5cfd397a89c0e2e71f5e56e3829b992cba13ce709d44d
3bdc044e799f6dd6d6e86a8e9d1bcc2fedfa2ee267a7e2bcb75e42d512341ad8
486ffc246a0861ffd04d17b5a0fbc0d3c79e203824a081f5560105fa5d6f7064
88436ee02abcde53fd08809c6e7aaec8b429ca6f74a47f0203f802c2ca7cc2de
9e91bd7c3538bc0f97a916190324979ed7e728792a48e332b2f62a0d549a75c1
a9d1ec0d5a67772b2286a2db511a84ae75e754f93ac11a37046b64d904b6a231
ad29260c8f3f981b3fb5bc1201f1998289af3538b8dfc1dcb63f6d6bb407a809
b4b73366217f915ce371320f923955fe4cfc69f362312903d1f3bb51e0895abd
c349d8e4cca391434d0b5a22b89dde6e408c77bf71c4976e1b042e3f8b3be4a1
d4b62932da96f2e723714952390ba9e6ed5c3f44950280081f49bbad4bb9dba0
e7dc7bc328c5d5e566c094a77c621c757febb85f8eeac4821051b6f9792a852a
fa10e688206d34d4b293b1524cc091415c551daae4b73e3cc68d7398408edf62
fc2291859c08d39231ec31383d8857cc5523ea2364b9b151a78079c983b39c40