URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Tags: c2 malware blacknet
Submission: On December 28 via api from CA

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2a02:4780:dead:d85f::1, located in United States and belongs to AWEX, US. The main domain is davidaredetoate.000webhostapp.com.
This is the only time davidaredetoate.000webhostapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2a02:4780:dea... 204915 (AWEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
12 4
Domain
Subdomains
Transfer
9 000webhostapp.com
222 KB
1 gstatic.com
91 KB
1 000webhost.com
2 KB
1 google.com
816 B
12 4
Domain Requested by
9 davidaredetoate.000webhostapp.com davidaredetoate.000webhostapp.com
1 www.gstatic.com www.google.com
1 cdn.000webhost.com davidaredetoate.000webhostapp.com
1 www.google.com davidaredetoate.000webhostapp.com
12 4

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com
Subject / Issuer Validity Valid
www.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months
*.000webhost.com
COMODO RSA Domain Validation Secure Server CA
2018-10-19 -
2020-12-17
2 years
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set login.php
/BlackNET%20Panel
8 KB
3 KB
Document
General
Full URL
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d85f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
e9b49b55df99fd01ae05130599d6203f878c3a55f83c063ae4560167d0679200
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
davidaredetoate.000webhostapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 22:21:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PHPSESSID=cm3g96ubqggo9i6qcg61m9jf3e; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Server
awex
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Request-ID
3ed8a2aec0af45521b2680e07d0dc6bf
Content-Encoding
gzip
bootstrap.min.css
/BlackNET%20Panel/asset/vendor/bootstrap/css
156 KB
29 KB
Stylesheet
General
Full URL
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/asset/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: davidaredetoate.000webhostapp.com
URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d85f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 22:21:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Dec 2019 04:04:02 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
f8a3c268fab3abdfc72edd5d89109ae4
all.min.css
/BlackNET%20Panel/asset/vendor/fontawesome-free/css
56 KB
14 KB
Stylesheet
General
Full URL
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/asset/vendor/fontawesome-free/css/all.min.css
Requested by
Host: davidaredetoate.000webhostapp.com
URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d85f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 22:21:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Dec 2019 04:04:04 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
e6f4d27f481f5b0898570585852296f7
sb-admin.css
/BlackNET%20Panel/asset/css
215 KB
36 KB
Stylesheet
General
Full URL
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/asset/css/sb-admin.css
Requested by
Host: davidaredetoate.000webhostapp.com
URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d85f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
19958ea17fa4e2911a651494b9741fcc59dc9f43833c15a88573f356b30d6f36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 22:21:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Dec 2019 04:04:00 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
d283487d0bc41114059ceaed1404078a
jquery.min.js
/BlackNET%20Panel/asset/vendor/jquery
86 KB
35 KB
Script
General
Full URL
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/asset/vendor/jquery/jquery.min.js
Requested by
Host: davidaredetoate.000webhostapp.com
URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d85f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 22:21:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Dec 2019 04:04:28 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
0dd3268854e0816269b8d0d4b0eb75ec
bootstrap.bundle.min.js
/BlackNET%20Panel/asset/vendor/bootstrap/js
79 KB
27 KB
Script
General
Full URL
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/asset/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: davidaredetoate.000webhostapp.com
URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d85f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 22:21:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Dec 2019 04:04:02 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
e0d85fc54dc82a1578e5f5af4974e2de
jquery.easing.min.js
/BlackNET%20Panel/asset/vendor/jquery-easing
2 KB
1 KB
Script
General
Full URL
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/asset/vendor/jquery-easing/jquery.easing.min.js
Requested by
Host: davidaredetoate.000webhostapp.com
URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d85f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 22:21:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Dec 2019 04:04:28 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
0ccbdeacfcf2b6b53fbc8650181130a1
sb-admin.min.js
/BlackNET%20Panel/asset/js
930 B
1 KB
Script
General
Full URL
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/asset/js/sb-admin.min.js
Requested by
Host: davidaredetoate.000webhostapp.com
URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d85f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
6cfcd622c16bf43a40626edd168b4f5d23dfe5584a9a5a166074e5d6a1fa71e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Dec 2019 22:21:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Dec 2019 04:04:01 GMT
Server
awex
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
930
X-Xss-Protection
1; mode=block
X-Request-ID
dcd1f375b78617a8ae5edbb77651d75d
api.js
www.google.com/recaptcha
729 B
816 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: davidaredetoate.000webhostapp.com
URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
f56590ff7b66d0ef4efd7f17a3884b0a4a90da850ec6e561492b7f3fc1e72967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 22:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
462
x-xss-protection
1; mode=block
expires
Sat, 28 Dec 2019 22:21:32 GMT
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo
2 KB
2 KB
Image
General
Full URL
https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by
Host: davidaredetoate.000webhostapp.com
URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:442e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Dec 2019 22:21:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3233
cf-polished
origFmt=png, origSize=2046
status
200
content-disposition
inline; filename="footer-powered-by-000webhost-white2.webp"
strict-transport-security
max-age=2592000
x-hostinger-datacenter
srv
content-length
1696
x-xss-protection
1; mode=block
last-modified
Mon, 23 Dec 2019 15:46:19 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"5e00e14b-7fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cf-bgj
imgq:100
cache-control
public, max-age=14400
x-hostinger-node
nl-srv-cdn1
accept-ranges
bytes
cf-ray
54c6ed87be91d6b5-FRA
expires
Sun, 29 Dec 2019 02:21:32 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn
254 KB
91 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c2cca14e4dbf2994f90b91ef01ec4d6eb6b560b429d028317d624d9b5f4bdcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 17:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Dec 2019 05:03:14 GMT
server
sffe
age
1657878
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
92878
x-xss-protection
0
expires
Tue, 08 Dec 2020 17:50:15 GMT
fa-solid-900.woff2
/BlackNET%20Panel/asset/vendor/fontawesome-free/webfonts
74 KB
74 KB
Font
General
Full URL
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/asset/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by
Host: davidaredetoate.000webhostapp.com
URL: http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/login.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d85f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://davidaredetoate.000webhostapp.com/BlackNET%20Panel/asset/vendor/fontawesome-free/css/all.min.css
Origin
http://davidaredetoate.000webhostapp.com

Response headers

Date
Sat, 28 Dec 2019 22:21:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Dec 2019 04:04:28 GMT
Server
awex
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75728
X-Xss-Protection
1; mode=block
X-Request-ID
0c67b80b3fe9fd8a35f6da164446d91f

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| bootstrap object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage object| recaptcha

1 Cookies

Domain/Path Name / Value
davidaredetoate.000webhostapp.com/ Name: PHPSESSID
Value: cm3g96ubqggo9i6qcg61m9jf3e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block