safetwitch.datura.network
Open in
urlscan Pro
37.27.32.233
Public Scan
URL:
https://safetwitch.datura.network/
Submission Tags: phishingrod
Submission: On February 22 via api from DE — Scanned from FI
Submission Tags: phishingrod
Submission: On February 22 via api from DE — Scanned from FI
Summary
This website contacted 2 IPs
in 1 countries
across 1 domains to perform 11 HTTP transactions.
The main IP is 37.27.32.233, located in
Helsinki, Finland and
belongs to HETZNER-AS, DE.
The main domain is safetwitch.datura.network.
TLS certificate: Issued by R3 on February 21st 2024. Valid for: 3 months.
This is the only time safetwitch.datura.network was scanned on urlscan.io!
TLS certificate: Issued by R3 on February 21st 2024. Valid for: 3 months.
This is the only time safetwitch.datura.network was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 11 | 37.27.32.233 37.27.32.233 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 11 | 2 |
11
37.27.32.233
(Helsinki, Finland)
ASN24940 (HETZNER-AS, DE)
PTR: iv.datura.network
ASN24940 (HETZNER-AS, DE)
PTR: iv.datura.network
| safetwitch.datura.network |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
datura.network
safetwitch.datura.network |
78 KB |
| 11 | 1 |
| Domain | Requested by | |
|---|---|---|
| 11 | safetwitch.datura.network |
safetwitch.datura.network
|
| 11 | 1 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| iv.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion |
| matrix.to |
| github.com |
| invidious.io |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| iv.datura.network R3 |
2024-02-21 - 2024-05-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://safetwitch.datura.network/
Frame ID: D30C7F77E6373D17B84BDAEB355B2C10
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Invidious - hakuDetected technologies
Pure CSS
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]+(?:([\d.])+/)?pure(?:-min)?\.css
- <div[^>]+class="[^"]*pure-u-(?:sm-|md-|lg-|xl-)?\d-\d
Ionicons
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: http://iv.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/
Title: Onion Link
Title: Onion Link
Search URL Search Domain Scan URL
URL: https://matrix.to/#/#nihilism:m.datura.network
Title: Matrix Chat
Title: Matrix Chat
Search URL Search Domain Scan URL
URL: https://github.com/iv-org/invidious
Title: Lähdekoodi
Title: Lähdekoodi
Search URL Search Domain Scan URL
URL: https://github.com/iv-org/documentation
Title: Dokumentaatio
Title: Dokumentaatio
Search URL Search Domain Scan URL
URL: https://github.com/iv-org/invidious/blob/master/LICENSE
Title: Julkaistu AGPLv3-lisenssin alla GitHubissa.
Title: Julkaistu AGPLv3-lisenssin alla GitHubissa.
Search URL Search Domain Scan URL
URL: https://invidious.io/donate/
Title: Lahjoita
Title: Lahjoita
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
safetwitch.datura.network/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
empty.css
safetwitch.datura.network/css/ |
255 B 533 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pure-min.css
safetwitch.datura.network/css/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
grids-responsive-min.css
safetwitch.datura.network/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ionicons.min.css
safetwitch.datura.network/css/ |
44 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default.css
safetwitch.datura.network/css/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
carousel.css
safetwitch.datura.network/css/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_helpers.js
safetwitch.datura.network/js/ |
9 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
handlers.js
safetwitch.datura.network/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
themes.js
safetwitch.datura.network/js/ |
2 KB 968 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
216 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ionicons.woff2
safetwitch.datura.network/fonts/ |
49 KB 50 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| helpers object| toggle_theme function| setTheme0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; manifest-src 'self'; media-src 'self' blob:; child-src 'self' blob:; frame-src 'self'; frame-ancestors 'none' |
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | sameorigin |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
safetwitch.datura.network
37.27.32.233
0490d7bfff71fe0876f7aa4033fe082e34077568989d59ee149d7ed3361d3ccb
17db90c65ab31841080ddfeb62dff61ebde609192ed484807864573d2353e748
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
3ee01dae6b99ebe233b1f36f4f6dfcada89f5105f795cf837f7457c1f36d0d9c
5142fca4d36520a49ecc64e5dd333856262f0542f67ca4706016bbf093fa9c15
6157cbe2b66edc93725a4ecf15fe1524d839fc32d261fa0fb7b810d42b4f20d4
6f10a39ce6aa89775b9d5785308c452251f081de2a4b066fbdb81aa006ea146d
7cf5ef32a2637b2756d39e94ec050cfdda792feb11cf4c4f2b4331de9db49e42
aca1aeac97347becba3d330e24e3f2435069934addbbe2fa62a253e19960d1f1
db03313b117d5687f500d3a57cf5a279c0e9c92cf8b2182b5ec74257257537c3
e2fe4c6fc768aad6174b83ba5a39167825f28bfe9f7b330c00837316910ce605
f476133b6926303b0f3d3862f16614e4a41dcf3fa777c2857c216afab4700457