URL: http://botanic-moisture.000webhostapp.com/rep.php
Submission: On October 23 via automatic, source openphish — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 145.14.145.66, located in United States and belongs to AWEX, CY. The main domain is botanic-moisture.000webhostapp.com.
This is the only time botanic-moisture.000webhostapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 145.14.145.66 204915 (AWEX)
3 82.207.87.24 6849 (UKRTELNET)
1 104.19.185.120 13335 (CLOUDFLAR...)
5 3
Domain Requested by
3 rl.kam.gov.ua botanic-moisture.000webhostapp.com
rl.kam.gov.ua
1 cdn.000webhost.com botanic-moisture.000webhostapp.com
1 botanic-moisture.000webhostapp.com
5 3

This site contains links to these domains. Also see Links.

Domain
www.zimbra.com
blog.zimbra.com
wiki.zimbra.com
www.000webhost.com
Subject Issuer Validity Valid
rl.kam.gov.ua
R3
2021-08-22 -
2021-11-20
3 months crt.sh
*.000webhost.com
Sectigo RSA Domain Validation Secure Server CA
2020-12-14 -
2022-01-14
a year crt.sh

This page contains 1 frames:

Primary Page: http://botanic-moisture.000webhostapp.com/rep.php
Frame ID: 78F0F90839CC476A5A5BFCBE3194AA69
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Zimbra Web Client Sign In

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

28 kB
Transfer

84 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request rep.php
botanic-moisture.000webhostapp.com/
19 KB
8 KB
Document
General
Full URL
http://botanic-moisture.000webhostapp.com/rep.php
Protocol
HTTP/1.1
Server
145.14.145.66 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
6fbf867e27424b6689f3cd064c1ebe105010a15e7243480437c11752afb3344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
botanic-moisture.000webhostapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 23 Oct 2021 01:00:16 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
awex
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Request-ID
ca653fbbaa6d1befff2b4978c780c2d3
Content-Encoding
gzip
common,login,zhtml,skin.css
rl.kam.gov.ua/css/
58 KB
12 KB
Stylesheet
General
Full URL
https://rl.kam.gov.ua/css/common,login,zhtml,skin.css?skin=harmony&v=181221034353
Requested by
Host: botanic-moisture.000webhostapp.com
URL: http://botanic-moisture.000webhostapp.com/rep.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.207.87.24 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS
dndz.gov.ua
Software
nginx/1.6.2 /
Resource Hash
abfcdf52f8b9fe16fb4159c730c3e9e833e4a15b4c08ed78c371e6a2b0d9df3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://botanic-moisture.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 01:00:17 GMT
Content-Encoding
gzip
Server
nginx/1.6.2
X-Frame-Options
SAMEORIGIN
Vary
User-Agent, Accept-Encoding, User-Agent
Connection
keep-alive
Content-Type
text/css
Cache-Control
public, max-age=2595600
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;
Expires
Mon, 22 Nov 2021 02:00:17 GMT
ImgCritical_32.png
rl.kam.gov.ua/img/dwt/
2 KB
2 KB
Image
General
Full URL
https://rl.kam.gov.ua/img/dwt/ImgCritical_32.png
Requested by
Host: botanic-moisture.000webhostapp.com
URL: http://botanic-moisture.000webhostapp.com/rep.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.207.87.24 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS
dndz.gov.ua
Software
nginx/1.6.2 /
Resource Hash
dbe2ddb68a1551e50afee8edce02b19f9f86a0f43643fac32f66616bd10e30cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://botanic-moisture.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 01:00:17 GMT
Last-Modified
Fri, 21 Dec 2018 08:20:34 GMT
Server
nginx/1.6.2
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Cache-Control
public, max-age=2595600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1786
Expires
Mon, 22 Nov 2021 02:00:17 GMT
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/
2 KB
2 KB
Image
General
Full URL
https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by
Host: botanic-moisture.000webhostapp.com
URL: http://botanic-moisture.000webhostapp.com/rep.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.185.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://botanic-moisture.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 01:00:16 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=2046
content-disposition
inline; filename="footer-powered-by-000webhost-white2.webp"
cf-bgj
imgq:100,h2pri
x-hostinger-datacenter
srv
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1696
x-xss-protection
1; mode=block
last-modified
Mon, 18 Oct 2021 13:55:18 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"616d7cc6-7fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
image/webp
vary
Accept
cache-control
public, max-age=14400
x-hostinger-node
nl-srv-cdn1
accept-ranges
bytes
cf-ray
6a27070a8ed927b4-PRG
expires
Sat, 23 Oct 2021 05:00:16 GMT
LoginBanner_white.png
rl.kam.gov.ua/skins/_base/logos/
3 KB
4 KB
Image
General
Full URL
https://rl.kam.gov.ua/skins/_base/logos/LoginBanner_white.png?v=181221034353
Requested by
Host: rl.kam.gov.ua
URL: https://rl.kam.gov.ua/css/common,login,zhtml,skin.css?skin=harmony&v=181221034353
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.207.87.24 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS
dndz.gov.ua
Software
nginx/1.6.2 /
Resource Hash
8db258b55ceabeb5c9c8bf41f59a2743c579cfcee58c34cacc945ad9c01d6ef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rl.kam.gov.ua/css/common,login,zhtml,skin.css?skin=harmony&v=181221034353
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 01:00:17 GMT
Last-Modified
Fri, 21 Dec 2018 08:20:34 GMT
Server
nginx/1.6.2
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Cache-Control
public, max-age=2595600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3299
Expires
Mon, 22 Nov 2021 02:00:17 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| ZmSkin object| link function| clientChange function| showWhatsThis function| forgotPassword function| onLoad function| BaseSkin object| skin function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block