darktube.top Open in urlscan Pro
178.159.43.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://117.194.149.76:46930/
Effective URL:
http://darktube.top/
Submission: On January 12 via automatic, source urlhaus (January 12th 2021, 4:09:39 am UTC)

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 9 HTTP transactions. The main IP is 178.159.43.109, located in Ukraine and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is darktube.top.

This is the only time darktube.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	178.159.43.109 178.159.43.109	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1	117.194.149.76 117.194.149.76	9829 (BSNL-NIB ...) (BSNL-NIB National Internet Backbone)
9	2

8 178.159.43.109 (Ukraine)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm1673991.5ssd.had.wf

darktube.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 117.194.149.76 (Thrissur, India)

ASN9829 (BSNL-NIB National Internet Backbone, IN)

117.194.149.76	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	darktube.top darktube.top	166 KB
9	1

	Domain	Requested by
8	darktube.top	darktube.top
9	1

This site contains links to these domains. Also see Links.

Domain
analteen.top

Subject Issuer	Validity	Valid

This page contains 1 frames:

Frame: http://117.194.149.76:46930/
Frame ID: 763F8A02F71A317E1A7BD8D422731D6C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

9
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

166 kB
Transfer

182 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://analteen.top/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response darktube.top/ Redirect Chain http://lolittles.xyz/te3/out.php http://darktube.top/	22 KB 4 KB	301ms 92ms	Document text/html	178.159.43.109 Netherlands
General Check archive.org Show headers Download Go to Full URL http://darktube.top/ Protocol HTTP/1.1 Server 178.159.43.109 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1673991.5ssd.had.wf Software Apache/2.4.10 (Debian) / Resource Hash `cfe0359d0a2a189dd5e80cec6f75ae202c70d5dcd78036c2f743dc195c620c21` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/87.0.4280.141 Safari/537.36 Referer http://lolittles.xyz/ Response headers Date Tue, 12 Jan 2021 04:08:37 GMT Server Apache/2.4.10 (Debian) Vary Accept-Encoding Content-Encoding gzip Content-Length 4090 Keep-Alive timeout=5, max=93 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Connection Keep-Alive Location http://darktube.top/ Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Content-Length 20 Content-Encoding gzip Date Tue, 12 Jan 2021 04:08:31 GMT Server LiteSpeed Cache-Control no-cache, no-store, must-revalidate, max-age=0
GET H/1.1	200 OK	30.png darktube.top/	62 KB 62 KB	1115ms 303ms	Image image/png	178.159.43.109 Netherlands
General Check archive.org Show headers Download Go to Show image Full URL http://darktube.top/30.png Requested by Host: darktube.top URL: http://darktube.top/ Protocol HTTP/1.1 Server 178.159.43.109 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1673991.5ssd.had.wf Software Apache/2.4.10 (Debian) / Resource Hash `3ed61aa6fe1dfa3dbc0bd9b2aa4788c452c201208c0173e7b59661d7fd03cfe3` Request headers Referer http://darktube.top/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 04:08:47 GMT Last-Modified Mon, 21 Dec 2020 04:04:32 GMT Server Apache/2.4.10 (Debian) ETag "f7d0-5b6f18e2b34d3" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 63440
GET H/1.1	200 OK	welcome.gif darktube.top/	25 KB 26 KB	1129ms 317ms	Image image/gif	178.159.43.109 Netherlands
General Check archive.org Show headers Download Go to Show image Full URL http://darktube.top/welcome.gif Requested by Host: darktube.top URL: http://darktube.top/ Protocol HTTP/1.1 Server 178.159.43.109 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1673991.5ssd.had.wf Software Apache/2.4.10 (Debian) / Resource Hash `2e7d11085cf8e5557cc910fcafc93550b5fe1a03fc60b9de7c837de61545d9c8` Request headers Referer http://darktube.top/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 04:08:47 GMT Last-Modified Mon, 21 Dec 2020 04:04:34 GMT Server Apache/2.4.10 (Debian) ETag "6564-5b6f18e5021c3" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=90 Content-Length 25956
GET H/1.1	200 OK	1aa.png darktube.top/	22 KB 23 KB	92ms 90ms	Image image/png	178.159.43.109 Netherlands
General Check archive.org Show headers Download Go to Show image Full URL http://darktube.top/1aa.png Requested by Host: darktube.top URL: http://darktube.top/ Protocol HTTP/1.1 Server 178.159.43.109 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1673991.5ssd.had.wf Software Apache/2.4.10 (Debian) / Resource Hash `86ed57ce9cb8cb31e84045650aecb782add251e58bc99c180217cf508bcb42d0` Request headers Referer http://darktube.top/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 04:08:51 GMT Last-Modified Mon, 21 Dec 2020 04:04:30 GMT Server Apache/2.4.10 (Debian) ETag "5982-5b6f18e173f8d" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 22914
GET H/1.1	200 OK	hot.gif darktube.top/	671 B 955 B	87ms 86ms	Image image/gif	178.159.43.109 Netherlands
General Check archive.org Show headers Download Go to Show image Full URL http://darktube.top/hot.gif Requested by Host: darktube.top URL: http://darktube.top/ Protocol HTTP/1.1 Server 178.159.43.109 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1673991.5ssd.had.wf Software Apache/2.4.10 (Debian) / Resource Hash `417ba5378352abb89940c02b28e835f2d3ead02baaa51c7f9f1d1986d937ad71` Request headers Referer http://darktube.top/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 04:08:51 GMT Last-Modified Mon, 21 Dec 2020 04:04:32 GMT Server Apache/2.4.10 (Debian) ETag "29f-5b6f18e370c03" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=87 Content-Length 671
GET H/1.1	200 OK	cUH1q.gif darktube.top/	599 B 883 B	205ms 100ms	Image image/gif	178.159.43.109 Netherlands
General Check archive.org Show headers Download Go to Show image Full URL http://darktube.top/cUH1q.gif Requested by Host: darktube.top URL: http://darktube.top/ Protocol HTTP/1.1 Server 178.159.43.109 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1673991.5ssd.had.wf Software Apache/2.4.10 (Debian) / Resource Hash `788ba656874328ecb14a1a6e2045901c10bcaf719fe4e0cf1dca955442c4e80d` Request headers Referer http://darktube.top/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 04:08:51 GMT Last-Modified Mon, 21 Dec 2020 04:04:32 GMT Server Apache/2.4.10 (Debian) ETag "257-5b6f18e340e67" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 599
GET H/1.1	200 OK	59.jpg darktube.top/	49 KB 49 KB	188ms 79ms	Image image/jpeg	178.159.43.109 Netherlands
General Check archive.org Show headers Download Go to Show image Full URL http://darktube.top/59.jpg Requested by Host: darktube.top URL: http://darktube.top/ Protocol HTTP/1.1 Server 178.159.43.109 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1673991.5ssd.had.wf Software Apache/2.4.10 (Debian) / Resource Hash `cf8e6477e21f86c6542ae3d9b391da8a658fd036ff08c3ed39b328dfb20b18fe` Request headers Referer http://darktube.top/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 04:08:53 GMT Last-Modified Mon, 21 Dec 2020 04:04:32 GMT Server Apache/2.4.10 (Debian) ETag "c458-5b6f18e3016cc" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 50264
GET H/1.1	404 Not Found	PinkSunDemoOutline.TTF darktube.top/fonts/	0 0	92ms 85ms	Font text/html	178.159.43.109 Netherlands
General Check archive.org Show headers Download Go to Full URL http://darktube.top/fonts/PinkSunDemoOutline.TTF Requested by Host: darktube.top URL: http://darktube.top/ Protocol HTTP/1.1 Server 178.159.43.109 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL), Reverse DNS vm1673991.5ssd.had.wf Software Apache/2.4.10 (Debian) / Resource Hash Request headers Origin http://darktube.top Referer http://darktube.top/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 04:08:53 GMT Server Apache/2.4.10 (Debian) Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 274 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	/ 117.194.149.76/	0 0	2486ms 384ms	Document application/zip	117.194.149.76 BSNL-NIB National...
General Check archive.org Show headers Download Go to Full URL http://117.194.149.76:46930/ Protocol HTTP/1.1 Server 117.194.149.76 Thrissur, India, ASN9829 (BSNL-NIB National Internet Backbone, IN), Reverse DNS Software nginx / Resource Hash Request headers Host 117.194.149.76:46930 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Content-Length 135472 Connection close Content-Type application/zip

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

darktube.top
117.194.149.76
178.159.43.109
2e7d11085cf8e5557cc910fcafc93550b5fe1a03fc60b9de7c837de61545d9c8
3ed61aa6fe1dfa3dbc0bd9b2aa4788c452c201208c0173e7b59661d7fd03cfe3
417ba5378352abb89940c02b28e835f2d3ead02baaa51c7f9f1d1986d937ad71
788ba656874328ecb14a1a6e2045901c10bcaf719fe4e0cf1dca955442c4e80d
86ed57ce9cb8cb31e84045650aecb782add251e58bc99c180217cf508bcb42d0
cf8e6477e21f86c6542ae3d9b391da8a658fd036ff08c3ed39b328dfb20b18fe
cfe0359d0a2a189dd5e80cec6f75ae202c70d5dcd78036c2f743dc195c620c21

darktube.top Open in urlscan Pro 178.159.43.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

2 Countries

166 kBTransfer

182 kBSize

0 Cookies

1 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

0 Cookies

Indicators

darktube.top Open in urlscan Pro
178.159.43.109 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

166 kB
Transfer

182 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions