helb.ecitizen.go.ke Open in urlscan Pro
197.248.4.207 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://helb.ecitizen.go.ke/
Submission: On November 22 via automatic, source certstream-suspicious (November 22nd 2020, 2:49:51 pm UTC)

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 197.248.4.207, located in Kenya and belongs to Safaricom, KE. The main domain is helb.ecitizen.go.ke.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on November 23rd 2018. Valid for: 2 years.

This is the only time helb.ecitizen.go.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	197.248.4.207 197.248.4.207	37061 (Safaricom) (Safaricom)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
15	5

11 197.248.4.207 (Kenya)

ASN37061 (Safaricom, KE)
PTR: ecitizen.go.ke

helb.ecitizen.go.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ecitizen.go.ke helb.ecitizen.go.ke	2 MB
2	gstatic.com fonts.gstatic.com	22 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	googleapis.com fonts.googleapis.com	772 B
15	4

	Domain	Requested by
11	helb.ecitizen.go.ke	helb.ecitizen.go.ke
2	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	helb.ecitizen.go.ke
1	fonts.googleapis.com	helb.ecitizen.go.ke
15	4

This site contains no links.

Subject Issuer	Validity	Valid
*.ecitizen.go.ke COMODO RSA Domain Validation Secure Server CA	`2018-11-23` - `2020-11-22`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://helb.ecitizen.go.ke/
Frame ID: A2C00FFD3CC8D10699B6B8A45A37BC6D
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

15
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

1631 kB
Transfer

4285 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
helb.ecitizen.go.ke/ 5 KB
5 KB 813ms
223ms Document
text/html 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL

https://helb.ecitizen.go.ke/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),

Reverse DNS

ecitizen.go.ke

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

60c1c6780c82ff30e3d17d32f829fdb464f93aac112f89144535a27f343cef36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: helb.ecitizen.go.ke
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Sun, 22 Nov 2020 14:49:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4891
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: Fknb8fbfq34OOEsABCUB
x-xss-protection: 1; mode=block
set-cookie: _automzero_key=SFMyNTY.g3QAAAABbQAAAAtfY3NyZl90b2tlbm0AAAAYSTBXdER5NVJmUE1sV005c0xQQk04bmtW.dF9h2QF-GuGesyUSzxBM-cuSsQSjwUy2HzgEpiMdHTY; path=/; HttpOnly

GET
H/1.1 200
OK vendors~admin~app.css
helb.ecitizen.go.ke/css/ 35 KB
5 KB 225ms
219ms Stylesheet
text/css 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://helb.ecitizen.go.ke/css/vendors~admin~app.css
Requested by: Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: ecitizen.go.ke
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1a7a6ea2aaaeed3342c04e13aac8fc087cade2c9496b2fccc48a4bd5569255a4

Request headers

Referer: https://helb.ecitizen.go.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 14:49:34 GMT
content-encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
etag: "F4D3E"
vary: Accept-Encoding
Content-Type: text/css
cache-control: public
accept-ranges: bytes
Content-Length: 4977

GET
H/1.1 200
OK app.css
helb.ecitizen.go.ke/css/ 2 MB
739 KB 445ms
217ms Stylesheet
text/css 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://helb.ecitizen.go.ke/css/app.css
Requested by: Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: ecitizen.go.ke
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0ac12b33a6182cf220121bbd8e00845cd6eb7e41117fc71c11d99a8b97857044

Request headers

Referer: https://helb.ecitizen.go.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 14:49:34 GMT
content-encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
etag: "76FDAAE"
vary: Accept-Encoding
Content-Type: text/css
cache-control: public
accept-ranges: bytes
Content-Length: 756545

GET
H/1.1 200
OK docs.min-e6eb719c13b175105be0ff9e8bb78ad1.css
helb.ecitizen.go.ke/landing/css/ 22 KB
5 KB 597ms
215ms Stylesheet
text/css 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://helb.ecitizen.go.ke/landing/css/docs.min-e6eb719c13b175105be0ff9e8bb78ad1.css?vsn=d
Requested by: Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: ecitizen.go.ke
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 32b06cc71865869062777fb77b7d6681bafa2995ba94dd9b721c1a2029c009dc

Request headers

Referer: https://helb.ecitizen.go.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 14:49:35 GMT
content-encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
Content-Type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
Content-Length: 5351

GET
H/1.1 200
OK custom-da641e69786314809acffbb064b5fbf6.css
helb.ecitizen.go.ke/landing/css/ 38 KB
8 KB 606ms
217ms Stylesheet
text/css 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://helb.ecitizen.go.ke/landing/css/custom-da641e69786314809acffbb064b5fbf6.css?vsn=d
Requested by: Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: ecitizen.go.ke
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 69cf7dac9cd06ca2cecfc37b6f52b8fb50609c3de41d82ce09dc05818f58ae9b

Request headers

Referer: https://helb.ecitizen.go.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 14:49:35 GMT
content-encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
Content-Type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
Content-Length: 8187

GET
H2 200 css
fonts.googleapis.com/ 6 KB
772 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700

Requested by

Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d94ed7d8a6c7ebc74ee7f0c9484e3ea0d2574a2c45eaa151e2e2bc67b9c9b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://helb.ecitizen.go.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Nov 2020 14:05:58 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sun, 22 Nov 2020 14:49:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 22 Nov 2020 14:49:34 GMT

GET
H/1.1 200
OK local-download
helb.ecitizen.go.ke/files/ 6 KB
7 KB 215ms
215ms Image
text/plain 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://helb.ecitizen.go.ke/files/local-download?name=ecitizen-logo-dark.png&path=f35e95d508f03b801ec017b75f92b83cb056b502.png

Requested by

Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),

Reverse DNS

ecitizen.go.ke

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

baf6d441598a5cb4a470bcb9d81aeec607352e682d841a816bb0f06aac7770d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://helb.ecitizen.go.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 14:49:36 GMT
x-content-type-options: nosniff
Server: nginx/1.10.3 (Ubuntu)
cross-origin-window-policy: deny
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
cache-control: max-age=0, private, must-revalidate
content-disposition: attachment; filename="ecitizen-logo-dark.png"
Content-Length: 6601
x-xss-protection: 1; mode=block
x-request-id: Fknb8lkuPo3QK20ABCUh

GET
H/1.1 200
OK local-download
helb.ecitizen.go.ke/files/ 33 KB
33 KB 227ms
226ms Image
text/plain 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://helb.ecitizen.go.ke/files/local-download?name=helb.png&path=cc47a96be4cf0b5ebd13b5c6801caf2a2beac19f.png

Requested by

Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),

Reverse DNS

ecitizen.go.ke

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

f44e2d100b26a3859d61166e9cac574c2d329418caa7c9a4e03b75d47de47dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://helb.ecitizen.go.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 14:49:36 GMT
x-content-type-options: nosniff
Server: nginx/1.10.3 (Ubuntu)
cross-origin-window-policy: deny
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
cache-control: max-age=0, private, must-revalidate
content-disposition: attachment; filename="helb.png"
Content-Length: 33540
x-xss-protection: 1; mode=block
x-request-id: Fknb8lmjWE3RvjAABCVB

GET
H/1.1 200
OK vendors~admin~app-bd73ded6c6b1713c66fad1c0621a9781.js Show response
helb.ecitizen.go.ke/js/ 2 MB
492 KB 216ms
215ms Script
application/javascript 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://helb.ecitizen.go.ke/js/vendors~admin~app-bd73ded6c6b1713c66fad1c0621a9781.js?vsn=d
Requested by: Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: ecitizen.go.ke
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 78022a766d6d55235048520b7b004ff8debe93d3c06e452340cdc34f6d6426ae

Request headers

Referer: https://helb.ecitizen.go.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 14:49:35 GMT
content-encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
Content-Type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
Content-Length: 503942

GET
H/1.1 200
OK app-2986fe2add1efee2bb615596c1219967.js Show response
helb.ecitizen.go.ke/js/ 109 KB
32 KB 231ms
228ms Script
application/javascript 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://helb.ecitizen.go.ke/js/app-2986fe2add1efee2bb615596c1219967.js?vsn=d
Requested by: Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: ecitizen.go.ke
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d68f51f06c77321db8670ca4d31ba058f39c677041611feea716c92fd91a136e

Request headers

Referer: https://helb.ecitizen.go.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 14:49:36 GMT
content-encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
Content-Type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
Content-Length: 32287

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80ea0fcc3816a73ced5b85f53b283e629f81aa0fe1858ee9d64f90e12e25781a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://helb.ecitizen.go.ke/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 14:49:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38590
x-xss-protection: 0
last-modified: Sun, 22 Nov 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 Nov 2020 14:49:35 GMT

GET
H/1.1 200
OK pattern-28ff0ce33a902a98396b777447592305.png
helb.ecitizen.go.ke/landing/img/ 133 KB
133 KB 398ms
219ms Image
image/png 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helb.ecitizen.go.ke/landing/img/pattern-28ff0ce33a902a98396b777447592305.png?vsn=d
Requested by: Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/landing/css/custom-da641e69786314809acffbb064b5fbf6.css?vsn=d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: ecitizen.go.ke
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e513ff201ead0ed2eb7be482f8dd72c2f070be5b1046e4f0480c207347d5e41f

Request headers

Referer: https://helb.ecitizen.go.ke/landing/css/custom-da641e69786314809acffbb064b5fbf6.css?vsn=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 14:49:36 GMT
cache-control: public, max-age=31536000
Server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
Content-Length: 136238
vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK pattern_plain-d1a07c945acd1013e5c58db3fa8448dc.png
helb.ecitizen.go.ke/landing/img/ 110 KB
110 KB 418ms
210ms Image
image/png 197.248.4.207
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helb.ecitizen.go.ke/landing/img/pattern_plain-d1a07c945acd1013e5c58db3fa8448dc.png?vsn=d
Requested by: Host: helb.ecitizen.go.ke
URL: https://helb.ecitizen.go.ke/landing/css/custom-da641e69786314809acffbb064b5fbf6.css?vsn=d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 197.248.4.207 , Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: ecitizen.go.ke
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b7ae66f1cb05ec27400602ea616fd6470dd8cf0cbd8058170c2665ebff196b55

Request headers

Referer: https://helb.ecitizen.go.ke/landing/css/custom-da641e69786314809acffbb064b5fbf6.css?vsn=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 14:49:36 GMT
cache-control: public, max-age=31536000
Server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
Content-Length: 112566
vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://helb.ecitizen.go.ke
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:20:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 444539
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Wed, 17 Nov 2021 11:20:36 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://helb.ecitizen.go.ke
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 17:20:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 163752
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 20 Nov 2021 17:20:23 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			helb.ecitizen.go.ke/	1969-12-31 23:59:59	Name: client_timezone Value: Europe/Berlin
			helb.ecitizen.go.ke/	1969-12-31 23:59:59	Name: _automzero_key Value: SFMyNTY.g3QAAAABbQAAAAtfY3NyZl90b2tlbm0AAAAYSTBXdER5NVJmUE1sV005c0xQQk04bmtW.dF9h2QF-GuGesyUSzxBM-cuSsQSjwUy2HzgEpiMdHTY

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
helb.ecitizen.go.ke
www.googletagmanager.com
197.248.4.207
2a00:1450:4001:806::2008
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:819::2003
0ac12b33a6182cf220121bbd8e00845cd6eb7e41117fc71c11d99a8b97857044
1a7a6ea2aaaeed3342c04e13aac8fc087cade2c9496b2fccc48a4bd5569255a4
32b06cc71865869062777fb77b7d6681bafa2995ba94dd9b721c1a2029c009dc
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60c1c6780c82ff30e3d17d32f829fdb464f93aac112f89144535a27f343cef36
69cf7dac9cd06ca2cecfc37b6f52b8fb50609c3de41d82ce09dc05818f58ae9b
78022a766d6d55235048520b7b004ff8debe93d3c06e452340cdc34f6d6426ae
80ea0fcc3816a73ced5b85f53b283e629f81aa0fe1858ee9d64f90e12e25781a
8d94ed7d8a6c7ebc74ee7f0c9484e3ea0d2574a2c45eaa151e2e2bc67b9c9b25
b7ae66f1cb05ec27400602ea616fd6470dd8cf0cbd8058170c2665ebff196b55
baf6d441598a5cb4a470bcb9d81aeec607352e682d841a816bb0f06aac7770d7
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d68f51f06c77321db8670ca4d31ba058f39c677041611feea716c92fd91a136e
e513ff201ead0ed2eb7be482f8dd72c2f070be5b1046e4f0480c207347d5e41f
f44e2d100b26a3859d61166e9cac574c2d329418caa7c9a4e03b75d47de47dd6

helb.ecitizen.go.ke Open in urlscan Pro 197.248.4.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

80 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

1631 kBTransfer

4285 kBSize

2 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

helb.ecitizen.go.ke Open in urlscan Pro
197.248.4.207 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

1631 kB
Transfer

4285 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions