postmaster.edu-5401230.org

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 3 HTTP transactions. The main IP is 102.50.200.23, located in Casablanca, Morocco and belongs to IAM-AS, MA. The main domain is postmaster.edu-5401230.org.
TLS certificate: Issued by R11 on August 6th 2024. Valid for: 3 months.

This is the only time postmaster.edu-5401230.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	132.226.44.1 132.226.44.1	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	102.50.200.23 102.50.200.23	6713 (IAM-AS) (IAM-AS)
1	217.160.0.244 217.160.0.244	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
3	2

1 132.226.44.1 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

654tgfd6845c.from-ca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 102.50.200.23 (Casablanca, Morocco)

ASN6713 (IAM-AS, MA)

postmaster.edu-5401230.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.0.244 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: 217-160-0-244.elastic-ssl.ui-r.com

www.kettrukat.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	edu-5401230.org postmaster.edu-5401230.org	539 B
1	kettrukat.de www.kettrukat.de
1	from-ca.com 1 redirects 654tgfd6845c.from-ca.com	215 B
3	3

	Domain	Requested by
2	postmaster.edu-5401230.org	postmaster.edu-5401230.org
1	www.kettrukat.de	postmaster.edu-5401230.org
1	654tgfd6845c.from-ca.com	1 redirects
3	3

This site contains no links.

Subject Issuer	Validity	Valid
postmaster.edu-5401230.org R11	`2024-08-06` - `2024-11-04`	3 months	crt.sh
kettrukat.de Encryption Everywhere DV TLS CA - G2	`2024-06-09` - `2025-06-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://postmaster.edu-5401230.org/re57f4d2c
Frame ID: 7156587F8A0E7401BEFA40405F77D48C
Requests: 2 HTTP requests in this frame

Frame: https://www.kettrukat.de/
Frame ID: F816F427FF36B165847A1483A1D60957
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

kettrukat 733895

Page URL History Show full URLs

http://654tgfd6845c.from-ca.com/ HTTP 307
https://654tgfd6845c.from-ca.com/ HTTP 307
http://654tgfd6845c.from-ca.com/ HTTP 302
https://postmaster.edu-5401230.org/re57f4d2c Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://654tgfd6845c.from-ca.com/ HTTP 307
https://654tgfd6845c.from-ca.com/ HTTP 307
http://654tgfd6845c.from-ca.com/ HTTP 302
https://postmaster.edu-5401230.org/re57f4d2c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request re57f4d2c Show response
postmaster.edu-5401230.org/
Redirect Chain

http://654tgfd6845c.from-ca.com/
https://654tgfd6845c.from-ca.com/
http://654tgfd6845c.from-ca.com/
https://postmaster.edu-5401230.org/re57f4d2c

295 B
416 B

1286ms
698ms

Document
text/html

102.50.200.23
IAM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://postmaster.edu-5401230.org/re57f4d2c

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

102.50.200.23 Casablanca, Morocco, ASN6713 (IAM-AS, MA),

Reverse DNS

Software

/

Resource Hash

f55b5bc355eff44090941c94ba8f2b9e8a546de3bdf01e1cacf16840058c9b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length: 295
content-type: text/html; charset=UTF-8
date: Fri, 13 Sep 2024 10:07:58 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=604800

Redirect headers

Connection: keep-alive
Date: Fri, 13 Sep 2024 10:07:57 GMT
Location: https://postmaster.edu-5401230.org/re57f4d2c
Transfer-Encoding: chunked
X-Request-ID: c359ebdc9e446c2857b316f17c91fd4a

GET
H2 200 /
www.kettrukat.de/ Frame F816 0
0 484ms
229ms Document
text/html 217.160.0.244
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kettrukat.de/

Requested by

Host: postmaster.edu-5401230.org
URL: https://postmaster.edu-5401230.org/re57f4d2c

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.160.0.244 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

217-160-0-244.elastic-ssl.ui-r.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 44205
content-type: text/html;charset=utf-8
d-cache: from-cache
d-geo: EU
date: Fri, 13 Sep 2024 10:07:59 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
vary: user-agent,accept-encoding
x-content-type-options: nosniff

GET
H2 403 index.php Show response
postmaster.edu-5401230.org/ 19 B
123 B 185ms
184ms Fetch
text/html 102.50.200.23
IAM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://postmaster.edu-5401230.org/index.php?antdbg

Requested by

Host: postmaster.edu-5401230.org
URL: https://postmaster.edu-5401230.org/re57f4d2c

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

102.50.200.23 Casablanca, Morocco, ASN6713 (IAM-AS, MA),

Reverse DNS

Software

/

Resource Hash

a8409c015310465a15dcd979eb47968313a5e4487c61a62c6e835d9f03ab042c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 10:07:58 GMT
strict-transport-security: max-age=604800
content-length: 19
content-type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://postmaster.edu-5401230.org/index.php?antdbg Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

654tgfd6845c.from-ca.com
postmaster.edu-5401230.org
www.kettrukat.de
102.50.200.23
132.226.44.1
217.160.0.244
a8409c015310465a15dcd979eb47968313a5e4487c61a62c6e835d9f03ab042c
f55b5bc355eff44090941c94ba8f2b9e8a546de3bdf01e1cacf16840058c9b19

postmaster.edu-5401230.org Open in urlscan Pro 102.50.200.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

1 kBTransfer

0 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

postmaster.edu-5401230.org Open in urlscan Pro
102.50.200.23 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions