sahqute.co.ke
Open in
urlscan Pro
192.185.144.202
Public Scan
URL:
https://sahqute.co.ke/b-tu.de/portal/
Submission Tags: @phish_report
Submission: On August 04 via api from FI — Scanned from FI
Submission Tags: @phish_report
Submission: On August 04 via api from FI — Scanned from FI
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 17 HTTP transactions.
The main IP is 192.185.144.202, located in
United States and
belongs to NETWORK-SOLUTIONS-HOSTING, US.
The main domain is sahqute.co.ke.
TLS certificate: Issued by R3 on June 23rd 2023. Valid for: 3 months.
This is the only time sahqute.co.ke was scanned on urlscan.io!
TLS certificate: Issued by R3 on June 23rd 2023. Valid for: 3 months.
This is the only time sahqute.co.ke was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 2 | 192.185.144.202 192.185.144.202 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
| 13 | 141.43.208.20 141.43.208.20 | 680 (DFN Verei...) (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V.) | |
| 17 | 3 |
2
192.185.144.202
(United States)
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-144-202.unifiedlayer.com
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-144-202.unifiedlayer.com
| sahqute.co.ke |
13
141.43.208.20
(Berlin, Germany)
ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE)
PTR: www-gate.b-tu.de
ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE)
PTR: www-gate.b-tu.de
| www.b-tu.de |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
b-tu.de
www.b-tu.de |
1 MB |
| 2 |
sahqute.co.ke
1 redirects
sahqute.co.ke |
8 KB |
| 17 | 2 |
| Domain | Requested by | |
|---|---|---|
| 13 | www.b-tu.de |
sahqute.co.ke
www.b-tu.de |
| 2 | sahqute.co.ke | 1 redirects |
| 17 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.b-tu.de |
| github.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.sahqute.co.ke R3 |
2023-06-23 - 2023-09-21 |
3 months | crt.sh |
| www.b-tu.de Sectigo ECC Organization Validation Secure Server CA |
2022-10-25 - 2023-10-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sahqute.co.ke/b-tu.de/portal/
Frame ID: 425B3625BE083B4C0BF3402EC6B43321
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
CAS - Central Authentication Service LoginPage URL History Show full URLs
-
https://sahqute.co.ke/b-tu.de/portal
HTTP 301
https://sahqute.co.ke/b-tu.de/portal/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Material Design Lite
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:/([\d.]+))?/material(?:\.min)?\.js
DataTables
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- dataTables.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://www.b-tu.de/it-services/btu-account/passwort-vergessen
Title: Forgot your password?
Title: Forgot your password?
Search URL Search Domain Scan URL
URL: https://github.com/apereo/cas
Title: Apereo CAS
Title: Apereo CAS
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://sahqute.co.ke/b-tu.de/portal
HTTP 301
https://sahqute.co.ke/b-tu.de/portal/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
sahqute.co.ke/b-tu.de/portal/ Redirect Chain
|
17 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
normalize.css
www.b-tu.de/cas/webjars/normalize.css/8.0.1/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-grid.min.css
www.b-tu.de/cas/webjars/bootstrap/5.2.0/css/ |
52 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
material-components-web.min.css
www.b-tu.de/cas/webjars/material-components-web/14.0.0/dist/ |
484 KB 487 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
materialdesignicons.min.css
www.b-tu.de/cas/webjars/mdi__font/6.5.95/css/ |
298 KB 300 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.dataTables.min.css
www.b-tu.de/cas/webjars/datatables/1.12.1/css/ |
18 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cas.b-tu.css
www.b-tu.de/cas/css/ |
12 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www.b-tu.de/cas/webjars/jquery/3.6.1/ |
88 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
es5-shim.min.js
www.b-tu.de/cas/webjars/es5-shim/4.5.9/ |
25 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css-vars-ponyfill.min.js
www.b-tu.de/cas/webjars/css-vars-ponyfill/2.4.7/dist/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
material-components-web.min.js
www.b-tu.de/cas/webjars/material-components-web/14.0.0/dist/ |
469 KB 470 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cas.js
www.b-tu.de/cas/js/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
material.js
www.b-tu.de/cas/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
btu-logo-new.png
www.b-tu.de/cas/images/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
materialdesignicons-webfont.woff2
www.b-tu.de/cas/webjars/mdi__font/6.5.95/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
materialdesignicons-webfont.woff
www.b-tu.de/cas/webjars/mdi__font/6.5.95/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
materialdesignicons-webfont.ttf
www.b-tu.de/cas/webjars/mdi__font/6.5.95/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.b-tu.de
- URL
- https://www.b-tu.de/cas/webjars/mdi__font/6.5.95/fonts/materialdesignicons-webfont.woff2?v=6.5.95
- Domain
- www.b-tu.de
- URL
- https://www.b-tu.de/cas/webjars/mdi__font/6.5.95/fonts/materialdesignicons-webfont.woff?v=6.5.95
- Domain
- www.b-tu.de
- URL
- https://www.b-tu.de/cas/webjars/mdi__font/6.5.95/fonts/materialdesignicons-webfont.ttf?v=6.5.95
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery undefined| returnExports function| cssVars object| mdc function| randomWord function| copyClipboard function| isValidURL function| requestGeoPosition function| logGeoLocationError function| showGeoPosition function| preserveAnchorTagOnForm function| preventFormResubmission function| writeToSessionStorage function| readFromSessionStorage function| resourceLoadedSuccessfully string| username boolean| disabled string| j0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sahqute.co.ke
www.b-tu.de
www.b-tu.de
141.43.208.20
192.185.144.202
15346a650679f61bd202571970bfba43d1fc91467e7f4f549ce0d82796511e93
38d62f20743669a8f5d53178bf5b380505bf85f9757367705d7b534bf24768ce
50271f9d1fb53bfd2074827218441de193a0f5bdb94f6a20b3e76d1fa91b41b7
5106252ad0cb10ed9d8c4d256ed9186c0c2c49d5adeeb882b2577a9e4e06eb5f
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
60f82e183aa0e791c1f3eb5bac905b5ae885f49f9708aeec8ec71a8b014c4f12
722174d76a2b0e379eb2e3f033681e609d16a16c0e0bb57d8d9ddc7c603de06c
73a6387a4fb1ccde4b2d014c7c1764fcc3b0317db3345f8b5cf70bf944ca4e15
a0ce90bd1740672470318728e23f790940230ed884a294840004ed1efd1534a1
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
d40bed4be0d472f02d991e3344ca3b13b94bc9dd2e73dc353afabefbc43f7af3
f031ccb7e4d8b3591570ef91fa86584eb1d8218c0750e0a1890b2a29bd814f78
f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a
f359446bcd8ff891ab0cdff905858b58519a9e6d418ea3d7b8e4bbc53deb85f5