URL: http://one.best-tunnel.xyz/
Submission Tags: @phish_report
Submission: On January 04 via api from FI — Scanned from NZ

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 154.12.59.57, located in Toronto, Canada and belongs to NETLAB-SDN, US. The main domain is one.best-tunnel.xyz.
This is the only time one.best-tunnel.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Screenshot

Page Title

Hacker News

Page Statistics

6
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

21 kB
Transfer

48 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
one.best-tunnel.xyz/
35 KB
7 KB
Document
General
Full URL
http://one.best-tunnel.xyz/
Protocol
HTTP/1.1
Server
154.12.59.57 Toronto, Canada, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
e56f4295166b5fc505f14674c9da038bb83d504b290171d13f690b631dc7e2d3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://cdnjs.cloudflare.com/; frame-src 'self' https://www.google.com/recaptcha/; style-src 'self' 'unsafe-inline'; img-src 'self' https://account.ycombinator.com; frame-ancestors 'self'
Strict-Transport-Security max-age=31556900
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private; max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://cdnjs.cloudflare.com/; frame-src 'self' https://www.google.com/recaptcha/; style-src 'self' 'unsafe-inline'; img-src 'self' https://account.ycombinator.com; frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Jan 2024 10:47:56 GMT
Referrer-Policy
origin
Server
nginx
Strict-Transport-Security
max-age=31556900
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
news.css
one.best-tunnel.xyz/
7 KB
8 KB
Stylesheet
General
Full URL
http://one.best-tunnel.xyz/news.css?78GG0TmOWq4jSbvNRx3w
Requested by
Host: one.best-tunnel.xyz
URL: http://one.best-tunnel.xyz/
Protocol
HTTP/1.1
Server
154.12.59.57 Toronto, Canada, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
e05f6480cfe57d8d3448c28d5c6c550e4f1fb21dfb689f1bb4b05a435eaefba1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.best-tunnel.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 04 Jan 2024 10:47:56 GMT
Last-Modified
Mon, 25 Dec 2023 19:32:12 GMT
Server
nginx
ETag
"6589d8bc-1cdd"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=314527456, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7389
Expires
Thu, 22 Dec 2033 19:32:12 GMT
y18.svg
one.best-tunnel.xyz/
315 B
647 B
Image
General
Full URL
http://one.best-tunnel.xyz/y18.svg
Requested by
Host: one.best-tunnel.xyz
URL: http://one.best-tunnel.xyz/
Protocol
HTTP/1.1
Server
154.12.59.57 Toronto, Canada, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
e1b6622b6ea15f1f48dfda6e720265cd426981d2a7ae1f9d7ddeb8409897c6ff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.best-tunnel.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 04 Jan 2024 10:47:56 GMT
Last-Modified
Mon, 25 Dec 2023 20:22:48 GMT
Server
nginx
ETag
"6589e498-13b"
Content-Type
image/svg+xml
Cache-Control
max-age=314530492, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
315
Expires
Thu, 22 Dec 2033 20:22:48 GMT
s.gif
one.best-tunnel.xyz/
43 B
369 B
Image
General
Full URL
http://one.best-tunnel.xyz/s.gif
Requested by
Host: one.best-tunnel.xyz
URL: http://one.best-tunnel.xyz/
Protocol
HTTP/1.1
Server
154.12.59.57 Toronto, Canada, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.best-tunnel.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 04 Jan 2024 10:47:56 GMT
Last-Modified
Thu, 28 Jul 2022 21:14:48 GMT
Server
nginx
ETag
"62e2fc48-2b"
Content-Type
image/gif
Cache-Control
max-age=270037612, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sun, 25 Jul 2032 21:14:48 GMT
hn.js
one.best-tunnel.xyz/
5 KB
5 KB
Script
General
Full URL
http://one.best-tunnel.xyz/hn.js?78GG0TmOWq4jSbvNRx3w
Requested by
Host: one.best-tunnel.xyz
URL: http://one.best-tunnel.xyz/
Protocol
HTTP/1.1
Server
154.12.59.57 Toronto, Canada, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
39d98166efc6f0b359579340f63ae614de198c23ee3c83aa7c7269f707bd4ae0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.best-tunnel.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 04 Jan 2024 10:47:56 GMT
Last-Modified
Tue, 26 Dec 2023 05:35:01 GMT
Server
nginx
ETag
"658a6605-1468"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=314563625, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5224
Expires
Fri, 23 Dec 2033 05:35:01 GMT
triangle.svg
one.best-tunnel.xyz/
131 B
462 B
Image
General
Full URL
http://one.best-tunnel.xyz/triangle.svg
Requested by
Host: one.best-tunnel.xyz
URL: http://one.best-tunnel.xyz/news.css?78GG0TmOWq4jSbvNRx3w
Protocol
HTTP/1.1
Server
154.12.59.57 Toronto, Canada, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
3e155f895282e786a1a3c540eba727b4f04865eccbdad5dac17b3c2e184a5bd8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.best-tunnel.xyz/news.css?78GG0TmOWq4jSbvNRx3w
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 04 Jan 2024 10:47:56 GMT
Last-Modified
Mon, 18 Dec 2023 06:35:34 GMT
Server
nginx
ETag
"657fe836-83"
Content-Type
image/svg+xml
Cache-Control
max-age=313876058, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
131
Expires
Thu, 15 Dec 2033 06:35:34 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| byClass function| byTag function| allof function| classes function| hasClass function| addClass function| remClass function| uptil function| upclass function| html function| attr function| tonum function| remEl function| posf function| apos function| afind function| acut function| aeach function| arem function| alast function| vis function| setshow function| noshow function| ind function| vurl function| vote function| nextcomm function| kidvis function| toggleCollapse function| collstate function| onop function| ranknum number| n1 function| newstory function| fixranks function| moreurl function| morenext function| hidestory

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://cdnjs.cloudflare.com/; frame-src 'self' https://www.google.com/recaptcha/; style-src 'self' 'unsafe-inline'; img-src 'self' https://account.ycombinator.com; frame-ancestors 'self'
Strict-Transport-Security max-age=31556900
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block