The most well-known method of accessing the dark web is through Tor browser. The dark web sites on Tor have .onion attached right at the end of the web address, and can only be accessed by said web browser. However, there are methods used to access dark web sites without using Tor. In this article, we will cover how we can access dark web sites with a regular browser, as well as the methods used to identify and research actual dark web sites belonging to hacker groups.

How to Access the Dark Web with a Regular Browser

Can we access a website with the .onion domain through Chrome, a regular web browser?

We can access a dark web site through a regular browser if it has a .ly attached right after the domain. (While accessing the website is a possibility, we don’t recommend it.)

The domain is a proxy server domain address provided by Tor2Web. Tor2Web is a service dedicated to allow users access to Onion services from a regular browser.

다크웹 접속 방법 중 하나인 Tor2Web의 프록시 서버 안내 페이지
Tor2Web’s guide page to Proxy Servers, one of the ways used to access the dark web

Dark web sites that end in and are in a similar format as this one (hxxp://abcdxxx1234[.] and users can access it with their standard browser, exactly as if it were accessed with Tor. Domains used by Hackers

Notorious ransomware groups are the ones that use links most often. This is because when a victim’s computer is infected by ransomware, attackers demand ransom through dark websites. They provide links so that victims can access the dark websites with their regular browser. Read more about this in our LockBit 3.0 ransomware case study, where we determine how ransomwares are distributed and what must be done to prevent them.

As we can see in the list below, plenty of actual ransomware websites use links.  Provided below are actual ransomware links found in ransomware distribution files, as well as a how to guide to paying the ransom they demand.

  • Maxey Moverley
  • Blackbyte Group
  • DAIXIN Team
  • Everest Ransom Team

Inspecting the domain with a Security OSINT Search Engine

As stated, links are but one method utilized in accessing the dark web, where clicking the link will automatically redirect you to a dark web site. Accessing the link alone can become a legal problem depending on the country you reside. Furthermore, accessing web sites hosted by ransomware group hackers can lead users to becoming a target as domain providers can easily accessing IP addresses.

Search results for the domain analyzed by Security OSINT search engine, Criminal IP

The results show that the Abuse Record deems this link as a Phishing URL.

In addition, real-time website screenshots can be checked without direct access, as shown below.

Search results for the domain analyzed by Criminal IP. Live webpage screenshot available
Screenshot of dark web website belonging to 0mega hacker group, found with Domain Search

Use these methods to analyze dark web sites when necessary, all without installing the Tor web browser.
We recommend users to use Security OSINT search engines when trying to obtain certain information regarding dark web as described in this article.

Source : Criminal IP (

Related Article(s) :