b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug Open in urlscan Pro
206.189.25.226 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://re7.vy.rubuguritc.go.ug./?FFF#.ZXVuaWNlLmJyYW5jb0BiYW5jb2Jlc3QucHQ
Effective URL:
https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-a6ac-4393-b96f-2b746...
Submission Tags: falconsandbox
Submission: On November 04 via api (November 4th 2022, 5:38:51 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 206.189.25.226, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug.
TLS certificate: Issued by R3 on November 3rd 2022. Valid for: 3 months.

This is the only time b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	154.72.194.114 154.72.194.114	327724 () ()
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1 8	206.189.25.226 206.189.25.226	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	3

2 154.72.194.114 (Kampala, Uganda)

ASN327724 ()
PTR: wh3.nita.go.ug

re7.vy.rubuguritc.go.ug.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 206.189.25.226 (London, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

microsoft-account.buyaga.go.ug	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	buyaga.go.ug 1 redirects microsoft-account.buyaga.go.ug b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug	127 KB
2	go.ug. re7.vy.rubuguritc.go.ug.	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 959	30 KB
10	3

	Domain	Requested by
4	b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug	microsoft-account.buyaga.go.ug b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug
4	microsoft-account.buyaga.go.ug	1 redirects re7.vy.rubuguritc.go.ug. microsoft-account.buyaga.go.ug
2	re7.vy.rubuguritc.go.ug.	code.jquery.com
1	code.jquery.com	re7.vy.rubuguritc.go.ug.
10	4

This site contains no links.

Subject Issuer	Validity	Valid
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
buyaga.go.ug R3	`2022-11-03` - `2023-02-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-a6ac-4393-b96f-2b74661bce10&username=eunice.branco%40bancobest.pt&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQSzUQV1yyb7LwzX7skTfqcwCpGZcJG6F9gZHzByDiJSSq1NC8zOVUvqSgxLznfIQlEJqUWl-gVlNxiEvQvSvdMCS92S01JLUosyczPe8SMR8MFFoFXLDwGzFYcHFwCDBIMCgw_WBgXsQLduD63785zEXP_zbqX0qrWazKcYtXPNc1MDU9KNa9KDXExyyyrMvdJqfLPt0x2Dq4MqnL3T_YpcK9M0nbM88n2tDWyMpzAJjSBjekUG8MHNsYOdoZZ7AwHOBkP8DL84Ot7Nuv9tovr33oAAA2
Frame ID: 048BD130B00984993E8CC29E72E0DA3A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

http://re7.vy.rubuguritc.go.ug./?FFF Page URL
https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt Page URL
https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt Page URL
https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt&sso_reload=true HTTP 302
https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

80 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

158 kB
Transfer

567 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://re7.vy.rubuguritc.go.ug./?FFF Page URL
https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt Page URL
https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt Page URL
https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt&sso_reload=true HTTP 302
https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-a6ac-4393-b96f-2b74661bce10&username=eunice.branco%40bancobest.pt&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQSzUQV1yyb7LwzX7skTfqcwCpGZcJG6F9gZHzByDiJSSq1NC8zOVUvqSgxLznfIQlEJqUWl-gVlNxiEvQvSvdMCS92S01JLUosyczPe8SMR8MFFoFXLDwGzFYcHFwCDBIMCgw_WBgXsQLduD63785zEXP_zbqX0qrWazKcYtXPNc1MDU9KNa9KDXExyyyrMvdJqfLPt0x2Dq4MqnL3T_YpcK9M0nbM88n2tDWyMpzAJjSBjekUG8MHNsYOdoZZ7AwHOBkP8DL84Ot7Nuv9tovr33oAAA2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
re7.vy.rubuguritc.go.ug./ 733 B
776 B 668ms
187ms Document
text/html 154.72.194.114

General

Check archive.org

Show headers Download Go to

Full URL: http://re7.vy.rubuguritc.go.ug./?FFF
Protocol: HTTP/1.1
Server: 154.72.194.114 Kampala, Uganda, ASN327724 (),
Reverse DNS: wh3.nita.go.ug
Software: Apache /
Resource Hash: a90da7b7a2d71d2e7f96cef3244b9c04fa71d754d409b01bed670f43d1eacc23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, s-maxage=10
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 424
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Nov 2022 17:37:33 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding,User-Agent
X-Mod-Pagespeed: 1.13.35.2-0

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 3338ms
1489ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: re7.vy.rubuguritc.go.ug.
URL: http://re7.vy.rubuguritc.go.ug./?FFF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: http://re7.vy.rubuguritc.go.ug./
Origin: http://re7.vy.rubuguritc.go.ug.
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 17:38:44 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1667583524.dop201.fr8.t,1667583524.cds052.fr8.hn,1667583524.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

POST
H/1.1 200
OK redfff.php
re7.vy.rubuguritc.go.ug./ 75 B
397 B 179ms
179ms XHR
text/html 154.72.194.114

General

Check archive.org

Show headers Download Go to

Full URL: http://re7.vy.rubuguritc.go.ug./redfff.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: HTTP/1.1
Server: 154.72.194.114 Kampala, Uganda, ASN327724 (),
Reverse DNS: wh3.nita.go.ug
Software: Apache /
Resource Hash

Request headers

Accept: */*
Referer: http://re7.vy.rubuguritc.go.ug./?FFF
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 04 Nov 2022 17:37:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-Mod-Pagespeed: 1.13.35.2-0
Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 86

GET
H2 200 / Show response
microsoft-account.buyaga.go.ug/ 58 KB
22 KB 250ms
119ms Document
text/html 206.189.25.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt

Requested by

Host: re7.vy.rubuguritc.go.ug.
URL: http://re7.vy.rubuguritc.go.ug./?FFF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.25.226 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

54414ad84b7ce3f8f9013517c48dd7dd3514a37b851aacc95f914be7bd42fe52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://re7.vy.rubuguritc.go.ug./
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 04 Nov 2022 17:38:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 200 / Show response
microsoft-account.buyaga.go.ug/ 199 B
342 B 129ms
128ms Fetch
application/json 206.189.25.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt

Requested by

Host: microsoft-account.buyaga.go.ug
URL: https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.25.226 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

84a3d758d7210ae8c860ffde8a92c1c925305eb0d1878bccf92be971e787745c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Nov 2022 17:38:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
microsoft-account.buyaga.go.ug/ 329 KB
92 KB 874ms
872ms Document
text/html 206.189.25.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt

Requested by

Host: microsoft-account.buyaga.go.ug
URL: https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.25.226 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6383db39ec92611471a93cf4e6afbdc29771c2727f00ab1365b12da0a08118e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 04 Nov 2022 17:38:47 GMT
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://5bceccdd-9329-4336-931c-221d03b969da-d28ee672.buyaga.go.ug/api/report?catId=GW+estsfd+dub2"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-ms-ests-server: 2.1.14006.10 - NEULR1 ProdSlices
x-ms-request-id: 739fbb26-7343-42a6-ba48-851a33bc1300

GET
H2

200

Primary Request / Show response
b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/
Redirect Chain

https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt&sso_reload=true
https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-a6ac-4393-b96f-2b74661bce10&username=eunice.branco%40b...

16 KB
5 KB

1125ms
673ms

Document
text/html

206.189.25.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-a6ac-4393-b96f-2b74661bce10&username=eunice.branco%40bancobest.pt&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQSzUQV1yyb7LwzX7skTfqcwCpGZcJG6F9gZHzByDiJSSq1NC8zOVUvqSgxLznfIQlEJqUWl-gVlNxiEvQvSvdMCS92S01JLUosyczPe8SMR8MFFoFXLDwGzFYcHFwCDBIMCgw_WBgXsQLduD63785zEXP_zbqX0qrWazKcYtXPNc1MDU9KNa9KDXExyyyrMvdJqfLPt0x2Dq4MqnL3T_YpcK9M0nbM88n2tDWyMpzAJjSBjekUG8MHNsYOdoZZ7AwHOBkP8DL84Ot7Nuv9tovr33oAAA2

Requested by

Host: microsoft-account.buyaga.go.ug
URL: https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.25.226 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

703b1524012c19e492b996cb3be01ac7321d521070329299f0c5ff09db57f963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://microsoft-account.buyaga.go.ug/?username=eunice.branco@bancobest.pt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-cache,no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 04 Nov 2022 17:38:49 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

Redirect headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache
content-type: text/html; charset=utf-8
date: Fri, 04 Nov 2022 17:38:48 GMT
location: https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-a6ac-4393-b96f-2b74661bce10&username=eunice.branco%40bancobest.pt&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQSzUQV1yyb7LwzX7skTfqcwCpGZcJG6F9gZHzByDiJSSq1NC8zOVUvqSgxLznfIQlEJqUWl-gVlNxiEvQvSvdMCS92S01JLUosyczPe8SMR8MFFoFXLDwGzFYcHFwCDBIMCgw_WBgXsQLduD63785zEXP_zbqX0qrWazKcYtXPNc1MDU9KNa9KDXExyyyrMvdJqfLPt0x2Dq4MqnL3T_YpcK9M0nbM88n2tDWyMpzAJjSBjekUG8MHNsYOdoZZ7AwHOBkP8DL84Ot7Nuv9tovr33oAAA2#
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://5bceccdd-9329-4336-931c-221d03b969da-d28ee672.buyaga.go.ug/api/report?catId=GW+estsfd+dub2"}]}
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-ms-ests-server: 2.1.14006.10 - NEULR1 ProdSlices
x-ms-request-id: dc8e6daf-14e7-4f37-b32d-d2667aaf2900

GET
H2 200 style.css
b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/portal/css/ 8 KB
3 KB 515ms
513ms Stylesheet
text/css 206.189.25.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/portal/css/style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99

Requested by

Host: b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug
URL: https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-a6ac-4393-b96f-2b74661bce10&username=eunice.branco%40bancobest.pt&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQSzUQV1yyb7LwzX7skTfqcwCpGZcJG6F9gZHzByDiJSSq1NC8zOVUvqSgxLznfIQlEJqUWl-gVlNxiEvQvSvdMCS92S01JLUosyczPe8SMR8MFFoFXLDwGzFYcHFwCDBIMCgw_WBgXsQLduD63785zEXP_zbqX0qrWazKcYtXPNc1MDU9KNa9KDXExyyyrMvdJqfLPt0x2Dq4MqnL3T_YpcK9M0nbM88n2tDWyMpzAJjSBjekUG8MHNsYOdoZZ7AwHOBkP8DL84Ot7Nuv9tovr33oAAA2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.25.226 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-a6ac-4393-b96f-2b74661bce10&username=eunice.branco%40bancobest.pt&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQSzUQV1yyb7LwzX7skTfqcwCpGZcJG6F9gZHzByDiJSSq1NC8zOVUvqSgxLznfIQlEJqUWl-gVlNxiEvQvSvdMCS92S01JLUosyczPe8SMR8MFFoFXLDwGzFYcHFwCDBIMCgw_WBgXsQLduD63785zEXP_zbqX0qrWazKcYtXPNc1MDU9KNa9KDXExyyyrMvdJqfLPt0x2Dq4MqnL3T_YpcK9M0nbM88n2tDWyMpzAJjSBjekUG8MHNsYOdoZZ7AwHOBkP8DL84Ot7Nuv9tovr33oAAA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 17:38:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 logo.png
b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/portal/logo/ 4 KB
4 KB 469ms
468ms Image
image/png 206.189.25.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/portal/logo/logo.png?id=81524A482732897CDE704D17285FD195ED6002E4E2C5EF40A702A38ECE18B097

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.25.226 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

81524a482732897cde704d17285fd195ed6002e4e2c5ef40a702a38ece18b097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-a6ac-4393-b96f-2b74661bce10&username=eunice.branco%40bancobest.pt&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQSzUQV1yyb7LwzX7skTfqcwCpGZcJG6F9gZHzByDiJSSq1NC8zOVUvqSgxLznfIQlEJqUWl-gVlNxiEvQvSvdMCS92S01JLUosyczPe8SMR8MFFoFXLDwGzFYcHFwCDBIMCgw_WBgXsQLduD63785zEXP_zbqX0qrWazKcYtXPNc1MDU9KNa9KDXExyyyrMvdJqfLPt0x2Dq4MqnL3T_YpcK9M0nbM88n2tDWyMpzAJjSBjekUG8MHNsYOdoZZ7AwHOBkP8DL84Ot7Nuv9tovr33oAAA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 17:38:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: 81524A482732897CDE704D17285FD195ED6002E4E2C5EF40A702A38ECE18B097
access-control-allow-headers: *
content-type: image/png

GET
H2 200 illustration.png
b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/portal/illustration/ 64 KB
0 943ms
943ms Image
image/png 206.189.25.226
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/portal/illustration/illustration.png?id=B951BBF20D43598C550DF94E5E4B0BB09407EAD1179DC21C9EF53976BC4D137F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.189.25.226 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug/adfs/ls/?login_hint=eunice.branco%40bancobest.pt&client-request-id=21153661-a6ac-4393-b96f-2b74661bce10&username=eunice.branco%40bancobest.pt&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQSzUQV1yyb7LwzX7skTfqcwCpGZcJG6F9gZHzByDiJSSq1NC8zOVUvqSgxLznfIQlEJqUWl-gVlNxiEvQvSvdMCS92S01JLUosyczPe8SMR8MFFoFXLDwGzFYcHFwCDBIMCgw_WBgXsQLduD63785zEXP_zbqX0qrWazKcYtXPNc1MDU9KNa9KDXExyyyrMvdJqfLPt0x2Dq4MqnL3T_YpcK9M0nbM88n2tDWyMpzAJjSBjekUG8MHNsYOdoZZ7AwHOBkP8DL84Ot7Nuv9tovr33oAAA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 17:38:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: B951BBF20D43598C550DF94E5E4B0BB09407EAD1179DC21C9EF53976BC4D137F
access-control-allow-headers: *
content-type: image/png

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.buyaga.go.ug/	1970-01-20 07:34:39	Name: DmXzrY Value: ZDI4ZWU2NzItZmVkMC00NDI5LTk4YzMtMmQ1NzNmNGVkODAzOjkyMmU3NTAxLWRkOTAtNDQxZC05M2IxLTI0OGZiNWE4MDQwYQ==
.microsoft-account.buyaga.go.ug/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
microsoft-account.buyaga.go.ug/	1970-01-20 07:13:03	Name: SSOCOOKIEPULLED Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug
code.jquery.com
microsoft-account.buyaga.go.ug
re7.vy.rubuguritc.go.ug.
154.72.194.114
2001:4de0:ac18::1:a:2a
206.189.25.226
54414ad84b7ce3f8f9013517c48dd7dd3514a37b851aacc95f914be7bd42fe52
6383db39ec92611471a93cf4e6afbdc29771c2727f00ab1365b12da0a08118e4
703b1524012c19e492b996cb3be01ac7321d521070329299f0c5ff09db57f963
81524a482732897cde704d17285fd195ed6002e4e2c5ef40a702a38ece18b097
84a3d758d7210ae8c860ffde8a92c1c925305eb0d1878bccf92be971e787745c
a90da7b7a2d71d2e7f96cef3244b9c04fa71d754d409b01bed670f43d1eacc23
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug Open in urlscan Pro 206.189.25.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

80 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

158 kBTransfer

567 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

3 Cookies

Indicators

b8b2d9fe-db0c-4cd8-8afd-ae5783e11150-d28ee672.buyaga.go.ug Open in urlscan Pro
206.189.25.226 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

80 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

158 kB
Transfer

567 kB
Size

3
Cookies

10 HTTP transactions
0 data transactions