URL: https://kakiratc.go.ug/wz/
Submission: On May 25 via api from JP — Scanned from JP

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 154.72.194.117, located in Kampala, Uganda and belongs to NITA, UG. The main domain is kakiratc.go.ug.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 11th 2022. Valid for: 3 months.
This is the only time kakiratc.go.ug was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Web.de (Online)

Domain & IP information

IP Address AS Autonomous System
10 154.72.194.117 327724 (NITA)
2 23.44.52.201 20940 (AKAMAI-ASN1)
12 2
Apex Domain
Subdomains
Transfer
10 kakiratc.go.ug
kakiratc.go.ug
464 KB
2 ui-portal.de
img.ui-portal.de — Cisco Umbrella Rank: 23152
36 KB
12 2
Domain Requested by
10 kakiratc.go.ug kakiratc.go.ug
2 img.ui-portal.de kakiratc.go.ug
12 2

This site contains no links.

Subject Issuer Validity Valid
kakiratc.go.ug
cPanel, Inc. Certification Authority
2022-03-11 -
2022-06-09
3 months crt.sh
img.ui-portal.de
GeoTrust RSA CA 2018
2021-08-06 -
2022-08-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://kakiratc.go.ug/wz/
Frame ID: 347AC899779C4CCFB73FEABCF13D1D8E
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

WEBDE Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

499 kB
Transfer

495 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
kakiratc.go.ug/wz/
6 KB
6 KB
Document
General
Full URL
https://kakiratc.go.ug/wz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
9e4c7346d6ef51ef542d69a59011adf2cc8028834d4b8db96b2281259f00aa45

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 25 May 2022 22:02:00 GMT
server
Apache
jquery-3.4.1-ver-220AFD743D9E9643852E31A135A9F3AE.js.download
kakiratc.go.ug/wz/
86 KB
87 KB
Script
General
Full URL
https://kakiratc.go.ug/wz/jquery-3.4.1-ver-220AFD743D9E9643852E31A135A9F3AE.js.download
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kakiratc.go.ug/wz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:01 GMT
last-modified
Wed, 27 Jan 2021 01:45:18 GMT
server
Apache
accept-ranges
bytes
content-length
88145
content-type
application/javascript
tcf-api.js.download
kakiratc.go.ug/wz/
125 KB
126 KB
Script
General
Full URL
https://kakiratc.go.ug/wz/tcf-api.js.download
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
34d1da1633bbe6a2ab6f9cb4e2a58d6a8329997fc14fa6fe69f025a764ed1ad3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kakiratc.go.ug/wz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:01 GMT
last-modified
Wed, 27 Jan 2021 01:45:20 GMT
server
Apache
accept-ranges
bytes
content-length
128225
content-type
application/javascript
tracklib.poly.min.js.download
kakiratc.go.ug/wz/
51 KB
52 KB
Script
General
Full URL
https://kakiratc.go.ug/wz/tracklib.poly.min.js.download
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
02f13374c089384098c4c0359e09967e2a136d78f4abf61fc32b81a659f0c43f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kakiratc.go.ug/wz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:01 GMT
last-modified
Wed, 27 Jan 2021 01:45:20 GMT
server
Apache
accept-ranges
bytes
content-length
52601
content-type
application/javascript
90496.js.download
kakiratc.go.ug/wz/
28 KB
28 KB
Script
General
Full URL
https://kakiratc.go.ug/wz/90496.js.download
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
42bc50e6d6a0a054f02487d5e284f5de3a8299cf8e3b182e9dca83072244bb58

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kakiratc.go.ug/wz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:01 GMT
last-modified
Wed, 27 Jan 2021 01:45:20 GMT
server
Apache
accept-ranges
bytes
content-length
28324
content-type
application/javascript
wicket-ajax-jquery-ver-3A8C326A8436172FC95523D517EBC88B.js.download
kakiratc.go.ug/wz/
43 KB
43 KB
Script
General
Full URL
https://kakiratc.go.ug/wz/wicket-ajax-jquery-ver-3A8C326A8436172FC95523D517EBC88B.js.download
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
814d708ae7117c643892517043641d0802ae58402b8eacab4b52084321fc9ec4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kakiratc.go.ug/wz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:01 GMT
last-modified
Wed, 27 Jan 2021 01:45:20 GMT
server
Apache
accept-ranges
bytes
content-length
43967
content-type
application/javascript
4006.js.download
kakiratc.go.ug/wz/
28 KB
28 KB
Script
General
Full URL
https://kakiratc.go.ug/wz/4006.js.download
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
c289bc1dad2d9f0ea8203e78cb8340c44ce7f00127a2892d745cb159467ecbb4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kakiratc.go.ug/wz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:01 GMT
last-modified
Wed, 27 Jan 2021 01:45:20 GMT
server
Apache
accept-ranges
bytes
content-length
28481
content-type
application/javascript
uni_main-ver-2F06E2EA6A77BCF71A9F481935549BAC.js.download
kakiratc.go.ug/wz/
45 KB
45 KB
Script
General
Full URL
https://kakiratc.go.ug/wz/uni_main-ver-2F06E2EA6A77BCF71A9F481935549BAC.js.download
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
2e57cd038c5ffaff2b2f8be82fefe7f057a8568304c9eb772731efd343f3b049

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kakiratc.go.ug/wz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:01 GMT
last-modified
Wed, 27 Jan 2021 01:45:20 GMT
server
Apache
accept-ranges
bytes
content-length
45753
content-type
application/javascript
uni-ver-F48D7E3FA01D857E0F31A9DDBEEB4BF4.css
kakiratc.go.ug/wz/
47 KB
47 KB
Stylesheet
General
Full URL
https://kakiratc.go.ug/wz/uni-ver-F48D7E3FA01D857E0F31A9DDBEEB4BF4.css
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
be2cabde6c68a36dfff252bb391dee1648210318908119d3933353d5b06abfb9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kakiratc.go.ug/wz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:01 GMT
last-modified
Wed, 27 Jan 2021 01:45:20 GMT
server
Apache
accept-ranges
bytes
content-length
47850
content-type
text/css
weblogo.png
kakiratc.go.ug/wz/
1 KB
2 KB
Image
General
Full URL
https://kakiratc.go.ug/wz/weblogo.png
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.72.194.117 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh5.nita.go.ug
Software
Apache /
Resource Hash
54477e08b67d141ecf9efb74d9a9a2fd9be9946aa09a01146c7150f666edfefa

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kakiratc.go.ug/wz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:04 GMT
last-modified
Wed, 27 Jan 2021 08:55:06 GMT
server
Apache
accept-ranges
bytes
content-length
1467
content-type
image/png
web.de-sans-light.woff
img.ui-portal.de/ci/webde/global/fonts/web.de-sans/
18 KB
18 KB
Font
General
Full URL
https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-light.woff
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/uni-ver-F48D7E3FA01D857E0F31A9DDBEEB4BF4.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7676e0d97793004054c4ec3e7cbd2d98c52fabc90479b7e3d5cfbb62f4e7a5af

Request headers

Referer
https://kakiratc.go.ug/
Origin
https://kakiratc.go.ug
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:34 GMT
last-modified
Tue, 30 Jun 2015 08:59:54 GMT
server
Apache
etag
"46a0-519b86e043680-gzip"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=1816346
accept-ranges
bytes
x-robots-tag
noindex
content-length
18080
web.de-sans-medium.woff
img.ui-portal.de/ci/webde/global/fonts/web.de-sans/
18 KB
18 KB
Font
General
Full URL
https://img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-medium.woff
Requested by
Host: kakiratc.go.ug
URL: https://kakiratc.go.ug/wz/uni-ver-F48D7E3FA01D857E0F31A9DDBEEB4BF4.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
01e773facc13e915276219573795dcf3f2a0fe00fca0841af95b21769872ff48

Request headers

Referer
https://kakiratc.go.ug/
Origin
https://kakiratc.go.ug
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 22:02:34 GMT
last-modified
Tue, 30 Jun 2015 08:59:54 GMT
server
Apache
etag
"4684-519b86e043680"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=1225499
accept-ranges
bytes
x-robots-tag
noindex
content-length
18052

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Web.de (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery object| TcfApi function| __tcfapi object| core function| TrackLib object| NSfTIF string| szmvars object| iom string| gtmId object| Wicket function| initializeComponents function| parcelRequire

0 Cookies