darkhash.store - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 81.162.196.29, located in Valasske Klobouky, Czech Republic and belongs to ASVICENIK, CZ. The main domain is darkhash.store.

This is the only time darkhash.store was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address		AS Autonomous System
5	81.162.196.29 81.162.196.29		34955 (ASVICENIK) (ASVICENIK)
5	1

5 81.162.196.29 (Valasske Klobouky, Czech Republic)

ASN34955 (ASVICENIK, CZ)
PTR: 29-196-162-81-oe-cust.slavnet.cz

darkhash.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	darkhash.store darkhash.store	19 KB
5	1

	Domain	Requested by
5	darkhash.store	darkhash.store
5	1

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://darkhash.store/
Frame ID: 4E3411F44608C9AD50B2DF21FF8ED5E6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to Facebook | Facebook

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

19 kB
Transfer

17 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/r.php?locale=en_GB&display=page
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.facebook.com/recover/initiate?lwv=100&ars=facebook_login
Title: Forgotten account?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response darkhash.store/	4 KB 5 KB	381ms 21ms	Document text/html	81.162.196.29 ASVICENIK
General Check archive.org Show headers Download Go to Full URL http://darkhash.store/ Protocol HTTP/1.1 Server 81.162.196.29 Valasske Klobouky, Czech Republic, ASN34955 (ASVICENIK, CZ), Reverse DNS 29-196-162-81-oe-cust.slavnet.cz Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 / PHP/8.2.0 Resource Hash `f38ce18a7cc6967247a170bca236458767e29e7e3bb64485a84d6a9969728153` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 4559 Content-Type text/html; charset=UTF-8 Date Tue, 08 Aug 2023 11:05:23 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 X-Powered-By PHP/8.2.0
GET H/1.1	200 OK	grid.css darkhash.store/	6 KB 6 KB	21ms 21ms	Stylesheet text/css	81.162.196.29 ASVICENIK
General Check archive.org Show headers Download Go to Full URL http://darkhash.store/grid.css Requested by Host: darkhash.store URL: http://darkhash.store/ Protocol HTTP/1.1 Server 81.162.196.29 Valasske Klobouky, Czech Republic, ASN34955 (ASVICENIK, CZ), Reverse DNS 29-196-162-81-oe-cust.slavnet.cz Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 / Resource Hash `491e830953074abe2bd095e59f466c6d6437f7c9fbde294c4c6ac4089ec567c1` Request headers accept-language de-DE,de;q=0.9 Referer http://darkhash.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 08 Aug 2023 11:05:23 GMT Last-Modified Sat, 14 Mar 2020 19:32:16 GMT Server Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 ETag "1637-5a0d5a4bed000" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 5687
GET H/1.1	200 OK	main.css darkhash.store/	4 KB 5 KB	42ms 20ms	Stylesheet text/css	81.162.196.29 ASVICENIK
General Check archive.org Show headers Download Go to Full URL http://darkhash.store/main.css Requested by Host: darkhash.store URL: http://darkhash.store/ Protocol HTTP/1.1 Server 81.162.196.29 Valasske Klobouky, Czech Republic, ASN34955 (ASVICENIK, CZ), Reverse DNS 29-196-162-81-oe-cust.slavnet.cz Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 / Resource Hash `24f5d91646312e36caedffc7f144369caf7a27123e928352af2ff9f24a39d4b7` Request headers accept-language de-DE,de;q=0.9 Referer http://darkhash.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 08 Aug 2023 11:05:23 GMT Last-Modified Sat, 14 Mar 2020 19:32:16 GMT Server Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 ETag "10d8-5a0d5a4bed000" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4312
GET H/1.1	200 OK	gasd34sad3.png darkhash.store/	3 KB 3 KB	21ms 21ms	Image image/png	81.162.196.29 ASVICENIK
General Check archive.org Show headers Download Go to Show image Full URL http://darkhash.store/gasd34sad3.png Requested by Host: darkhash.store URL: http://darkhash.store/main.css Protocol HTTP/1.1 Server 81.162.196.29 Valasske Klobouky, Czech Republic, ASN34955 (ASVICENIK, CZ), Reverse DNS 29-196-162-81-oe-cust.slavnet.cz Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 / Resource Hash `5c04f945d7930dea394f8b26684be9e0a323f44ca30896520285d26ae1b85aaf` Request headers accept-language de-DE,de;q=0.9 Referer http://darkhash.store/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 08 Aug 2023 11:05:24 GMT Last-Modified Sat, 14 Mar 2020 19:32:16 GMT Server Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 ETag "b23-5a0d5a4bed000" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2851
GET H/1.1	200 OK	O7nsdhjdsXSI.png darkhash.store/	95 B 401 B	42ms 20ms	Image image/png	81.162.196.29 ASVICENIK
General Check archive.org Show headers Download Go to Show image Full URL http://darkhash.store/O7nsdhjdsXSI.png Requested by Host: darkhash.store URL: http://darkhash.store/main.css Protocol HTTP/1.1 Server 81.162.196.29 Valasske Klobouky, Czech Republic, ASN34955 (ASVICENIK, CZ), Reverse DNS 29-196-162-81-oe-cust.slavnet.cz Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 / Resource Hash `c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c` Request headers accept-language de-DE,de;q=0.9 Referer http://darkhash.store/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Tue, 08 Aug 2023 11:05:24 GMT Last-Modified Sat, 14 Mar 2020 19:32:16 GMT Server Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.2.0 ETag "5f-5a0d5a4bed000" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 95

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

darkhash.store
81.162.196.29
24f5d91646312e36caedffc7f144369caf7a27123e928352af2ff9f24a39d4b7
491e830953074abe2bd095e59f466c6d6437f7c9fbde294c4c6ac4089ec567c1
5c04f945d7930dea394f8b26684be9e0a323f44ca30896520285d26ae1b85aaf
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
f38ce18a7cc6967247a170bca236458767e29e7e3bb64485a84d6a9969728153

darkhash.store Open in urlscan Pro 81.162.196.29 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

19 kBTransfer

17 kBSize

0 Cookies

2 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

darkhash.store Open in urlscan Pro
81.162.196.29 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

19 kB
Transfer

17 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!