![](/screenshots/6831d7ba-da73-4d44-a349-0f8fd888057c.png)
spamgramx.000webhostapp.com
Open in
urlscan Pro
2a02:4780:dead:9f26::1
Malicious Activity!
Public Scan
Effective URL: https://spamgramx.000webhostapp.com/
Submission: On June 26 via api from US — Scanned from DE
Summary
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on July 11th 2023. Valid for: a year.
This is the only time spamgramx.000webhostapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Instagram (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2a02:4780:dea... 2a02:4780:dead:9f26::1 | 204915 (AWEX) (AWEX) | |
13 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
000webhostapp.com
spamgramx.000webhostapp.com |
372 KB |
0 |
000webhost.com
Failed
www.000webhost.com Failed |
|
13 | 2 |
Domain | Requested by | |
---|---|---|
12 | spamgramx.000webhostapp.com |
spamgramx.000webhostapp.com
|
0 | www.000webhost.com Failed |
spamgramx.000webhostapp.com
|
13 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
www.instagram.com |
play.google.com |
about.meta.com |
about.instagram.com |
help.instagram.com |
developers.facebook.com |
www.threads.net |
www.000webhost.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.000webhostapp.com RapidSSL TLS RSA CA G1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://spamgramx.000webhostapp.com/
Frame ID: 5EC1CA8800D95404DF54071E7DFC7603
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/6831d7ba-da73-4d44-a349-0f8fd888057c.png)
Page Title
InstagramPage URL History Show full URLs
-
http://spamgramx.000webhostapp.com/
HTTP 307
https://spamgramx.000webhostapp.com/ Page URL
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Facebook ile Giriş yap
Search URL Search Domain Scan URL
Title: Şifreni mi unuttun?
Search URL Search Domain Scan URL
Title: Kaydol
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Meta
Search URL Search Domain Scan URL
Title: Hakkında
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: İş Fırsatları
Search URL Search Domain Scan URL
Title: Yardım
Search URL Search Domain Scan URL
Title: API
Search URL Search Domain Scan URL
Title: Gizlilik
Search URL Search Domain Scan URL
Title: Koşullar
Search URL Search Domain Scan URL
Title: Konumlar
Search URL Search Domain Scan URL
Title: Instagram Lite
Search URL Search Domain Scan URL
Title: Threads
Search URL Search Domain Scan URL
Title: Kişi Yükleme ve Hesabı Olmayan Kişiler
Search URL Search Domain Scan URL
Title: Meta Verified
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://spamgramx.000webhostapp.com/
HTTP 307
https://spamgramx.000webhostapp.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
spamgramx.000webhostapp.com/ Redirect Chain
|
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylex.css
spamgramx.000webhostapp.com/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ItTndlZM2n2.png
spamgramx.000webhostapp.com/img/ |
42 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screenshot2.png
spamgramx.000webhostapp.com/img/ |
51 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Instafont.png
spamgramx.000webhostapp.com/fonts/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb-favicon.jpg
spamgramx.000webhostapp.com/img/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c5Rp7Ym-Klz.png
spamgramx.000webhostapp.com/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EHY6QnZYdNX.png
spamgramx.000webhostapp.com/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
powered-by-000webhost.png
www.000webhost.com/static/default.000webhost.com/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InstagramSans-Medium.ttf
spamgramx.000webhostapp.com/fonts/ |
72 KB 72 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InstagramSans-Regular.ttf
spamgramx.000webhostapp.com/fonts/ |
72 KB 73 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InstagramSans-Light.ttf
spamgramx.000webhostapp.com/fonts/ |
73 KB 73 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lswP1OF1o6P.png
spamgramx.000webhostapp.com/img/ |
11 KB 11 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.000webhost.com
- URL
- https://www.000webhost.com/static/default.000webhost.com/images/powered-by-000webhost.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Instagram (Social Network)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
spamgramx.000webhostapp.com
www.000webhost.com
www.000webhost.com
2a02:4780:dead:9f26::1
0349d44cde0a29ee588cd1df184aa3b8f03da35c88bbe1155f0d1ffd19165b26
068373d646cb104089e3620a37f5880a3da9ef200f38e0bc329bf068fe773656
3a765fbc1608b2d5d8c3d8aa1d1d5dc302e278fcab91bc0fdc5f180c2bf8f0fd
4f4c0ebb5150db9096ce3e4edb754966f91c84bc840ea6b9240aa81c9bb5154b
539f4fef1f1f88806e29cca1af3ebd92a0b928d1885178fc6f9e7b173d231f26
5f5657fa752d46728eda93763c41969ed1a22476b140d5fc92686ac00c70383c
7ad8498fcc83f0cf754e7af0e03b8e73a937514c16ef59d7f20342d1a6d30a4c
89152c6b5d650050e542912484e0367ffbe7c6080e1b762fafb3c3aa93b91189
923d80c7ae9a06d102f46b3e47564fa6fadd9a2f3dd3633cc19ac5eeb25bd4ad
a2ff547438b4c7ada3f6dec48e6c8593fa86ccb2cb7f5c30ba4c6bd4d3b99179
b4e6b722bc0c85334f4d06608f5e775167fc07c025e3ac12ea3a740f913f3acc
fd36a290ac7d9900fa706948c57d7079e38b509e69a9654e9d18c63c796510a1