analytics.nanotwitchleafs.de Open in urlscan Pro
138.201.65.47 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://analytics.nanotwitchleafs.de/
Submission Tags: phishingrod
Submission: On December 17 via api (December 17th 2023, 1:54:48 am UTC) from DE — Scanned from DE

Summary HTTP 7 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 138.201.65.47, located in Germany and belongs to HETZNER-AS, DE. The main domain is analytics.nanotwitchleafs.de.
TLS certificate: Issued by R3 on December 17th 2023. Valid for: 3 months.

This is the only time analytics.nanotwitchleafs.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7	138.201.65.47 138.201.65.47		24940 (HETZNER-AS) (HETZNER-AS)
7	2

7 138.201.65.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: server.locxserv.de

analytics.nanotwitchleafs.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	nanotwitchleafs.de analytics.nanotwitchleafs.de	78 KB
7	1

	Domain	Requested by
7	analytics.nanotwitchleafs.de	analytics.nanotwitchleafs.de
7	1

This site contains links to these domains. Also see Links.

Domain
learn.microsoft.com

Subject Issuer	Validity	Valid
analytics.nanotwitchleafs.de R3	`2023-12-17` - `2024-03-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://analytics.nanotwitchleafs.de/
Frame ID: A1EB30F5255438EDA19AF93FE8ECE4C3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

78 kB
Transfer

357 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://learn.microsoft.com/aspnet/core/
Title: About

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
analytics.nanotwitchleafs.de/ 5 KB
3 KB 66ms
23ms Document
text/html 138.201.65.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.nanotwitchleafs.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

138.201.65.47 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server.locxserv.de

Software

Kestrel / Phusion Passenger(R) 6.0.13 PleskLin

Resource Hash

b68ae0011c393719542fd4a180c508dd393192277f483dee3c20013f81ffc368

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, max-age=0
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Sun, 17 Dec 2023 01:54:42 GMT
Pragma: no-cache
Server: Kestrel
Status: 200 OK
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
X-Powered-By: Phusion Passenger(R) 6.0.13 PleskLin
blazor-enhanced-nav: allow

GET
H/1.1 200
OK bootstrap.min.css
analytics.nanotwitchleafs.de/bootstrap/ 159 KB
21 KB 17ms
17ms Stylesheet
text/css 138.201.65.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.nanotwitchleafs.de/bootstrap/bootstrap.min.css
Requested by: Host: analytics.nanotwitchleafs.de
URL: https://analytics.nanotwitchleafs.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.65.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.locxserv.de
Software: Kestrel / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash: 4a221530681185d5e32924c875d5fb9a1f486ce5d573041673bfe9e274ba0ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://analytics.nanotwitchleafs.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 01:54:42 GMT
Content-Encoding: br
Last-Modified: Mon, 30 Oct 2023 17:22:22 GMT
Server: Kestrel
ETag: W/"1da0b55a47120a6"
X-Powered-By: Phusion Passenger(R) 6.0.13, PleskLin
Transfer-Encoding: chunked
Content-Type: text/css
Status: 200 OK
Connection: keep-alive

GET
H/1.1 200
OK app.css
analytics.nanotwitchleafs.de/ 2 KB
2 KB 34ms
12ms Stylesheet
text/css 138.201.65.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.nanotwitchleafs.de/app.css
Requested by: Host: analytics.nanotwitchleafs.de
URL: https://analytics.nanotwitchleafs.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.65.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.locxserv.de
Software: Kestrel / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash: 0d294c7ef9ff42f6aafd535374e9518658e979ebef7c82971b28020e5048ccc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://analytics.nanotwitchleafs.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 01:54:42 GMT
Content-Encoding: br
Last-Modified: Mon, 30 Oct 2023 17:22:22 GMT
Server: Kestrel
ETag: W/"1da0b55a47352d2"
X-Powered-By: Phusion Passenger(R) 6.0.13, PleskLin
Transfer-Encoding: chunked
Content-Type: text/css
Status: 200 OK
Connection: keep-alive

GET
H/1.1 200
OK NanoTwitchLeafs.Analytics.styles.css
analytics.nanotwitchleafs.de/ 8 KB
2 KB 34ms
13ms Stylesheet
text/css 138.201.65.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.nanotwitchleafs.de/NanoTwitchLeafs.Analytics.styles.css
Requested by: Host: analytics.nanotwitchleafs.de
URL: https://analytics.nanotwitchleafs.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.65.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.locxserv.de
Software: Kestrel / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash: 8cbc5a7b3654b17b4aaec4f0ab32aba0af9d3d042b2e8debbe0d3ac746e38d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://analytics.nanotwitchleafs.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 01:54:42 GMT
Content-Encoding: br
Last-Modified: Sun, 19 Nov 2023 11:08:00 GMT
Server: Kestrel
ETag: W/"1da1ad8a851377d"
X-Powered-By: Phusion Passenger(R) 6.0.13, PleskLin
Transfer-Encoding: chunked
Content-Type: text/css
Status: 200 OK
Connection: keep-alive

GET
H/1.1 200
OK blazor.web.js Show response
analytics.nanotwitchleafs.de/_framework/ 182 KB
49 KB 36ms
13ms Script
text/javascript 138.201.65.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.nanotwitchleafs.de/_framework/blazor.web.js
Requested by: Host: analytics.nanotwitchleafs.de
URL: https://analytics.nanotwitchleafs.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.65.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.locxserv.de
Software: Kestrel / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash: 14dd966df739eb4279487890036e29fde73f2acdf963b6cbf43b16401cc4ce94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://analytics.nanotwitchleafs.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 01:54:42 GMT
Content-Encoding: br
Last-Modified: Wed, 01 Nov 2023 00:50:30 GMT
Server: Kestrel
ETag: W/"1da0c5d695e98ab"
X-Powered-By: Phusion Passenger(R) 6.0.13, PleskLin
Transfer-Encoding: chunked
Content-Type: text/javascript
Status: 200 OK
Cache-Control: no-cache
Connection: keep-alive

GET
DATA 200
OK truncated
/ 410 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93a9e8112bea2e058b854f122876b287d2991826337d108512eb85cf8f382e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 339 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8918f73724864433b018e1e1885a346e8c52306a7b9244af2390493c5ce7e579

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK initializers Show response
analytics.nanotwitchleafs.de/_blazor/ 2 B
298 B 15ms
15ms Fetch
application/json 138.201.65.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.nanotwitchleafs.de/_blazor/initializers
Requested by: Host: analytics.nanotwitchleafs.de
URL: https://analytics.nanotwitchleafs.de/_framework/blazor.web.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.65.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.locxserv.de
Software: Kestrel / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://analytics.nanotwitchleafs.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 01:54:42 GMT
Content-Encoding: br
Server: Kestrel
X-Powered-By: Phusion Passenger(R) 6.0.13, PleskLin
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Status: 200 OK
Connection: keep-alive

POST
H/1.1 200
OK negotiate Show response
analytics.nanotwitchleafs.de/_blazor/ 316 B
457 B 17ms
17ms Fetch
application/json 138.201.65.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.nanotwitchleafs.de/_blazor/negotiate?negotiateVersion=1
Requested by: Host: analytics.nanotwitchleafs.de
URL: https://analytics.nanotwitchleafs.de/_framework/blazor.web.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.65.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.locxserv.de
Software: Kestrel / Phusion Passenger(R) 6.0.13, PleskLin
Resource Hash: f4c5fd03779f0c223ed432ca2fde4df756bddf1c905c4902a3482c7a23e319d5

Request headers

Referer: https://analytics.nanotwitchleafs.de/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)

Response headers

Date: Sun, 17 Dec 2023 01:54:42 GMT
Content-Encoding: br
Server: Kestrel
X-Powered-By: Phusion Passenger(R) 6.0.13, PleskLin
Transfer-Encoding: chunked
Content-Type: application/json
Status: 200 OK
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| Blazor object| DotNet

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			analytics.nanotwitchleafs.de/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.g5fUdrkbzjQ Value: CfDJ8MugEaAg7I9PmCW5eSvUSNZ4gRVXQvgTQTzL2Kho6BcLqnR4noGYh8iffNGQTQGzgHxUJ53JJbbPGUuIMW-hV3z81iO6azAekT1zsIL0BIKGS3Gi2h_y9QxX2rNBZgAZkcEPvrbimp911HtxOpV3tEc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.nanotwitchleafs.de
138.201.65.47
0d294c7ef9ff42f6aafd535374e9518658e979ebef7c82971b28020e5048ccc3
14dd966df739eb4279487890036e29fde73f2acdf963b6cbf43b16401cc4ce94
4a221530681185d5e32924c875d5fb9a1f486ce5d573041673bfe9e274ba0ffd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
8918f73724864433b018e1e1885a346e8c52306a7b9244af2390493c5ce7e579
8cbc5a7b3654b17b4aaec4f0ab32aba0af9d3d042b2e8debbe0d3ac746e38d94
93a9e8112bea2e058b854f122876b287d2991826337d108512eb85cf8f382e3f
b68ae0011c393719542fd4a180c508dd393192277f483dee3c20013f81ffc368
f4c5fd03779f0c223ed432ca2fde4df756bddf1c905c4902a3482c7a23e319d5

analytics.nanotwitchleafs.de Open in urlscan Pro 138.201.65.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

78 kBTransfer

357 kBSize

1 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

analytics.nanotwitchleafs.de Open in urlscan Pro
138.201.65.47 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

78 kB
Transfer

357 kB
Size

1
Cookies

7 HTTP transactions
2 data transactions