keratomx.tk Open in urlscan Pro
162.240.48.131 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://keratomx.tk/osa/mail.math.cas.cz.html
Submission: On November 24 via automatic, source openphish (November 24th 2022, 1:10:28 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 162.240.48.131, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is keratomx.tk.

This is the only time keratomx.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	162.240.48.131 162.240.48.131	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
10	147.231.88.1 147.231.88.1	2852 (CESNET2) (CESNET2)
1	147.231.88.3 147.231.88.3	2852 (CESNET2) (CESNET2)
12	3

1 162.240.48.131 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 6209729.khalod.cf

keratomx.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 147.231.88.1 (Prague, Czech Republic)

ASN2852 (CESNET2, CZ)
PTR: matsrv.math.cas.cz

mail.math.cas.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.231.88.3 (Prague, Czech Republic)

ASN2852 (CESNET2, CZ)
PTR: web.math.cas.cz

www.math.cas.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cas.cz mail.math.cas.cz www.math.cas.cz	963 KB
1	keratomx.tk keratomx.tk	6 KB
12	2

	Domain	Requested by
10	mail.math.cas.cz	keratomx.tk
1	www.math.cas.cz	keratomx.tk
1	keratomx.tk
12	3

This site contains no links.

Subject Issuer	Validity	Valid
math.cas.cz GEANT OV RSA CA 4	`2022-01-10` - `2023-01-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://keratomx.tk/osa/mail.math.cas.cz.html
Frame ID: EDE87E728C37E66896B9CD074B096D3D
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail :: Welcome to Webmail

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

968 kB
Transfer

965 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request mail.math.cas.cz.html Show response keratomx.tk/osa/	5 KB 6 KB	987ms 168ms	Document text/html	162.240.48.131 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Server 162.240.48.131 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 6209729.khalod.cf Software Apache / Resource Hash `10b7b01d76c336cf6bd54dfb2fe9085ccb56532fa3688891da87827ba69195aa` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Length 5487 Content-Type text/html Date Thu, 24 Nov 2022 01:10:22 GMT Keep-Alive timeout=5, max=100 Last-Modified Wed, 23 Nov 2022 12:52:22 GMT Server Apache Upgrade h2,h2c
GET H/1.1	200 OK	bootstrap.min.css mail.math.cas.cz/skins/elastic/deps/	152 KB 152 KB	465ms 49ms	Stylesheet text/css	147.231.88.1 CESNET2
General Check archive.org Show headers Download Go to Full URL https://mail.math.cas.cz/skins/elastic/deps/bootstrap.min.css?s=1550069270 Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.231.88.1 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS matsrv.math.cas.cz Software nginx/1.18.0 / Resource Hash `60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:23 GMT Last-Modified Wed, 13 Feb 2019 14:47:50 GMT Server nginx/1.18.0 ETag "5c642e16-2606e" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 155758
GET H/1.1	200 OK	styles.css mail.math.cas.cz/skins/elastic/styles/	100 KB 100 KB	465ms 50ms	Stylesheet text/css	147.231.88.1 CESNET2
General Check archive.org Show headers Download Go to Full URL https://mail.math.cas.cz/skins/elastic/styles/styles.css?s=1573330405 Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.231.88.1 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS matsrv.math.cas.cz Software nginx/1.18.0 / Resource Hash `59824588ca0e727ef57e3d30b044578b246a7b821e849432e496648066d7bf5c` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:24 GMT Last-Modified Sat, 09 Nov 2019 20:13:25 GMT Server nginx/1.18.0 ETag "5dc71de5-19072" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 102514
GET H/1.1	200 OK	jquery-ui.css mail.math.cas.cz/plugins/jqueryui/themes/elastic/	33 KB 34 KB	465ms 49ms	Stylesheet text/css	147.231.88.1 CESNET2
General Check archive.org Show headers Download Go to Full URL https://mail.math.cas.cz/plugins/jqueryui/themes/elastic/jquery-ui.css?s=1573330404 Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.231.88.1 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS matsrv.math.cas.cz Software nginx/1.18.0 / Resource Hash `06bd23ab85e71dcb4aabe629932bb6438fe0819cfd037fd5f53168af71db0c35` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:24 GMT Last-Modified Sat, 09 Nov 2019 20:13:24 GMT Server nginx/1.18.0 ETag "5dc71de4-858e" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 34190
GET H/1.1	200 OK	jquery.min.js Show response mail.math.cas.cz/program/js/	87 KB 88 KB	465ms 49ms	Script application/javascript	147.231.88.1 CESNET2
General Check archive.org Show headers Download Go to Full URL https://mail.math.cas.cz/program/js/jquery.min.js?s=1573330409 Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.231.88.1 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS matsrv.math.cas.cz Software nginx/1.18.0 / Resource Hash `542ac2738d21d5ea4a39cd05efc447c3b5ca553f212f1bff44215d3f5f007a6f` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:24 GMT Last-Modified Sat, 09 Nov 2019 20:13:29 GMT Server nginx/1.18.0 ETag "5dc71de9-15dfb" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 89595
GET H/1.1	200 OK	common.min.js Show response mail.math.cas.cz/program/js/	13 KB 13 KB	465ms 49ms	Script application/javascript	147.231.88.1 CESNET2
General Check archive.org Show headers Download Go to Full URL https://mail.math.cas.cz/program/js/common.min.js?s=1573330405 Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.231.88.1 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS matsrv.math.cas.cz Software nginx/1.18.0 / Resource Hash `91db66d1c9ffe624cccbc9feb0f79450f7cdb30c229e2c20b2f59d4de848267c` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:24 GMT Last-Modified Sat, 09 Nov 2019 20:13:25 GMT Server nginx/1.18.0 ETag "5dc71de5-337f" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 13183
GET H/1.1	200 OK	app.min.js Show response mail.math.cas.cz/program/js/	168 KB 168 KB	468ms 52ms	Script application/javascript	147.231.88.1 CESNET2
General Check archive.org Show headers Download Go to Full URL https://mail.math.cas.cz/program/js/app.min.js?s=1573330405 Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.231.88.1 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS matsrv.math.cas.cz Software nginx/1.18.0 / Resource Hash `21842f73aa33099e3e95c03456ef624f87ad9cdb5781d237739304f374eca1ba` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:24 GMT Last-Modified Sat, 09 Nov 2019 20:13:25 GMT Server nginx/1.18.0 ETag "5dc71de5-2a027" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 172071
GET H/1.1	200 OK	jstz.min.js Show response mail.math.cas.cz/program/js/	13 KB 14 KB	490ms 25ms	Script application/javascript	147.231.88.1 CESNET2
General Check archive.org Show headers Download Go to Full URL https://mail.math.cas.cz/program/js/jstz.min.js?s=1573330410 Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.231.88.1 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS matsrv.math.cas.cz Software nginx/1.18.0 / Resource Hash `c9893f911334bfa540b0ab825cc670dfc4dfbdc6030d67e3658b496f5c7d344a` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:24 GMT Last-Modified Sat, 09 Nov 2019 20:13:30 GMT Server nginx/1.18.0 ETag "5dc71dea-350a" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 13578
GET H/1.1	200 OK	jquery-ui.min.js Show response mail.math.cas.cz/plugins/jqueryui/js/	254 KB 254 KB	512ms 26ms	Script application/javascript	147.231.88.1 CESNET2
General Check archive.org Show headers Download Go to Full URL https://mail.math.cas.cz/plugins/jqueryui/js/jquery-ui.min.js?s=1573330404 Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.231.88.1 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS matsrv.math.cas.cz Software nginx/1.18.0 / Resource Hash `59a4c9a75c48cf979e66c5641230bda0e15dfff292666e56ffb52a5a96d78834` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:24 GMT Last-Modified Sat, 09 Nov 2019 20:13:24 GMT Server nginx/1.18.0 ETag "5dc71de4-3f6c0" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 259776
GET H/1.1	200 OK	im-logo-web_1.gif www.math.cas.cz/image/	4 KB 5 KB	243ms 27ms	Image image/gif	147.231.88.3 CESNET2
General Check archive.org Show headers Download Go to Show image Full URL https://www.math.cas.cz/image/im-logo-web_1.gif Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.231.88.3 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS web.math.cas.cz Software Apache / Resource Hash `b5ea7d2e8f0ee149a3053b47c0e588223adc3cafeadda3f7e5ba143eb543d6d2` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:24 GMT Last-Modified Sun, 23 Aug 2015 12:34:12 GMT Server Apache ETag "28432-1128-51df9b7e3f8f8" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=128 Content-Length 4392
GET H/1.1	200 OK	bootstrap.bundle.min.js Show response mail.math.cas.cz/skins/elastic/deps/	77 KB 77 KB	26ms 26ms	Script application/javascript	147.231.88.1 CESNET2
General Check archive.org Show headers Download Go to Full URL https://mail.math.cas.cz/skins/elastic/deps/bootstrap.bundle.min.js?s=1550069270 Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.231.88.1 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS matsrv.math.cas.cz Software nginx/1.18.0 / Resource Hash `7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:24 GMT Last-Modified Wed, 13 Feb 2019 14:47:50 GMT Server nginx/1.18.0 ETag "5c642e16-1332b" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 78635
GET H/1.1	200 OK	ui.min.js Show response mail.math.cas.cz/skins/elastic/	58 KB 58 KB	26ms 26ms	Script application/javascript	147.231.88.1 CESNET2
General Check archive.org Show headers Download Go to Full URL https://mail.math.cas.cz/skins/elastic/ui.min.js?s=1573330405 Requested by Host: keratomx.tk URL: http://keratomx.tk/osa/mail.math.cas.cz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.231.88.1 Prague, Czech Republic, ASN2852 (CESNET2, CZ), Reverse DNS matsrv.math.cas.cz Software nginx/1.18.0 / Resource Hash `bb70bc4b84160f7f4bdcb64914b34be9f326e7def0b01a66eaad5911dedd02f0` Request headers accept-language de-DE,de;q=0.9 Referer http://keratomx.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 01:10:24 GMT Last-Modified Sat, 09 Nov 2019 20:13:25 GMT Server nginx/1.18.0 ETag "5dc71de5-e7b3" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 59315

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

keratomx.tk
mail.math.cas.cz
www.math.cas.cz
147.231.88.1
147.231.88.3
162.240.48.131
06bd23ab85e71dcb4aabe629932bb6438fe0819cfd037fd5f53168af71db0c35
10b7b01d76c336cf6bd54dfb2fe9085ccb56532fa3688891da87827ba69195aa
21842f73aa33099e3e95c03456ef624f87ad9cdb5781d237739304f374eca1ba
542ac2738d21d5ea4a39cd05efc447c3b5ca553f212f1bff44215d3f5f007a6f
59824588ca0e727ef57e3d30b044578b246a7b821e849432e496648066d7bf5c
59a4c9a75c48cf979e66c5641230bda0e15dfff292666e56ffb52a5a96d78834
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
91db66d1c9ffe624cccbc9feb0f79450f7cdb30c229e2c20b2f59d4de848267c
b5ea7d2e8f0ee149a3053b47c0e588223adc3cafeadda3f7e5ba143eb543d6d2
bb70bc4b84160f7f4bdcb64914b34be9f326e7def0b01a66eaad5911dedd02f0
c9893f911334bfa540b0ab825cc670dfc4dfbdc6030d67e3658b496f5c7d344a

keratomx.tk Open in urlscan Pro 162.240.48.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

968 kBTransfer

965 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

0 Cookies

Indicators

keratomx.tk Open in urlscan Pro
162.240.48.131 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

968 kB
Transfer

965 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions