pu-dem.dtek-kem.info Open in urlscan Pro
45.60.133.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pu-dem.dtek-kem.info/
Effective URL:
https://pu-dem.dtek-kem.info/
Submission: On August 25 via api (August 25th 2022, 5:49:07 pm UTC) from UA — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 45.60.133.78, located in United States and belongs to INCAPSULA, US. The main domain is pu-dem.dtek-kem.info.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on August 16th 2022. Valid for: 6 months.

This is the only time pu-dem.dtek-kem.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 18	45.60.133.78 45.60.133.78		19551 (INCAPSULA) (INCAPSULA)
17	1

18 45.60.133.78 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

pu-dem.dtek-kem.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	dtek-kem.info 1 redirects pu-dem.dtek-kem.info	183 KB
17	1

	Domain	Requested by
18	pu-dem.dtek-kem.info	1 redirects pu-dem.dtek-kem.info
17	1

This site contains no links.

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-16` - `2023-02-12`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://pu-dem.dtek-kem.info/
Frame ID: C1C67370F50E614B9AA15E91AE5FDCF6
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ДТЕК Донецькі електромережі

Page URL History Show full URLs

http://pu-dem.dtek-kem.info/ HTTP 301
https://pu-dem.dtek-kem.info/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

182 kB
Transfer

690 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pu-dem.dtek-kem.info/ HTTP 301
https://pu-dem.dtek-kem.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pu-dem.dtek-kem.info/
Redirect Chain

http://pu-dem.dtek-kem.info/
https://pu-dem.dtek-kem.info/

9 KB
4 KB

277ms
233ms

Document
text/html

45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://pu-dem.dtek-kem.info/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

45.60.133.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30 / PHP/7.4.30

Resource Hash

f97408081525cc8734936d892271246a47562eaa6f7de1b21afaf3ec995aeda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 17:49:03 GMT
server: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: DENY
x-iinfo: 16-60525382-60525392 NNYN CT(31 32 0) RT(1661449742360 23) q(0 0 1 -1) r(1 2) U12
x-powered-by: PHP/7.4.30
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 237
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 25 Aug 2022 17:49:03 GMT
Keep-Alive: timeout=5, max=100
Location: https://pu-dem.dtek-kem.info/
Server: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30
X-CDN: Imperva
X-Iinfo: 1018-82665188-82665253 NNNN CT(42 -1 0) RT(1661449742074 0) q(0 2 2 0) r(3 3) U11

GET
H2 200 all.min.css
pu-dem.dtek-kem.info/dist/fontawesome-free-5.8.2-web/css/ 54 KB
12 KB 62ms
60ms Stylesheet
text/css 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/dist/fontawesome-free-5.8.2-web/css/all.min.css
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Tue, 07 May 2019 13:33:50 GMT
x-cdn: Imperva
etag: "d78f-5884c44664b80"
content-type: text/css
x-iinfo: 16-60525382-60525475 2CNN RT(1661449742360 263) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50494, public
content-length: 12077
expires: Fri, 26 Aug 2022 07:50:37 GMT

GET
H2 200 bootstrap-grid.min.css
pu-dem.dtek-kem.info/dist/bootstrap-4.3.1/ 47 KB
6 KB 37ms
35ms Stylesheet
text/css 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/dist/bootstrap-4.3.1/bootstrap-grid.min.css
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f0d0d2a315ef924c8dc269b221bb908637a2e8a56f70bccea51a37e5cda1c336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Mon, 03 Aug 2020 19:43:04 GMT
x-cdn: Imperva
etag: "bd36-5abfe58d5c200"
content-type: text/css
x-iinfo: 16-60525382-60520263 2CNN RT(1661449742360 266) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50491, public
content-length: 5825
expires: Fri, 26 Aug 2022 07:50:34 GMT

GET
H2 200 bootstrap.min.css
pu-dem.dtek-kem.info/dist/bootstrap-4.3.1/ 152 KB
23 KB 46ms
45ms Stylesheet
text/css 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/dist/bootstrap-4.3.1/bootstrap.min.css
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 882f9a6a85743235cbd8889b82d92c70da49b469eb437c68c12a760023cd8e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Mon, 03 Aug 2020 19:49:21 GMT
x-cdn: Imperva
etag: "26040-5abfe6f4e5240"
content-type: text/css
x-iinfo: 16-60525382-60524444 2CNN RT(1661449742360 274) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50493, public
content-length: 23196
expires: Fri, 26 Aug 2022 07:50:36 GMT

GET
H2 200 icheck-bootstrap.min.css
pu-dem.dtek-kem.info/dist/icheck-bootstrap/ 12 KB
2 KB 49ms
47ms Stylesheet
text/css 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/dist/icheck-bootstrap/icheck-bootstrap.min.css
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 0d9e5b09c1ee5378a7c27f8fcef8377700a1c79fa45cda76510821d9c42920b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Thu, 17 Oct 2019 08:58:18 GMT
x-cdn: Imperva
etag: "30d5-595176b261e80"
content-type: text/css
x-iinfo: 16-60525382-60520307 2CNN RT(1661449742360 278) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50493, public
content-length: 1587
expires: Fri, 26 Aug 2022 07:50:36 GMT

GET
H2 200 select2.css
pu-dem.dtek-kem.info/dist/select2/ 19 KB
3 KB 68ms
67ms Stylesheet
text/css 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/dist/select2/select2.css
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 4a98a49aaeec336957486cfb95fbbdae85af01c1f72cc8cb30ce8e97a05ddd97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Sat, 30 May 2020 16:03:35 GMT
x-cdn: Imperva
etag: "4c01-5a6dfb43763c0"
content-type: text/css
x-iinfo: 16-60525382-60525484 2CNN RT(1661449742360 288) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50493, public
content-length: 3291
expires: Fri, 26 Aug 2022 07:50:36 GMT

GET
H2 200 main.css
pu-dem.dtek-kem.info/css/ 8 KB
2 KB 69ms
68ms Stylesheet
text/css 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/css/main.css
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c786f9dcd2501ee28a93d9c461a2e778865fea3494ec6723dd32110b035323a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 20:33:28 GMT
x-cdn: Imperva
etag: "2105-5a7480e99d600"
content-type: text/css
x-iinfo: 16-60525382-60525486 2CNN RT(1661449742360 291) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50494, public
content-length: 2337
expires: Fri, 26 Aug 2022 07:50:37 GMT

GET
H2 200 style_kes.css
pu-dem.dtek-kem.info/css/ 754 B
449 B 81ms
80ms Stylesheet
text/css 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/css/style_kes.css
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: dab5476dad32bccf59fe3d850098181a10c718259d8b00dd7382a00e0b30e106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Wed, 03 Jun 2020 16:06:16 GMT
x-cdn: Imperva
etag: "3b8-5a730352d8e00"
content-type: text/css
x-iinfo: 16-60525382-60525488 2CNN RT(1661449742360 295) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50494, public
content-length: 319
expires: Fri, 26 Aug 2022 07:50:37 GMT

GET
H2 200 logo_kes.svg
pu-dem.dtek-kem.info/ 1003 B
748 B 98ms
97ms Image
image/svg+xml 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pu-dem.dtek-kem.info/logo_kes.svg

Requested by

Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

45.60.133.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30 /

Resource Hash

f26166828fb369521635a820f32d3b3ee81277d55b831c7a4ae417e99d8c0568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 11 Sep 2020 08:40:10 GMT
server: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30
etag: "3eb-5af05a1ee4e80"
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 16-60525382-60525392 PNYN RT(1661449742360 311) q(0 0 0 -1) r(1 1) U18
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 jquery.min.js Show response
pu-dem.dtek-kem.info/dist/ 87 KB
30 KB 67ms
65ms Script
application/javascript 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/dist/jquery.min.js
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 10:21:38 GMT
x-cdn: Imperva
etag: "15d9d-5d71a7fdf1080"
content-type: application/javascript
x-iinfo: 16-60525382-60525490 2CNN RT(1661449742360 298) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50495, public
content-length: 30840
expires: Fri, 26 Aug 2022 07:50:38 GMT

GET
H2 200 jquery.maskedinput.min.js Show response
pu-dem.dtek-kem.info/dist/ 4 KB
2 KB 74ms
72ms Script
application/javascript 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/dist/jquery.maskedinput.min.js
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3db8849d70ca2431fdb001f08b03e3bc0548da0cf229340cb84c79c4fdd4569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2015 15:09:32 GMT
x-cdn: Imperva
etag: "10e4-5281eece34300"
content-type: application/javascript
x-iinfo: 16-60525382-60525486 2CNN RT(1661449742360 301) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50495, public
content-length: 1820
expires: Fri, 26 Aug 2022 07:50:38 GMT

GET
H2 200 select2.js Show response
pu-dem.dtek-kem.info/dist/select2/ 80 KB
21 KB 75ms
73ms Script
application/javascript 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/dist/select2/select2.js
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f691653cc84173b7eb1eda68d66989c2f03cbbf21431c50e87ced8d336a1184e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Sun, 31 May 2020 16:06:14 GMT
x-cdn: Imperva
etag: "245ac-5a6f3db88e980"
content-type: application/javascript
x-iinfo: 16-60525382-60525497 2CNN RT(1661449742360 305) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50496, public
content-length: 20792
expires: Fri, 26 Aug 2022 07:50:39 GMT

GET
H2 200 main.js Show response
pu-dem.dtek-kem.info/js/ 2 KB
1 KB 74ms
73ms Script
application/javascript 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/js/main.js
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a0fa54ece8155a56499b26dab47c37de578eb2d9a7c0a0cc3f789ba6c19fa1d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 14:38:41 GMT
x-cdn: Imperva
etag: "b37-5ba474f64be40"
content-type: application/javascript
x-iinfo: 16-60525382-60525498 2CNN RT(1661449742360 308) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=50663, public
content-length: 875
expires: Fri, 26 Aug 2022 07:53:26 GMT

GET
H2 200 _Incapsula_Resource Show response
pu-dem.dtek-kem.info/ 162 KB
23 KB 66ms
65ms Script
application/javascript 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://pu-dem.dtek-kem.info/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1965549315
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: b7c7eac55cbc7a540ad12b76067086d50de1a0d7a8e94ad80f9648e6e9cede07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 23217
content-type: application/javascript

GET
H2 200 314b18fdaf95a73f526f169fda5dc191.woff
pu-dem.dtek-kem.info/dist/fonts/ 51 KB
51 KB 118ms
117ms Font
application/font-woff 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://pu-dem.dtek-kem.info/dist/fonts/314b18fdaf95a73f526f169fda5dc191.woff

Requested by

Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/css/main.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

45.60.133.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30 /

Resource Hash

d148276876724b325e9dcb900991e389c1c994549f20e89c5ed874a9c603ed2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pu-dem.dtek-kem.info/css/main.css
Origin: https://pu-dem.dtek-kem.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Oct 2019 08:38:24 GMT
server: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30
etag: "ca80-5961ca7eb0000"
x-frame-options: DENY
content-type: application/font-woff
x-iinfo: 16-60525382-60525497 2NYN RT(1661449742360 377) q(0 0 0 -1) r(1 1) U12
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 select2.png
pu-dem.dtek-kem.info/dist/select2/ 518 B
718 B 24ms
24ms Image
image/png 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pu-dem.dtek-kem.info/dist/select2/select2.png
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/dist/select2/select2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d6e577638db834fd15b0f3799b7a3848a64a8daac7c90baa64d72a8a1ed67641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/dist/select2/select2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 17:49:03 GMT
last-modified: Sat, 30 May 2020 17:27:05 GMT
x-cdn: Imperva
etag: "206-5a6e0ded5ec40"
content-type: image/png
x-iinfo: 16-60525382-60524444 2CNN RT(1661449742360 404) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=67485, public
content-length: 518
expires: Fri, 26 Aug 2022 12:33:48 GMT

GET
H2 200 _Incapsula_Resource
pu-dem.dtek-kem.info/ 1 B
35 B 21ms
20ms Image
text/plain 45.60.133.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pu-dem.dtek-kem.info/_Incapsula_Resource?SWKMTFSR=1&e=0.9256442400658051
Requested by: Host: pu-dem.dtek-kem.info
URL: https://pu-dem.dtek-kem.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.133.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pu-dem.dtek-kem.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| Select2 string| _token function| _insertGetParam

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dtek-kem.info/	1970-01-20 14:15:15	Name: visid_incap_2197352 Value: 25zMLzo7RIuo40vbuKk3HA62B2MAAAAAQUIPAAAAAADy2u+8Vw2hLxUOp5xw8AMw
			.dtek-kem.info/	1969-12-31 23:59:59	Name: incap_ses_728_2197352 Value: k42xVVrv30I2npoyRWAaCg62B2MAAAAAVXBYeYRY8JivjYs4LGEYjg==
			pu-dem.dtek-kem.info/	1970-01-20 05:30:56	Name: XSRF-TOKEN Value: eyJpdiI6InVVbXl3NVJIcDJxUVlOTzI1VTlmQlE9PSIsInZhbHVlIjoibEVraFVValVobUthT0ZiemUyazlKWlM4cVN0RkZTdklTUHhOUWtSRk9hYzJlcFwvXC9IYjg4UjI2NVIxVE05eGl3IiwibWFjIjoiMGZjZjc0ZjEwYzc3OWNlOWU0OTdlYjkyNzY2OWY0ZDBmZjZiOGM0ZTQ2ZDA4YTE3ODI4Mjk4MjA4OTE4OTgwMyJ9
			pu-dem.dtek-kem.info/	1970-01-20 05:30:56	Name: dtek_doneckie_elektromerezhi_session Value: eyJpdiI6IndQV081K04xZGpVejNnaHhzbkN4Y0E9PSIsInZhbHVlIjoic3kraG5FUVwvQUNKY1h0U2dxSGJ4TzMrSjZCMFFNWDhDVXZnRWJJdzFEZUd2emdMb3NCa21IVzVNdTA1UUtqaDAiLCJtYWMiOiI0M2RjNzg1YTk3ZGVmZWUxYjdiMWU3YzFlNDc4YmI2MWE5NGE3NjRkNjE1NmM1NzNiMDViMDUzOThlMmM4YTA3In0%3D
			pu-dem.dtek-kem.info/	1970-01-20 05:30:49	Name: ___utmvc Value: TTscTaLghIltA9HNePQyRcRfguuUIki6dDjDTBn992j6Yg0Q5t7xASQD/k+Ok3+mrgWLycc5LNdLSdUTvKhYxdk0w6ssQBn/Q7OsUibLF9IhekWkfIsmFHohDtyFaA0LTrDjE38JkfoRSDlEbcwbXfR3jvL3M5jRSv7eVhX+Z2PBPUF8l40S8DETBh3/JNCYdUjcivWTEA9MZ30sVSp+SUXX1+Fev3GCDDk4pBCsm5yNYTTk62BJBj5WiJW2HNFK98LjnkOmRa/ZBRABhXXTy8IoGiS0dFXbHXClhwUKolvE7C4j9tiRW/3hnV+y2rZGx7w6Hry7u1Hz2fGM4xNBxZ3Gv59BzJhFb+0f9D3TuHk8tL0SjBcmgpfDTkaBm/mDV3jlO8z0sNj8xStG8XKJS5Ka9F9Pyz12sTpWJIhAcFrA+Dj4h/U9VjO7bj+w99YZjQGvhQPpTTPaH47cvjQx3udtjDN/F615J3W/FAVCHoys+C3giw1kdL1FhRFPrXqtcEXOiyv6/H5ppmkkKcDEiC2ekfDr/t3tyVeNRpQZmSV7QE2xnZ8aND/YufKwWDJAme5m97BZM1IHDxUKt8eEdkXIp6dF8RzbRhlBLpcWt6bCNyoaJJA3B7UrAGhC/dHIdJImrVtyrtkHw5VMgG1Twl+RkBfQQfewCmc9MLZEi/5yI1w+6GTiNOdl0IaoDTkGlUYU9KOB6htNKkL5mbLJr8bvMyD+8nN98PEnQ2G/iA2cEr36Ut9AQj3xZljxY5bQARpT0K0o8HeaLes8HFXki767Llo4IbN7XdtGVn7HnXkwvRFWyIkwaHqeXrGj3iAS1n08qLkJxDiQTecmpZjdcqKwV35MKD0qnYx1wdC4hlxyC0PrlQ51uXGWHTstad0hjiIkRUiHAWhVjEwIn80CFdv2ny7bJwIPH/t8gDmwB/iCWaZgO+DzjW74dyBNVTAYfvCShcdj3sNhBevyu0AbWSzw6yzVcwS33YdW1Sb4M6FqrnuyfGG+fbTv5Vx9q8fqEANQUbaf4vGAqFAWAhVsE3GXPyIO9s+DAGFfx2dn7GJgXMmCr8lnUC2tHtxBmYCPQ1zd1TNUtf04Wy16mDoiyqxRoE83ZnFrvDsUhelO2Kuj+zw/GS2gPUUB6zYPEih6nyU3UqG6T9h6QQGLXGZ0ayMgtfvx+LfS2aSi7FD3582Oo1LCwsqed9u0COLl1ey7TgaQIhwf5Ccxb9mPiJyhiRKp8uOj9K2TTI370xU8p6ePWoyOoJjwhgPNxrMSZhkhp0lh5ojMfltgnbkIFpNRYNQ4JLvNUIbqZBEbrmc+KT5CmxpHNW5FXMbGfstI79eUbIEtDnKvtvWfFfA8BuQ3Y3Se41WA7HZv3QhAjiE+vhKHXN70C4hysDGqOpZXiZIRZKicLRNqlKx6rFayXI45pjhWcbu6zq6Udk9IM3hHBB4lMdy7jS0AN+ZIa2TBtFYP7G+s/+B0SeDCU9PcBgzplDO134ouD3DS1q3k8XE/rBzXlwiNqr+PTjP91jO5HbBFHIF4xrDCED3SIUR6JaS6UVE2Bw+dHJDLaqFkJKBtR39Swqnxp9qXy1vmVWL3IHB7cLZmvOgaOoTtY+4BGaGR346olJUhE1KL0J0mM2IKrrFvvwsv88QcF26/73inHI20j2YGB48JK+MIVkD4EZw34Yj+0o0XsHCPbEt8e2xw8dDedQImkECqSVurDcK31artfdlYjX/IM7X+LyoYznQXue06IqcY+B5H4AysUHDZU9OMHq95/SvMiJ4gjDURGxqiu21Npoerp0eIfpOsUEP/fPxXN+ZqDzwebCD87gY2bbVspHNqrgoxJNSMbIEiRT8b8TZYUZPleLxMfOvmjbtbH9Vt0BY/2CLeJ3mk14AY/8VUKyaBmf9LO7r8UTTwGuApmBIyfq0NA/Y1luDv79q3rVoQ8X7SQJSrCZ6KHO2PmDNyQohaWKEYrhLZI8xdZo4xjolGRGMphlrnuJfzaxQqq2MxgcIpLWKhwKpRAT18dUC58+rEgMKpyKA5HLEeQp6OS45WV0bnnGhlRGNAb3DxkZfwTbsDGpfpR/W/UTgL61sMBPNzBcvvghcekZtqrgraqpLSTXHIeu+OewLXi4m+MhBWDQIbjnsmuqxo8Eqwc4w+TBWseN6I/4Ta7EYlPYgKF3oA9giwsU8v0CrxR1+DcVil8zEEAKdT8Ax8Ah0L0eE8kpreSsRjla4a5G4l6xLJcgE7ixihsQscwEjYQ7TMhbFs3x5ZcH6A8t9r/I9CX+CgcW4S7MrqagkKWwRsMLml8y7boQPJqhACF1DZ8yyK75MYj2rPU4oE5waSYR6jT4yLbiLurJJPqU62Oq3wT2JI8n+UboLgYdfIXus+eIIzBnNjmLnbit0Bu0ItMtp/j/WMcPG+/v86dJt1ZznEaookPWsiXTMfo9nq1kDhE3nXZSGmlBAfHwL63mbRg8LBMCWqdXRrZeSz+Xm7CPmeuGoerv4bFQggFX6bpFlvgjYMkmwLxB4PdDJ8WsBdx8ToFR7HcRBwgtahB7Yj5512FlpOWDKDJixZYQXfTxHn8O1RGuDFHaDAZpFL0vKRJ+Oo4wsKwY+EWkOGSUHAD59rrmSQPNScjtJAmkK4jVatCuuO2YpQpgbymBhzuo02QpazEMwzP7lrmoZIcu6J1oOJI/GJLGRpZ2VzdD0xODM1NDIscz03ZDgwN2U3Zjc5YTk2OGFiOTU3ODk4YTg5ZGE5Njc2YTYzYTI3NWIxOGE2N2E1NjM5YmFiODBhNzlhYTY3MzhhYWE4ZTZiNzQ3OGFmNzA3Mg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pu-dem.dtek-kem.info
45.60.133.78
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0d9e5b09c1ee5378a7c27f8fcef8377700a1c79fa45cda76510821d9c42920b8
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
4a98a49aaeec336957486cfb95fbbdae85af01c1f72cc8cb30ce8e97a05ddd97
882f9a6a85743235cbd8889b82d92c70da49b469eb437c68c12a760023cd8e31
a0fa54ece8155a56499b26dab47c37de578eb2d9a7c0a0cc3f789ba6c19fa1d0
b7c7eac55cbc7a540ad12b76067086d50de1a0d7a8e94ad80f9648e6e9cede07
c786f9dcd2501ee28a93d9c461a2e778865fea3494ec6723dd32110b035323a7
d148276876724b325e9dcb900991e389c1c994549f20e89c5ed874a9c603ed2a
d6e577638db834fd15b0f3799b7a3848a64a8daac7c90baa64d72a8a1ed67641
dab5476dad32bccf59fe3d850098181a10c718259d8b00dd7382a00e0b30e106
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3db8849d70ca2431fdb001f08b03e3bc0548da0cf229340cb84c79c4fdd4569
f0d0d2a315ef924c8dc269b221bb908637a2e8a56f70bccea51a37e5cda1c336
f26166828fb369521635a820f32d3b3ee81277d55b831c7a4ae417e99d8c0568
f691653cc84173b7eb1eda68d66989c2f03cbbf21431c50e87ced8d336a1184e
f97408081525cc8734936d892271246a47562eaa6f7de1b21afaf3ec995aeda0