urlscan.io logo urlscan.io
SecurityTrails logo

dedu.zvptu.zt.ua Open in urlscan Pro
31.41.216.78  Public Scan

Go To Rescan Add Verdict Report
URL: https://dedu.zvptu.zt.ua/
Submission: On August 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 31.41.216.78, located in Ukraine and belongs to BESTHOSTING-AS, UA. The main domain is dedu.zvptu.zt.ua.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 23rd 2020. Valid for: 3 months.
This is the only time dedu.zvptu.zt.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 31.41.216.78 42655 (BESTHOSTI...)
7 2
Apex Domain
Subdomains		 Transfer
2 zvptu.zt.ua
dedu.zvptu.zt.ua
12 KB
7 1
Domain Requested by
2 dedu.zvptu.zt.ua dedu.zvptu.zt.ua
7 1

This site contains links to these domains. Also see Links.

Domain
moodle.org
Subject Issuer Validity Valid
zvptu.zt.ua
Let's Encrypt Authority X3		 2020-06-23 -
2020-09-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dedu.zvptu.zt.ua/
Frame ID: 076D0687E4186FDD74CF541A8B88FE03
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta keywords /^moodle/i
Overall confidence: 100%
Detected patterns
  • meta keywords /^moodle/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

14 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

12 kB
Transfer

43 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dedu.zvptu.zt.ua/ 		33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dedu.zvptu.zt.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx / PHP/7.2.33
Resource Hash
068f59a6314e4f5a488ba426ad7ab50ef2b3f999267199cb3afe36fb3fdc4777
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

:method
GET
:authority
dedu.zvptu.zt.ua
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Sat, 22 Aug 2020 21:57:38 GMT
content-type
text/html; charset=utf-8
content-length
8698
x-powered-by
PHP/7.2.33
content-language
uk
content-script-type
text/javascript
content-style-type
text/css
x-ua-compatible
IE=edge
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
pragma
no-cache
expires
Mon, 20 Aug 1969 09:23:00 GMT
accept-ranges
none
x-frame-options
sameorigin
set-cookie
MoodleSession=e74c22ee3e369df4684f31496ced6633; path=/
last-modified
Sat, 22 Aug 2020 21:57:38 GMT
vary
Accept-Encoding,User-Agent
content-encoding
gzip
moodlelogo
dedu.zvptu.zt.ua/theme/image.php/boost/core/1546208747/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dedu.zvptu.zt.ua/theme/image.php/boost/core/1546208747/moodlelogo
Requested by
Host: dedu.zvptu.zt.ua
URL: https://dedu.zvptu.zt.ua/
Protocol
HTTP/1.1
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx / PHP/7.2.33
Resource Hash
7b3641053b3bf7af271fe009f6aadb0998054d207bf33d4b297681c0fbd9cd09

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
Date
Sat, 22 Aug 2020 21:57:39 GMT
Content-Encoding
gzip
Etag
"62685422d46cad2cb8fefa0fa09467e365491178"
Last-Modified
Sun, 30 Dec 2018 22:35:02 GMT
Server
nginx
X-Powered-By
PHP/7.2.33
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Cache-Control
public, max-age=7776000, no-transform, immutable
Transfer-Encoding
chunked
Content-Disposition
inline; filename="moodlelogo.svg"
Connection
keep-alive
Accept-Ranges
none
Expires
Fri, 20 Nov 2020 21:57:39 GMT
yui_combo.php
dedu.zvptu.zt.ua/theme/ 		0
0
all
dedu.zvptu.zt.ua/theme/styles.php/boost/1546208747_1/ 		0
0
yui_combo.php
dedu.zvptu.zt.ua/theme/ 		0
0
javascript-static.js
dedu.zvptu.zt.ua/lib/javascript.php/1546208747/lib/ 		0
0
require.min.js
dedu.zvptu.zt.ua/lib/javascript.php/1546208747/lib/requirejs/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dedu.zvptu.zt.ua
URL
http://dedu.zvptu.zt.ua/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
Domain
dedu.zvptu.zt.ua
URL
http://dedu.zvptu.zt.ua/theme/styles.php/boost/1546208747_1/all
Domain
dedu.zvptu.zt.ua
URL
http://dedu.zvptu.zt.ua/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
Domain
dedu.zvptu.zt.ua
URL
http://dedu.zvptu.zt.ua/lib/javascript.php/1546208747/lib/javascript-static.js
Domain
dedu.zvptu.zt.ua
URL
http://dedu.zvptu.zt.ua/lib/javascript.php/1546208747/lib/requirejs/require.min.js

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| M function| yui1ConfigFn function| yui2ConfigFn object| YUI_config object| require

1 Cookies

Domain/Path Name / Value
dedu.zvptu.zt.ua/ Name: MoodleSession
Value: e74c22ee3e369df4684f31496ced6633

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dedu.zvptu.zt.ua
dedu.zvptu.zt.ua
31.41.216.78
068f59a6314e4f5a488ba426ad7ab50ef2b3f999267199cb3afe36fb3fdc4777
7b3641053b3bf7af271fe009f6aadb0998054d207bf33d4b297681c0fbd9cd09