thg.safezone.cc - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 142.132.181.226, located in Germany and belongs to HETZNER-AS, DE. The main domain is thg.safezone.cc.
TLS certificate: Issued by R3 on April 12th 2024. Valid for: 3 months.

This is the only time thg.safezone.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	142.132.181.226 142.132.181.226		24940 (HETZNER-AS) (HETZNER-AS)
3	2

2 142.132.181.226 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.226.181.132.142.clients.your-server.de

thg.safezone.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	safezone.cc thg.safezone.cc	6 KB
0	thg.ru Failed thg.ru Failed
3	2

	Domain	Requested by
2	thg.safezone.cc
0	thg.ru Failed	thg.safezone.cc
3	2

This site contains no links.

Subject Issuer	Validity	Valid
thg.safezone.cc R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://thg.safezone.cc/
Frame ID: 24DA2F1CB51E5171576AAC5EC7C06181
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ГЉГ«ГіГЎ ГЅГЄГ±ГЇГҐГ°ГІГ®Гў THG.ru Database Error

Detected technologies

vBulletin (Message Boards) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

6 kB
Transfer

7 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.thg.ru/forum/image.php?type=dberror HTTP 301
https://thg.ru/forum/image.php?type=dberror HTTP 301
https://thg.ru/forum/image.php

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response thg.safezone.cc/	3 KB 2 KB	173ms 70ms	Document text/html	142.132.181.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://thg.safezone.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 142.132.181.226 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.181.132.142.clients.your-server.de Software nginx / Resource Hash `11a9b1112ed6a7b4475b63e9d5367ac9af83da4da2f45136c974b1808d470f62` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control private content-encoding gzip content-type text/html; charset=windows-1251 date Fri, 12 Apr 2024 19:20:38 GMT pragma private server nginx vary Accept-Encoding
GET		image.php thg.ru/forum/ Redirect Chain https://www.thg.ru/forum/image.php?type=dberror https://thg.ru/forum/image.php?type=dberror https://thg.ru/forum/image.php	0 0

GET H2	200	favicon.ico thg.safezone.cc/	5 KB 5 KB	45ms 45ms	Other image/vnd.microsoft.icon	142.132.181.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://thg.safezone.cc/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 142.132.181.226 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.181.132.142.clients.your-server.de Software nginx / Resource Hash `48f6a8da19eb9a6c827453eae8806d06407d296c5e22dcd86256a9b72289573f` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thg.safezone.cc/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 19:20:40 GMT last-modified Fri, 12 Apr 2024 14:18:07 GMT server nginx accept-ranges bytes etag "1266-615e6f0d8572f" content-length 4710 content-type image/vnd.microsoft.icon

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: thg.ru
URL: https://thg.ru/forum/image.php

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thg.safezone.cc/	1969-12-31 23:59:59	Name: bbsessionhash Value: 27ed4c640b7de410c37a12ae2a95a002
thg.safezone.cc/	1970-01-21 04:34:45	Name: bblastvisit Value: 1712949638
thg.safezone.cc/	1970-01-21 04:34:45	Name: bblastactivity Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://thg.safezone.cc/ Message: Mixed Content: The page at 'https://thg.safezone.cc/' was loaded over HTTPS, but requested an insecure element 'http://www.thg.ru/forum/image.php?type=dberror'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://thg.safezone.cc/(Line 70) Message: Mixed Content: The page at 'https://thg.safezone.cc/' was loaded over HTTPS, but requested an insecure element 'http://www.thg.ru/forum/image.php?type=dberror'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

thg.ru
thg.safezone.cc
thg.ru
142.132.181.226
11a9b1112ed6a7b4475b63e9d5367ac9af83da4da2f45136c974b1808d470f62
48f6a8da19eb9a6c827453eae8806d06407d296c5e22dcd86256a9b72289573f

thg.safezone.cc Open in urlscan Pro 142.132.181.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

3 Requests

67 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

6 kBTransfer

7 kBSize

3 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

thg.safezone.cc Open in urlscan Pro
142.132.181.226 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

6 kB
Transfer

7 kB
Size

3
Cookies

3 HTTP transactions
0 data transactions