battered-maximums.000webhostapp.com Open in urlscan Pro
2a02:4780:dead:ed11::1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://battered-maximums.000webhostapp.com/
Effective URL:
https://battered-maximums.000webhostapp.com/
Submission: On September 23 via api (September 23rd 2024, 11:04:34 pm UTC) from BE — Scanned from DE

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 2a02:4780:dead:ed11::1, located in United States and belongs to AWEX, CY. The main domain is battered-maximums.000webhostapp.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on August 7th 2024. Valid for: a year.

This is the only time battered-maximums.000webhostapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco de Crédito del Perú (Banking)

Domain & IP information

	IP Address		AS Autonomous System
24	2a02:4780:dea... 2a02:4780:dead:ed11::1		204915 (AWEX) (AWEX)
25	2

24 2a02:4780:dead:ed11::1 (United States)

ASN204915 (AWEX, CY)

battered-maximums.000webhostapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	000webhostapp.com battered-maximums.000webhostapp.com	242 KB
0	000webhost.com Failed www.000webhost.com Failed
25	2

	Domain	Requested by
24	battered-maximums.000webhostapp.com	battered-maximums.000webhostapp.com
0	www.000webhost.com Failed	battered-maximums.000webhostapp.com
25	2

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com

Subject Issuer	Validity	Valid
*.000webhostapp.com RapidSSL TLS RSA CA G1	`2024-08-07` - `2025-07-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://battered-maximums.000webhostapp.com/
Frame ID: AC5AF084E0C299B4E988BA53C016E0B9
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BPC al instante

Page URL History Show full URLs

http://battered-maximums.000webhostapp.com/ HTTP 307
https://battered-maximums.000webhostapp.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Page Statistics

25
Requests

96 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

242 kB
Transfer

661 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.000webhost.com/?utm_source=000webhostapp&utm_campaign=000_logo&utm_medium=website&utm_content=footer_img

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://battered-maximums.000webhostapp.com/ HTTP 307
https://battered-maximums.000webhostapp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
battered-maximums.000webhostapp.com/
Redirect Chain

http://battered-maximums.000webhostapp.com/
https://battered-maximums.000webhostapp.com/

23 KB
7 KB

1124ms
848ms

Document
text/html

2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

a8a89ae420b00d05f8a7ec3c408cdcdbcdaca60545c1069bc97ad1fdb76481f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 23 Sep 2024 23:04:30 GMT
server: awex
x-content-type-options: nosniff
x-request-id: b21e7ea3f04569f055f5e20d5f5a93c2
x-xss-protection: 1; mode=block

Redirect headers

Location: https://battered-maximums.000webhostapp.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style.css
battered-maximums.000webhostapp.com/wp-content/ 252 KB
37 KB 233ms
232ms Stylesheet
text/css 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/wp-content/style.css

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

f595038b919c831cc492dc7ef842005e977e96f232802d796fc12787ebaf5074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: b40039b5bd6d7adebfb8a5462406546f
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Thu, 07 Sep 2023 01:30:43 GMT
server: awex

GET
H2 200 scri.js Show response
battered-maximums.000webhostapp.com/wp-content/ 23 KB
5 KB 348ms
347ms Script
application/javascript 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/wp-content/scri.js

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

53f7460c032645bee48db7161aed2645f132b9ee8f3727a80f53118f54b3fab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: 6431df2d1080c97f3fd712b37287e36e
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 01:30:41 GMT
server: awex

GET
H2 200 cascade.css
battered-maximums.000webhostapp.com/wp-content/ 189 KB
38 KB 117ms
117ms Stylesheet
text/css 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

85d8a7f6f7b62f1d6d2d299675e3ed9223f13a1517c52e871c94d009812db148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: 2e7779d1e5ea40ec7e59857c34ea2393
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Thu, 07 Sep 2023 01:30:40 GMT
server: awex

GET
H2 200 bcp-dark-default.svg
battered-maximums.000webhostapp.com/wp-content/ 5 KB
3 KB 117ms
116ms Image
image/svg+xml 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://battered-maximums.000webhostapp.com/wp-content/bcp-dark-default.svg

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

449a762acaaea4a237d5e28917804f7e47f666244014dea10b814bc2930b2737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: 3869eb80b775531cc793e89201686349
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Thu, 07 Sep 2023 01:30:39 GMT
server: awex

GET
H2 200 ppl-3@2x.png
battered-maximums.000webhostapp.com/wp-content/ 138 KB
139 KB 346ms
346ms Image
image/png 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://battered-maximums.000webhostapp.com/wp-content/ppl-3@2x.png

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

27817cc668bec9c1bf7121be792e394b2e429ed7f1e2cd8ed40bfa198b947260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: 01f0c84ad1d02cbb066c2fcda2036a95
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 141453
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Thu, 07 Sep 2023 01:30:41 GMT
server: awex

GET
H2 200 spots-b-bill-three-d.svg
battered-maximums.000webhostapp.com/wp-content/ 2 KB
1 KB 342ms
342ms Image
image/svg+xml 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://battered-maximums.000webhostapp.com/wp-content/spots-b-bill-three-d.svg

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

6ebf0b01b6a6b91ee30ee25f898210abaf1bd00458d5268b2751d1183b42cbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: cfe90befc17c8ef7ef6918030309115a
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Thu, 07 Sep 2023 01:30:42 GMT
server: awex

GET
H2 200 spots-p-padlock-d.svg
battered-maximums.000webhostapp.com/wp-content/ 622 B
837 B 118ms
117ms Image
image/svg+xml 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://battered-maximums.000webhostapp.com/wp-content/spots-p-padlock-d.svg

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

ab08f8acb8445fa0fe3792059ad3c9feb64b4d56bc78b7caa47fb0484e3841e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: 88c84c7ec4bf71e5eb32b83c690124dc
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 622
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Thu, 07 Sep 2023 01:30:42 GMT
server: awex

GET
H2 200 spots-l-list-circle-d.svg
battered-maximums.000webhostapp.com/wp-content/ 1 KB
801 B 117ms
116ms Image
image/svg+xml 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://battered-maximums.000webhostapp.com/wp-content/spots-l-list-circle-d.svg

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

3248b5d2f2827c6b2e53afcce755ee9be9fbd573a68c09be815c85c0a15ba595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: b9711d097694bd092c5130d474e0a375
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Thu, 07 Sep 2023 01:30:42 GMT
server: awex

GET
H2 200 bcp-dark-grey.svg
battered-maximums.000webhostapp.com/wp-content/ 5 KB
3 KB 118ms
117ms Image
image/svg+xml 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://battered-maximums.000webhostapp.com/wp-content/bcp-dark-grey.svg

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

beb64a7f93a96115e3c678b68b88b90cc9befa5c6d8e57e284c8d65ea580a910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: 6ad188fc42ef16a8a43813a8706bbad0
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Thu, 07 Sep 2023 01:30:39 GMT
server: awex

GET
H2 200 logo-bcp-light.svg
battered-maximums.000webhostapp.com/wp-content/ 3 KB
1 KB 119ms
118ms Image
image/svg+xml 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://battered-maximums.000webhostapp.com/wp-content/logo-bcp-light.svg

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

7f9ee038a38db61ebd460cbed974116269b13885c3099519b3f6fe6551a77270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: ef1d3338d78ac412596f3b4b3a12fdda
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Thu, 07 Sep 2023 01:30:40 GMT
server: awex

GET powered-by-000webhost.png
www.000webhost.com/static/default.000webhost.com/images/ 0
0

GET
H2 404 242863_3_0.woff2
battered-maximums.000webhostapp.com/fonkis/ 0
0 119ms
118ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/fonkis/242863_3_0.woff2

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: f258d224b615e211799b272eff19c71c
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 242863_C_0.woff2
battered-maximums.000webhostapp.com/fonkis/ 0
0 117ms
116ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/fonkis/242863_C_0.woff2

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: b72a26951d326ea8cdbc24df44e28584
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 icons.woff2
battered-maximums.000webhostapp.com/fonkis/ 0
0 118ms
117ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/fonkis/icons.woff2

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: d5983cef9c4cdc3a326bdb6c63f939bb
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 242863_E_0.woff2
battered-maximums.000webhostapp.com/fonkis/ 0
0 119ms
119ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/fonkis/242863_E_0.woff2

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: bc888b239af695c50419dfccd5da6bd7
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 242863_C_0.woff
battered-maximums.000webhostapp.com/assets/fonts/flexo/ 0
0 116ms
115ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/assets/fonts/flexo/242863_C_0.woff

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: c91952ed81c1cef9f9ed53d629953642
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 icons.woff
battered-maximums.000webhostapp.com/assets/fonts/icons/ 0
0 116ms
116ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/assets/fonts/icons/icons.woff

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: bec5d17e4ab65c34d810fbf1cf03bc20
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 242863_3_0.woff
battered-maximums.000webhostapp.com/assets/fonts/flexo/ 0
0 117ms
116ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/assets/fonts/flexo/242863_3_0.woff

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: e1b9463d919e93dc90fc2fac09d5b8c1
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 242863_E_0.woff
battered-maximums.000webhostapp.com/fonkis/ 0
0 117ms
117ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/fonkis/242863_E_0.woff

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: ad4244b9f061e0ea5efd53104a2f9f76
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 242863_C_0.ttf
battered-maximums.000webhostapp.com/assets/fonts/flexo/ 0
0 116ms
115ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/assets/fonts/flexo/242863_C_0.ttf

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: 1c010e2b1df07c11d811260c66426f87
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 icons.ttf
battered-maximums.000webhostapp.com/fonkis/ 0
0 116ms
116ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/fonkis/icons.ttf

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: c557a32eb11a397f0fcfd443901c91cf
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 242863_3_0.ttf
battered-maximums.000webhostapp.com/assets/fonts/flexo/ 0
0 118ms
118ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/assets/fonts/flexo/242863_3_0.ttf

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: 1dacae7166def214af3d2b690a27fb61
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 242863_E_0.ttf
battered-maximums.000webhostapp.com/fonkis/ 0
0 118ms
118ms Font
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/fonkis/242863_E_0.ttf

Requested by

Host: battered-maximums.000webhostapp.com
URL: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://battered-maximums.000webhostapp.com
Referer: https://battered-maximums.000webhostapp.com/wp-content/cascade.css

Response headers

x-request-id: 2316da54467e64afdf5b5f6bb80c32ca
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

GET
H2 404 favicon.ico
battered-maximums.000webhostapp.com/ 20 KB
6 KB 116ms
116ms Other
text/html 2a02:4780:dead:ed11::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://battered-maximums.000webhostapp.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:ed11::1 , United States, ASN204915 (AWEX, CY),

Reverse DNS

Software

awex /

Resource Hash

a0b0f284e4a2b29dae8110e9fefbcc27c11eeba177cb93bdea9af10f07c87d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://battered-maximums.000webhostapp.com/

Response headers

x-request-id: b0772d87d186f021293770457bc07c60
content-encoding: gzip
date: Mon, 23 Sep 2024 23:04:31 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: awex
x-content-type-options: nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.000webhost.com
URL: https://www.000webhost.com/static/default.000webhost.com/images/powered-by-000webhost.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco de Crédito del Perú (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| valideKey object| payform

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.000webhost.com/static/default.000webhost.com/images/powered-by-000webhost.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://battered-maximums.000webhostapp.com/fonkis/242863_C_0.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/fonkis/icons.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/fonkis/242863_3_0.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/fonkis/242863_E_0.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/assets/fonts/flexo/242863_C_0.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/assets/fonts/icons/icons.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/assets/fonts/flexo/242863_3_0.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/fonkis/242863_E_0.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/assets/fonts/flexo/242863_C_0.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/fonkis/icons.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/assets/fonts/flexo/242863_3_0.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/fonkis/242863_E_0.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://battered-maximums.000webhostapp.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

battered-maximums.000webhostapp.com
www.000webhost.com
www.000webhost.com
2a02:4780:dead:ed11::1
27817cc668bec9c1bf7121be792e394b2e429ed7f1e2cd8ed40bfa198b947260
3248b5d2f2827c6b2e53afcce755ee9be9fbd573a68c09be815c85c0a15ba595
449a762acaaea4a237d5e28917804f7e47f666244014dea10b814bc2930b2737
53f7460c032645bee48db7161aed2645f132b9ee8f3727a80f53118f54b3fab1
6ebf0b01b6a6b91ee30ee25f898210abaf1bd00458d5268b2751d1183b42cbd2
7f9ee038a38db61ebd460cbed974116269b13885c3099519b3f6fe6551a77270
85d8a7f6f7b62f1d6d2d299675e3ed9223f13a1517c52e871c94d009812db148
a0b0f284e4a2b29dae8110e9fefbcc27c11eeba177cb93bdea9af10f07c87d0f
a8a89ae420b00d05f8a7ec3c408cdcdbcdaca60545c1069bc97ad1fdb76481f1
ab08f8acb8445fa0fe3792059ad3c9feb64b4d56bc78b7caa47fb0484e3841e0
beb64a7f93a96115e3c678b68b88b90cc9befa5c6d8e57e284c8d65ea580a910
f595038b919c831cc492dc7ef842005e977e96f232802d796fc12787ebaf5074

battered-maximums.000webhostapp.com Open in urlscan Pro 2a02:4780:dead:ed11::1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

96 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

242 kBTransfer

661 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

14 Console Messages

Security Headers

battered-maximums.000webhostapp.com Open in urlscan Pro
2a02:4780:dead:ed11::1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

96 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

242 kB
Transfer

661 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!