thuviendata.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 69.197.179.238, located in Kansas City, United States and belongs to WII, US. The main domain is thuviendata.com.

This is the only time thuviendata.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	69.197.179.238 69.197.179.238	32097 (WII) (WII)
4 8	159.69.196.11 159.69.196.11	24940 (HETZNER-AS) (HETZNER-AS)
5	2

1 69.197.179.238 (Kansas City, United States)

ASN32097 (WII, US)

thuviendata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 159.69.196.11 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.11.196.69.159.clients.your-server.de

script.dlemp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	dlemp.net 4 redirects script.dlemp.net	14 KB
1	thuviendata.com thuviendata.com	2 KB
5	2

	Domain	Requested by
8	script.dlemp.net	4 redirects thuviendata.com
1	thuviendata.com
5	2

This site contains links to these domains. Also see Links.

Domain
dlemp.net
wiki.nginx.org
nginx.org
php.net
mariadb.org
centos.org

Subject Issuer	Validity	Valid
script.dlemp.net Let's Encrypt Authority X3	`2020-10-14` - `2021-01-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://thuviendata.com/
Frame ID: 54459685D4729537A9C9211CE91145F6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

15 kB
Transfer

17 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://dlemp.net/
Title: DLEMP

Search URL Search Domain Scan URL

URL: http://wiki.nginx.org/NginxPropaganda
Title: these

Search URL Search Domain Scan URL

URL: http://nginx.org/

Search URL Search Domain Scan URL

URL: http://php.net/

Search URL Search Domain Scan URL

URL: https://mariadb.org/

Search URL Search Domain Scan URL

URL: http://centos.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://script.dlemp.net/assets/images/nginx.gif HTTP 301
https://script.dlemp.net/assets/images/nginx.gif

Request Chain 1

http://script.dlemp.net/assets/images/php-power-white.gif HTTP 301
https://script.dlemp.net/assets/images/php-power-white.gif

Request Chain 2

http://script.dlemp.net/assets/images/Mariadb.jpg HTTP 301
https://script.dlemp.net/assets/images/Mariadb.jpg

Request Chain 3

http://script.dlemp.net/assets/images/centos.png HTTP 301
https://script.dlemp.net/assets/images/centos.png

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response thuviendata.com/	4 KB 2 KB	253ms 228ms	Document text/html	69.197.179.238 WII
General Check archive.org Show headers Download Go to Full URL http://thuviendata.com/ Protocol HTTP/1.1 Server 69.197.179.238 Kansas City, United States, ASN32097 (WII, US), Reverse DNS Software Nginx / DLEMP Resource Hash `5ba47b96ae423a4f13e40ad3c36f7b6497723557ac2909aa0008c077c1f4c678` Request headers Host thuviendata.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 28 Oct 2020 22:40:26 GMT Content-Type text/html Last-Modified Tue, 20 Oct 2020 15:21:19 GMT Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding ETag W/"5f8f006f-10a4" Server Nginx X-Powered-By DLEMP Content-Encoding gzip
GET H2	200	nginx.gif script.dlemp.net/assets/images/ Redirect Chain http://script.dlemp.net/assets/images/nginx.gif https://script.dlemp.net/assets/images/nginx.gif	377 B 616 B	85ms 28ms	Image image/gif	159.69.196.11 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://script.dlemp.net/assets/images/nginx.gif Requested by Host: thuviendata.com URL: http://thuviendata.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.196.11 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.11.196.69.159.clients.your-server.de Software Nginx / DLEMP Resource Hash `c794a0fd63c8eee452c1090bb43e1e1324bf38c6cdd7f153db06bfe0bfb13efa` Request headers Referer http://thuviendata.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 28 Oct 2020 22:40:26 GMT last-modified Sun, 16 Aug 2020 02:08:50 GMT server Nginx x-powered-by DLEMP etag "5f389532-179" content-type image/gif status 200 cache-control max-age=2592000, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 377 expires Fri, 27 Nov 2020 22:40:26 GMT Redirect headers Location https://script.dlemp.net/assets/images/nginx.gif Date Wed, 28 Oct 2020 22:40:26 GMT Server Nginx Connection keep-alive X-Powered-By DLEMP Content-Length 162 Content-Type text/html
GET H2	200	php-power-white.gif script.dlemp.net/assets/images/ Redirect Chain http://script.dlemp.net/assets/images/php-power-white.gif https://script.dlemp.net/assets/images/php-power-white.gif	2 KB 2 KB	85ms 28ms	Image image/gif	159.69.196.11 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://script.dlemp.net/assets/images/php-power-white.gif Requested by Host: thuviendata.com URL: http://thuviendata.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.196.11 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.11.196.69.159.clients.your-server.de Software Nginx / DLEMP Resource Hash `a1f493716b89bcc10c13776a3429eaca342d3ae6956efb1d6d739a4a3807dfc4` Request headers Referer http://thuviendata.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 28 Oct 2020 22:40:26 GMT last-modified Sun, 16 Aug 2020 02:08:50 GMT server Nginx x-powered-by DLEMP etag "5f389532-8e0" content-type image/gif status 200 cache-control max-age=2592000, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 2272 expires Fri, 27 Nov 2020 22:40:26 GMT Redirect headers Location https://script.dlemp.net/assets/images/php-power-white.gif Date Wed, 28 Oct 2020 22:40:26 GMT Server Nginx Connection keep-alive X-Powered-By DLEMP Content-Length 162 Content-Type text/html
GET H2	200	Mariadb.jpg script.dlemp.net/assets/images/ Redirect Chain http://script.dlemp.net/assets/images/Mariadb.jpg https://script.dlemp.net/assets/images/Mariadb.jpg	3 KB 4 KB	84ms 27ms	Image image/jpeg	159.69.196.11 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://script.dlemp.net/assets/images/Mariadb.jpg Requested by Host: thuviendata.com URL: http://thuviendata.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.196.11 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.11.196.69.159.clients.your-server.de Software Nginx / DLEMP Resource Hash `f733feae6e4c88f0f5e1130b67809d8682c75cd6eb5cfadd665bb9ccb9ac7433` Request headers Referer http://thuviendata.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 28 Oct 2020 22:40:26 GMT last-modified Sun, 16 Aug 2020 02:08:50 GMT server Nginx x-powered-by DLEMP etag "5f389532-de8" content-type image/jpeg status 200 cache-control max-age=2592000, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 3560 expires Fri, 27 Nov 2020 22:40:26 GMT Redirect headers Location https://script.dlemp.net/assets/images/Mariadb.jpg Date Wed, 28 Oct 2020 22:40:26 GMT Server Nginx Connection keep-alive X-Powered-By DLEMP Content-Length 162 Content-Type text/html
GET H2	200	centos.png script.dlemp.net/assets/images/ Redirect Chain http://script.dlemp.net/assets/images/centos.png https://script.dlemp.net/assets/images/centos.png	6 KB 7 KB	85ms 28ms	Image image/png	159.69.196.11 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://script.dlemp.net/assets/images/centos.png Requested by Host: thuviendata.com URL: http://thuviendata.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.196.11 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.11.196.69.159.clients.your-server.de Software Nginx / DLEMP Resource Hash `c00faea707f16fcee870d64012458fcf4281bff23ee7de929be15e666708082f` Request headers Referer http://thuviendata.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 28 Oct 2020 22:40:26 GMT last-modified Sun, 16 Aug 2020 02:08:50 GMT server Nginx x-powered-by DLEMP etag "5f389532-1926" content-type image/png status 200 cache-control max-age=2592000, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 6438 expires Fri, 27 Nov 2020 22:40:26 GMT Redirect headers Location https://script.dlemp.net/assets/images/centos.png Date Wed, 28 Oct 2020 22:40:26 GMT Server Nginx Connection keep-alive X-Powered-By DLEMP Content-Length 162 Content-Type text/html

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

script.dlemp.net
thuviendata.com
159.69.196.11
69.197.179.238
5ba47b96ae423a4f13e40ad3c36f7b6497723557ac2909aa0008c077c1f4c678
a1f493716b89bcc10c13776a3429eaca342d3ae6956efb1d6d739a4a3807dfc4
c00faea707f16fcee870d64012458fcf4281bff23ee7de929be15e666708082f
c794a0fd63c8eee452c1090bb43e1e1324bf38c6cdd7f153db06bfe0bfb13efa
f733feae6e4c88f0f5e1130b67809d8682c75cd6eb5cfadd665bb9ccb9ac7433

thuviendata.com Open in urlscan Pro 69.197.179.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

5 Requests

80 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

15 kBTransfer

17 kBSize

0 Cookies

6 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

thuviendata.com Open in urlscan Pro
69.197.179.238 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

15 kB
Transfer

17 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions