www.dl.mainactivity.xyz Open in urlscan Pro
62.171.157.241 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dl.mainactivity.xyz/
Submission: On March 18 via automatic, source certstream-suspicious (March 18th 2020, 4:06:15 am UTC)

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 15 HTTP transactions. The main IP is 62.171.157.241, located in United Kingdom and belongs to CONTABO, DE. The main domain is www.dl.mainactivity.xyz.
TLS certificate: Issued by dl.mainactivity.xyz on March 17th 2020. Valid for: a year.

This is the only time www.dl.mainactivity.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	62.171.157.241 62.171.157.241	51167 (CONTABO) (CONTABO)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
3	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
15	5

3 62.171.157.241 (United Kingdom)

ASN51167 (CONTABO, DE)
PTR: vmi356467.contaboserver.net

www.dl.mainactivity.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.99.0.58 (Toronto, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	histats.com s10.histats.com s4.histats.com	14 KB
3	blogspot.com 1.bp.blogspot.com	61 KB
3	mainactivity.xyz www.dl.mainactivity.xyz	15 KB
0	bootstrapcdn.com Failed maxcdn.bootstrapcdn.com Failed
15	4

	Domain	Requested by
3	s4.histats.com	s10.histats.com
3	s10.histats.com	www.dl.mainactivity.xyz
3	1.bp.blogspot.com	www.dl.mainactivity.xyz
3	www.dl.mainactivity.xyz	www.dl.mainactivity.xyz
0	maxcdn.bootstrapcdn.com Failed	www.dl.mainactivity.xyz
15	5

This site contains links to these domains. Also see Links.

Domain
178.128.90.150

Subject Issuer	Validity	Valid
dl.mainactivity.xyz dl.mainactivity.xyz	`2020-03-17` - `2021-03-17`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
histats.com Let's Encrypt Authority X3	`2019-12-27` - `2020-03-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.dl.mainactivity.xyz/
Frame ID: DBDD2CEDB97D73F1E7CF7301B349BD7A
Requests: 5 HTTP requests in this frame

Frame: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
Frame ID: 1D254FE06A2E5422D013AF4AE2175097
Requests: 5 HTTP requests in this frame

Frame: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
Frame ID: FC0C0E97A1883A28BE35A2AB659DF79E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

15
Requests

60 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

5
IPs

4
Countries

90 kB
Transfer

111 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://178.128.90.150/BlackTube.apk
Title: Download Update

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.dl.mainactivity.xyz/ 6 KB
3 KB 177ms
53ms Document
text/html 62.171.157.241
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dl.mainactivity.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.171.157.241 , United Kingdom, ASN51167 (CONTABO, DE),
Reverse DNS: vmi356467.contaboserver.net
Software: Apache /
Resource Hash: ec6b3dabe39d8c4d4f56bc00c812cd421893518844a67a51d7f1d5ba217e93f0

Request headers

Host: www.dl.mainactivity.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Wed, 18 Mar 2020 04:05:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2578
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 689661_splash.png
1.bp.blogspot.com/-w0G7JIdncEQ/XZqy-Lb18CI/AAAAAAAAAKA/RbYQanQ6ixk7FSSORxxlSsmkL2ts0R4egCLcBGAsYHQ/s320/ 20 KB
21 KB 38ms
17ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-w0G7JIdncEQ/XZqy-Lb18CI/AAAAAAAAAKA/RbYQanQ6ixk7FSSORxxlSsmkL2ts0R4egCLcBGAsYHQ/s320/689661_splash.png

Requested by

Host: www.dl.mainactivity.xyz
URL: https://www.dl.mainactivity.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

813b719771ed68e5bb3428b83bf7c0eabf1ee92cd2c22d8658e1b0c575e7afd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dl.mainactivity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 04:05:58 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="689661_splash.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 20623
x-xss-protection: 0
server: fife
etag: "va1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Mar 2020 04:05:58 GMT

GET font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/ 0
0

GET
H/1.1 404
Not Found BlackTube_Pro.apk Show response
www.dl.mainactivity.xyz/ Frame 1D25 6 KB
6 KB 51ms
51ms Document
text/html 62.171.157.241
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
Requested by: Host: www.dl.mainactivity.xyz
URL: https://www.dl.mainactivity.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.171.157.241 , United Kingdom, ASN51167 (CONTABO, DE),
Reverse DNS: vmi356467.contaboserver.net
Software: Apache /
Resource Hash: ec6b3dabe39d8c4d4f56bc00c812cd421893518844a67a51d7f1d5ba217e93f0

Request headers

Host: www.dl.mainactivity.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://www.dl.mainactivity.xyz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.dl.mainactivity.xyz/

Response headers

Date: Wed, 18 Mar 2020 04:05:58 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 80ms
26ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.dl.mainactivity.xyz
URL: https://www.dl.mainactivity.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer: https://www.dl.mainactivity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 04:05:57 GMT
content-encoding: br
last-modified: Thu, 06 Dec 2018 14:12:12 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: "-139234964"
x-cacheable: Matched cache
content-type: text/javascript
status: 200
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4333
x-request-id: 73564530

GET
H2 200 689661_splash.png
1.bp.blogspot.com/-w0G7JIdncEQ/XZqy-Lb18CI/AAAAAAAAAKA/RbYQanQ6ixk7FSSORxxlSsmkL2ts0R4egCLcBGAsYHQ/s320/ Frame 1D25 20 KB
20 KB 6ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-w0G7JIdncEQ/XZqy-Lb18CI/AAAAAAAAAKA/RbYQanQ6ixk7FSSORxxlSsmkL2ts0R4egCLcBGAsYHQ/s320/689661_splash.png

Requested by

Host: www.dl.mainactivity.xyz
URL: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

813b719771ed68e5bb3428b83bf7c0eabf1ee92cd2c22d8658e1b0c575e7afd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 04:05:58 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="689661_splash.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 20623
x-xss-protection: 0
server: fife
etag: "va1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Mar 2020 04:05:58 GMT

GET font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/ Frame 1D25 0
0

GET
H/1.1 404
Not Found BlackTube_Pro.apk Show response
www.dl.mainactivity.xyz/ Frame FC0C 6 KB
6 KB 51ms
51ms Document
text/html 62.171.157.241
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
Requested by: Host: www.dl.mainactivity.xyz
URL: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.171.157.241 , United Kingdom, ASN51167 (CONTABO, DE),
Reverse DNS: vmi356467.contaboserver.net
Software: Apache /
Resource Hash: ec6b3dabe39d8c4d4f56bc00c812cd421893518844a67a51d7f1d5ba217e93f0

Request headers

Host: www.dl.mainactivity.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk

Response headers

Date: Wed, 18 Mar 2020 04:05:58 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 1D25 11 KB
4 KB 30ms
25ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.dl.mainactivity.xyz
URL: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 04:05:57 GMT
content-encoding: br
last-modified: Thu, 06 Dec 2018 14:12:12 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: "-139234964"
x-cacheable: Matched cache
content-type: text/javascript
status: 200
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4333
x-request-id: 73564530

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame 1D25 51 B
322 B 301ms
98ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3773750&@f16&@g1&@h1&@i1&@j1584504358854&@k0&@l1&@mBlackTube&@n0&@ohttps%3A%2F%2Fwww.dl.mainactivity.xyz%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-54825095&@b3:1584504359&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fwww.dl.mainactivity.xyz%2FBlackTube_Pro.apk&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 5be1c771bff4dcac5dfb3e85bf692808f8fca27a40a385306c02cefcb448bbcb

Request headers

Referer: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 04:05:59 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
322 B 295ms
97ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3773750&@f16&@g0&@h2&@i1&@j1584504358883&@k29&@l2&@mBlackTube&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-149482858&@b3:1584504359&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fwww.dl.mainactivity.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 5be1c771bff4dcac5dfb3e85bf692808f8fca27a40a385306c02cefcb448bbcb

Request headers

Referer: https://www.dl.mainactivity.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 04:05:59 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 689661_splash.png
1.bp.blogspot.com/-w0G7JIdncEQ/XZqy-Lb18CI/AAAAAAAAAKA/RbYQanQ6ixk7FSSORxxlSsmkL2ts0R4egCLcBGAsYHQ/s320/ Frame FC0C 20 KB
20 KB 6ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-w0G7JIdncEQ/XZqy-Lb18CI/AAAAAAAAAKA/RbYQanQ6ixk7FSSORxxlSsmkL2ts0R4egCLcBGAsYHQ/s320/689661_splash.png

Requested by

Host: www.dl.mainactivity.xyz
URL: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

813b719771ed68e5bb3428b83bf7c0eabf1ee92cd2c22d8658e1b0c575e7afd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 18 Mar 2020 04:05:58 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="689661_splash.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 20623
x-xss-protection: 0
server: fife
etag: "va1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Mar 2020 04:05:58 GMT

GET font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/ Frame FC0C 0
0

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame FC0C 11 KB
4 KB 27ms
26ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.dl.mainactivity.xyz
URL: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 18 Mar 2020 04:05:57 GMT
content-encoding: br
last-modified: Thu, 06 Dec 2018 14:12:12 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: "-139234964"
x-cacheable: Matched cache
content-type: text/javascript
status: 200
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4333
x-request-id: 73564530

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame FC0C 51 B
322 B 291ms
97ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3773750&@f16&@g0&@h3&@i1&@j1584504358940&@k57&@l3&@mBlackTube&@n0&@ohttps%3A%2F%2Fwww.dl.mainactivity.xyz%2FBlackTube_Pro.apk&@q0&@r0&@s0&@ten-US&@u1600&@b1:-113944816&@b3:1584504359&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fwww.dl.mainactivity.xyz%2FBlackTube_Pro.apk&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 5be1c771bff4dcac5dfb3e85bf692808f8fca27a40a385306c02cefcb448bbcb

Request headers

Referer: https://www.dl.mainactivity.xyz/BlackTube_Pro.apk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 18 Mar 2020 04:05:59 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: maxcdn.bootstrapcdn.com
URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Domain: maxcdn.bootstrapcdn.com
URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Domain: maxcdn.bootstrapcdn.com
URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.dl.mainactivity.xyz/	1970-01-19 16:54:00	Name: HstPn3773750 Value: 3
www.dl.mainactivity.xyz/	1970-01-19 16:54:00	Name: HstCla3773750 Value: 1584504358940
www.dl.mainactivity.xyz/	1970-01-19 16:54:00	Name: HstCns3773750 Value: 1
www.dl.mainactivity.xyz/	1970-01-19 16:54:00	Name: HstCnv3773750 Value: 1
www.dl.mainactivity.xyz/	1970-01-19 16:54:00	Name: HstCmu3773750 Value: 1584504358854
www.dl.mainactivity.xyz/	1970-01-19 16:54:00	Name: HstPt3773750 Value: 3
www.dl.mainactivity.xyz/	1970-01-19 16:54:00	Name: HstCfa3773750 Value: 1584504358854

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
maxcdn.bootstrapcdn.com
s10.histats.com
s4.histats.com
www.dl.mainactivity.xyz
maxcdn.bootstrapcdn.com
192.99.0.58
2a00:1450:4001:800::2001
46.105.201.240
62.171.157.241
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
5be1c771bff4dcac5dfb3e85bf692808f8fca27a40a385306c02cefcb448bbcb
813b719771ed68e5bb3428b83bf7c0eabf1ee92cd2c22d8658e1b0c575e7afd6
ec6b3dabe39d8c4d4f56bc00c812cd421893518844a67a51d7f1d5ba217e93f0

www.dl.mainactivity.xyz Open in urlscan Pro 62.171.157.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

60 %HTTPS

25 %IPv6

4 Domains

5 Subdomains

5 IPs

4 Countries

90 kBTransfer

111 kBSize

7 Cookies

1 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

7 Cookies

Indicators

www.dl.mainactivity.xyz Open in urlscan Pro
62.171.157.241 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

60 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

5
IPs

4
Countries

90 kB
Transfer

111 kB
Size

7
Cookies

15 HTTP transactions
0 data transactions