buddy.safewatch.xyz - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 104.237.4.105, located in Dallas, United States and belongs to NODISTO, US. The main domain is buddy.safewatch.xyz.
TLS certificate: Issued by R3 on September 13th 2021. Valid for: 3 months.

This is the only time buddy.safewatch.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4	104.237.4.105 104.237.4.105		394727 (NODISTO) (NODISTO)
4	1

4 104.237.4.105 (Dallas, United States)

ASN394727 (NODISTO, US)

buddy.safewatch.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	safewatch.xyz buddy.safewatch.xyz	106 KB
4	1

	Domain	Requested by
4	buddy.safewatch.xyz	buddy.safewatch.xyz
4	1

This site contains links to these domains. Also see Links.

Domain
swap.safewatch.xyz
api.safewatch.xyz
127.0.0.1
localhost
gateway.ipfs.io
ops.safewatch.xyz
demo.safewatch.xyz

Subject Issuer	Validity	Valid
safewatch.xyz R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://buddy.safewatch.xyz/
Frame ID: 6C024326F2C754A5A36F3B066B91E9A4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SafeWathc Proof of Concept

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

106 kB
Transfer

107 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://swap.safewatch.xyz/

Search URL Search Domain Scan URL

URL: https://api.safewatch.xyz/app/
Title: https://api.safewatch.xyz/app/

Search URL Search Domain Scan URL

URL: http://127.0.0.1:5000/
Title: http://127.0.0.1:5000/

Search URL Search Domain Scan URL

URL: http://localhost:8088/usb/repos/bitbucket.org/SWPoC/_site/
Title: http://localhost:8088/usb/repos/bitbucket.org/SWPoC/_site/

Search URL Search Domain Scan URL

URL: https://gateway.ipfs.io/ipfs/QmQrVGLEAiUsFfM2bsnuQC7cfNVUrVPCoK2n2thEVbBp77
Title: https://gateway.ipfs.io/ipfs/QmQrVGLEAiUsFfM2bsnuQC7cfNVUrVPCoK2n2thEVbBp77

Search URL Search Domain Scan URL

URL: http://127.0.0.1:8080/ipfs/QmZYNfsykd4mUPyDVrkdRai7prAFN779RkakDkUto6EHAi
Title: http://127.0.0.1:8080/ipfs/QmZYNfsykd4mUPyDVrkdRai7prAFN779RkakDkUto6EHAi

Search URL Search Domain Scan URL

URL: https://swap.safewatch.xyz/
Title: https://swap.safewatch.xyz

Search URL Search Domain Scan URL

URL: https://ops.safewatch.xyz/
Title: https://ops.safewatch.xyz

Search URL Search Domain Scan URL

URL: https://demo.safewatch.xyz/
Title: https://demo.safewatch.xyz

Search URL Search Domain Scan URL

URL: https://swap.safewatch.xyz/track
Title: https://swap.safewatch.xyz/track

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response buddy.safewatch.xyz/	3 KB 1 KB	452ms 143ms	Document text/html	104.237.4.105 NODISTO
General Check archive.org Show headers Download Go to Full URL https://buddy.safewatch.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.237.4.105 Dallas, United States, ASN394727 (NODISTO, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `b9a8d922c88d0eb30a60cdb75d60fea90bd03745388f2da0f05350400c19e808` Request headers :method GET :authority buddy.safewatch.xyz :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx/1.18.0 (Ubuntu) date Sun, 26 Sep 2021 18:58:42 GMT content-type text/html last-modified Fri, 24 Sep 2021 04:36:09 GMT etag W/"614d55b9-a51" content-encoding gzip
GET H2	200	style.css buddy.safewatch.xyz/	849 B 982 B	142ms 142ms	Stylesheet text/css	104.237.4.105 NODISTO
General Check archive.org Show headers Download Go to Full URL https://buddy.safewatch.xyz/style.css Requested by Host: buddy.safewatch.xyz URL: https://buddy.safewatch.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.237.4.105 Dallas, United States, ASN394727 (NODISTO, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `bbf88c8133ea691cdeb659cd2b3fe79faf0e63de83e8f0a9a9aea127bc708d6e` Request headers :path /style.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority buddy.safewatch.xyz referer https://buddy.safewatch.xyz/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://buddy.safewatch.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 26 Sep 2021 18:58:42 GMT last-modified Thu, 23 Sep 2021 10:26:27 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "614c5653-351" content-length 849 content-type text/css
GET H2	200	swa-poc.svg buddy.safewatch.xyz/img/	31 KB 31 KB	284ms 284ms	Image image/svg+xml	104.237.4.105 NODISTO
General Check archive.org Show headers Download Go to Show image Full URL https://buddy.safewatch.xyz/img/swa-poc.svg Requested by Host: buddy.safewatch.xyz URL: https://buddy.safewatch.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.237.4.105 Dallas, United States, ASN394727 (NODISTO, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `77f8eeccb0caee9166213c6d23fe0dd6faa6b65e1bdb6cb5c2582c86e0875b84` Request headers :path /img/swa-poc.svg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority buddy.safewatch.xyz referer https://buddy.safewatch.xyz/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://buddy.safewatch.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 26 Sep 2021 18:58:42 GMT last-modified Sun, 12 Sep 2021 16:31:17 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "613e2b55-7acd" content-length 31437 content-type image/svg+xml
GET H2	200	bg-masupil.jpg buddy.safewatch.xyz/img/	73 KB 73 KB	282ms 282ms	Image image/jpeg	104.237.4.105 NODISTO
General Check archive.org Show headers Download Go to Show image Full URL https://buddy.safewatch.xyz/img/bg-masupil.jpg Requested by Host: buddy.safewatch.xyz URL: https://buddy.safewatch.xyz/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.237.4.105 Dallas, United States, ASN394727 (NODISTO, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `7ba93497e940ccf3d2309c7fc2da6f191dc8a26312476d3db453622f86dfe03b` Request headers :path /img/bg-masupil.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority buddy.safewatch.xyz referer https://buddy.safewatch.xyz/style.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://buddy.safewatch.xyz/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 26 Sep 2021 18:58:42 GMT last-modified Thu, 12 Nov 2020 13:48:48 GMT server nginx/1.18.0 (Ubuntu) accept-ranges bytes etag "5fad3d40-1241c" content-length 74780 content-type image/jpeg

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buddy.safewatch.xyz
104.237.4.105
77f8eeccb0caee9166213c6d23fe0dd6faa6b65e1bdb6cb5c2582c86e0875b84
7ba93497e940ccf3d2309c7fc2da6f191dc8a26312476d3db453622f86dfe03b
b9a8d922c88d0eb30a60cdb75d60fea90bd03745388f2da0f05350400c19e808
bbf88c8133ea691cdeb659cd2b3fe79faf0e63de83e8f0a9a9aea127bc708d6e

buddy.safewatch.xyz Open in urlscan Pro 104.237.4.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

106 kBTransfer

107 kBSize

0 Cookies

10 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

buddy.safewatch.xyz Open in urlscan Pro
104.237.4.105 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

106 kB
Transfer

107 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions