demo2.sso.pesaflow.com Open in urlscan Pro
197.248.11.107 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://demo2.sso.pesaflow.com/
Submission: On May 29 via automatic, source certstream-suspicious (May 29th 2023, 10:19:34 pm UTC) — Scanned from DE

Summary HTTP 42 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 42 HTTP transactions. The main IP is 197.248.11.107, located in Nairobi, Kenya and belongs to Safaricom, KE. The main domain is demo2.sso.pesaflow.com.
TLS certificate: Issued by R3 on May 29th 2023. Valid for: 3 months.

This is the only time demo2.sso.pesaflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	197.248.11.107 197.248.11.107	37061 (Safaricom) (Safaricom)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	197.248.8.192 197.248.8.192	37061 (Safaricom) (Safaricom)
42	9

12 197.248.11.107 (Nairobi, Kenya)

ASN37061 (Safaricom, KE)
PTR: 197-248-11-107.safaricombusiness.co.ke

demo2.sso.pesaflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 197.248.8.192 (Nairobi, Kenya)

ASN37061 (Safaricom, KE)
PTR: 197-248-8-192.safaricombusiness.co.ke

demoadmin.ecitizen.pesaflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	pesaflow.com demo2.sso.pesaflow.com demoadmin.ecitizen.pesaflow.com	2 MB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	18 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2230	258 B
1	gstatic.com fonts.gstatic.com	39 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	86 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	951 B
42	7

	Domain	Requested by
12	demo2.sso.pesaflow.com	demo2.sso.pesaflow.com
4	demoadmin.ecitizen.pesaflow.com
3	cdn.jsdelivr.net	demo2.sso.pesaflow.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	demo2.sso.pesaflow.com
1	cdnjs.cloudflare.com	demo2.sso.pesaflow.com
1	fonts.googleapis.com	demo2.sso.pesaflow.com
42	8

This site contains links to these domains. Also see Links.

Domain
dis.ecitizen.go.ke
serviceportal.ntsa.go.ke
kra.ecitizen.go.ke
dcrs.ecitizen.go.ke
dci.ecitizen.go.ke
bomayangu.go.ke
brs.ecitizen.go.ke
oag.ecitizen.go.ke
www.bomayangu.go.ke
helb.ecitizen.go.ke

Subject Issuer	Validity	Valid
demo2.sso.pesaflow.com R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
demoadmin.ecitizen.pesaflow.com R3	`2023-04-03` - `2023-07-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://demo2.sso.pesaflow.com/
Frame ID: CC19107968CB89B1253717E9E032E74D
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home · Government of Kenya services simplified

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

42
Requests

57 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2343 kB
Transfer

2740 kB
Size

3
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://dis.ecitizen.go.ke/services/1/apply/1
Title: Apply for a Passport

Search URL Search Domain Scan URL

URL: https://serviceportal.ntsa.go.ke/dashboard
Title: Apply for a Driving License

Search URL Search Domain Scan URL

URL: https://kra.ecitizen.go.ke/services/1/apply/2
Title: File Tax Returns

Search URL Search Domain Scan URL

URL: https://dcrs.ecitizen.go.ke/services/3/apply/3
Title: Apply for Birth Certificate

Search URL Search Domain Scan URL

URL: https://dci.ecitizen.go.ke/services/1/apply/1
Title: Apply for Certificate of Good Conduct

Search URL Search Domain Scan URL

URL: https://bomayangu.go.ke/onboarding
Title: Save for Affordable Housing

Search URL Search Domain Scan URL

URL: https://brs.ecitizen.go.ke/accounts/1436160/services
Title: Register a Business

Search URL Search Domain Scan URL

URL: https://oag.ecitizen.go.ke/services/1/apply/1
Title: Apply for Marriage Certificate

Search URL Search Domain Scan URL

URL: https://dis.ecitizen.go.ke/dashboard
Title: Directorate of Immigration Services Utilize DIS's online services for efficient ePassport, temporary permit, and eVisa applications.

Search URL Search Domain Scan URL

URL: https://dci.ecitizen.go.ke/dashboard
Title: Directorate of Criminal Investigations Access the Directorate of Criminal Investigations' online platform for police clearance certificate services and more.

Search URL Search Domain Scan URL

URL: http://brs.ecitizen.go.ke/
Title: Business Registration Services Leverage BRS's digital platform for simplified and efficient business registration procedures.

Search URL Search Domain Scan URL

URL: http://kra.ecitizen.go.ke/
Title: Kenya Revenue Authority Includes domestic taxes, customs duty, domestic excise and other KRA payments.

Search URL Search Domain Scan URL

URL: https://oag.ecitizen.go.ke/dashboard
Title: Registrar Of Marriages Utilize OAG's online services for efficient marriage registration and other legal services.

Search URL Search Domain Scan URL

URL: https://dcrs.ecitizen.go.ke/dashboard
Title: Civil Registration Of Persons Access CRS's online platform to conveniently apply and pay for birth and death registration services.

Search URL Search Domain Scan URL

URL: https://www.bomayangu.go.ke/
Title: Boma Yangu The Boma Yangu platform is the gateway into the Affordable Housing Program. Start your journey towards home ownership.

Search URL Search Domain Scan URL

URL: https://helb.ecitizen.go.ke/dashboard
Title: Higher Education Loans Board (HELB) Repay HELB loan, get compliance and clearance certificates after completion.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
demo2.sso.pesaflow.com/ 35 KB
35 KB 1665ms
733ms Document
text/html 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL

https://demo2.sso.pesaflow.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),

Reverse DNS

197-248-11-107.safaricombusiness.co.ke

Software

Cowboy /

Resource Hash

73a4544ae1dfdea5faae60912a5b4320c597449059a3a97ab999f323c581b037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-length: 35672
content-type: text/html; charset=utf-8
date: Mon, 29 May 2023 22:19:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: F2O9P2CnEL7oUlcAABFM

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
951 B 89ms
34ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lexend:wght@400;500;600;700;800&display=swap

Requested by

Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81225d7402f5346e056d8359a1bc85d08a4d533edc097d8e2dac36fc030e0c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 May 2023 22:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 May 2023 22:19:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 May 2023 22:19:26 GMT

GET
H2 200 intlTelInput.css
cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/css/ 25 KB
3 KB 82ms
23ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/css/intlTelInput.css

Requested by

Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

775f58acd9da697eb8c6b49a41d3191f7061d68f7a034dfcd821f154b813f76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 May 2023 22:19:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1172822
x-jsd-version: 18.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2981
x-served-by: cache-fra-eddf8230090-FRA
x-jsd-version-type: version
etag: W/"6513-svY8EtUzf1x/1fleSirB1HW83ZU"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 intlTelInput.min.js Show response
cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/ 30 KB
12 KB 82ms
22ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js

Requested by

Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

116f7fd41bf96c3881805a25dc8bf19d731807de97a90316544fcf311ba5123b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 May 2023 22:19:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2324289
x-jsd-version: 18.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11919
x-served-by: cache-fra-eddf8230090-FRA
x-jsd-version-type: version
etag: W/"779c-fZ33qlKVJMiIc9CvBX0NkuF9qOg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK app-8284bf76b5726bb9f22056d74ab0a3fd.css
demo2.sso.pesaflow.com/assets/ 104 KB
105 KB 434ms
370ms Stylesheet
text/css 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://demo2.sso.pesaflow.com/assets/app-8284bf76b5726bb9f22056d74ab0a3fd.css?vsn=d
Requested by: Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: fa165079f80984d2bb780d7aaa74cc20f08107ae344d474b7ebe02b6dfd93b5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:25 GMT
cache-control: public, max-age=31536000
server: Cowboy
accept-ranges: bytes
content-length: 106903
content-type: text/css

GET
H/1.1 200
OK app-7ffaba9f01dbeaca6aba6a5ca02c109a.js Show response
demo2.sso.pesaflow.com/assets/ 230 KB
230 KB 544ms
373ms Script
application/javascript 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to

Full URL: https://demo2.sso.pesaflow.com/assets/app-7ffaba9f01dbeaca6aba6a5ca02c109a.js?vsn=d
Requested by: Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: 22853729731d0aa1ea76508517191faec6039ccc7dfc8f188cfc571e84f6da92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:25 GMT
cache-control: public, max-age=31536000
server: Cowboy
accept-ranges: bytes
content-length: 235789
content-type: application/javascript

GET
H2 200 cropper.min.css
cdnjs.cloudflare.com/ajax/libs/cropper/2.3.4/ 4 KB
2 KB 87ms
30ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cropper/2.3.4/cropper.min.css

Requested by

Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b646e0302f2641be08313513719ce71a8b1105c073fba79b6e1ba9e23188635

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 10173474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1073
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmb7Z%2BG1MuJAqc3JMxaDwkP0%2BWFMe%2Byafg%2FgHre8tJGqe5aDHF9iTcKOzBkAdRsgFmZu9SM5AxZcdQo%2FXfP4GqfL%2BaNlzDF7w1pIPdOYrLMZ1YQA05d6WNAygxiJslsr43SnEmByml4WFPN1CR4qxcal"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cf21e6f8e8a37e0-FRA
expires: Sat, 18 May 2024 22:19:26 GMT

GET
H2 200 flatpickr.min.css
cdn.jsdelivr.net/npm/flatpickr/dist/ 16 KB
4 KB 80ms
21ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flatpickr/dist/flatpickr.min.css

Requested by

Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 May 2023 22:19:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6640
x-jsd-version: 4.6.13
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3308
x-served-by: cache-fra-eddf8230090-FRA
x-jsd-version-type: version
etag: W/"3f26-J8BN8VjBcy9mnostEH/TFP6t00A"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
86 KB 454ms
39ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VGDNZMLX1M

Requested by

Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d6d68a24877fac026109c3e826ca5295ca4a1b33118862baaba3e7830b4b59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 22:19:27 GMT

GET
H/1.1 200
OK logo.svg
demo2.sso.pesaflow.com/images/ 874 KB
874 KB 376ms
375ms Image
image/svg+xml 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo2.sso.pesaflow.com/images/logo.svg
Requested by: Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: fa4910f3eeb3061be3aaf5cfd464295adafc200ab161c971a290e92bf49b009c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:26 GMT
cache-control: public
server: Cowboy
accept-ranges: bytes
etag: "7A37454"
content-length: 894752
content-type: image/svg+xml

GET
H/1.1 200
OK ecitiizen.svg
demo2.sso.pesaflow.com/images/ 6 KB
6 KB 1597ms
1596ms Image
image/svg+xml 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo2.sso.pesaflow.com/images/ecitiizen.svg
Requested by: Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: 83a79810b6b2ca1536b384486e415d675e1f782cbba2e113695935a906c96498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:27 GMT
cache-control: public
server: Cowboy
accept-ranges: bytes
etag: "2B653D"
content-length: 6359
content-type: image/svg+xml

GET
H/1.1 200
OK banner-1.jpg
demo2.sso.pesaflow.com/images/ 179 KB
179 KB 1693ms
1678ms Image
image/jpeg 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo2.sso.pesaflow.com/images/banner-1.jpg
Requested by: Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: 76b0600e3374c331e0494f57f02d032e90895ed020ea62730f74f5cab8266bb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:27 GMT
cache-control: public
server: Cowboy
accept-ranges: bytes
etag: "2D278C3"
content-length: 183392
content-type: image/jpeg

GET
H/1.1 200
OK ico_cta_steps_3.svg
demo2.sso.pesaflow.com/images/ 6 KB
6 KB 2619ms
1329ms Image
image/svg+xml 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo2.sso.pesaflow.com/images/ico_cta_steps_3.svg
Requested by: Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: 9865bd94bf2c5bd346939fabfd81211d7c078b5eeb7d499e0ad048cd2ed44f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:28 GMT
cache-control: public
server: Cowboy
accept-ranges: bytes
etag: "431E16B"
content-length: 5700
content-type: image/svg+xml

GET
H/1.1 200
OK ico_cta_steps_2.svg
demo2.sso.pesaflow.com/images/ 7 KB
7 KB 1965ms
367ms Image
image/svg+xml 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo2.sso.pesaflow.com/images/ico_cta_steps_2.svg
Requested by: Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: dfcf735dc568a6fae25f1d0863d93924ac0cef3a6b759afe299b0882a8501337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:28 GMT
cache-control: public
server: Cowboy
accept-ranges: bytes
etag: "6A0CE32"
content-length: 7421
content-type: image/svg+xml

GET
H/1.1 200
OK ico_cta_steps_1.svg
demo2.sso.pesaflow.com/images/ 6 KB
7 KB 1823ms
1687ms Image
image/svg+xml 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo2.sso.pesaflow.com/images/ico_cta_steps_1.svg
Requested by: Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: 9282aa6e0fe72189daefc4fdbee2edfa9ab90031825e5c5cfafec63dbfc0b494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:29 GMT
cache-control: public
server: Cowboy
accept-ranges: bytes
etag: "647F1E0"
content-length: 6481
content-type: image/svg+xml

GET
H/1.1 200
OK eCitizen-logo-light.svg
demo2.sso.pesaflow.com/images/ 9 KB
10 KB 367ms
367ms Image
image/svg+xml 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo2.sso.pesaflow.com/images/eCitizen-logo-light.svg
Requested by: Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: c2261929bc9e6efba9fc726b72163127811bbd8c813139b3042a4143676bdc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:28 GMT
cache-control: public
server: Cowboy
accept-ranges: bytes
etag: "3AEC9E"
content-length: 9638
content-type: image/svg+xml

GET
H/1.1 200
OK hero-home-1.jpg
demo2.sso.pesaflow.com/images/ 725 KB
726 KB 1084ms
371ms Image
image/jpeg 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo2.sso.pesaflow.com/images/hero-home-1.jpg
Requested by: Host: demo2.sso.pesaflow.com
URL: https://demo2.sso.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: 861f09ae385b1b226cec8dd9e1807eb9dd2d4a7b9a9114f6ed2a527c5f4312d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:27 GMT
cache-control: public
server: Cowboy
accept-ranges: bytes
etag: "55EE0"
content-length: 742792
content-type: image/jpeg

GET
H2 200 wlpwgwvFAVdoq2_v-6QU.woff2
fonts.gstatic.com/s/lexend/v18/ 39 KB
39 KB 425ms
24ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v18/wlpwgwvFAVdoq2_v-6QU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lexend:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

212cab2c8f18589ea483920adea5f5d180ab007a4140ad723d931dae89d876e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://demo2.sso.pesaflow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 14:48:15 GMT
x-content-type-options: nosniff
age: 199872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39808
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 14:48:15 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 84ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VGDNZMLX1M&gtm=45je35o0&_p=1533903123&cid=326831597.1685398767&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685398767&sct=1&seg=0&dl=https%3A%2F%2Fdemo2.sso.pesaflow.com%2F&dt=Home%20%C2%B7%20Government%20of%20Kenya%20services%20simplified&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VGDNZMLX1M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 22:19:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://demo2.sso.pesaflow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ico-feat-service-5.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ 477 B
798 B 2283ms
365ms Image
image/png 197.248.8.192
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ico-feat-service-5.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.8.192 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-8-192.safaricombusiness.co.ke
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 59752b6d727eaf8b310ab236d476182531e9488b448dcf9e52cf07806baab11a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 29 May 2023 22:19:34 GMT
Last-Modified: Thu, 30 Mar 2023 15:49:33 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6425af8d-1dd"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 477
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET ico-feat-service-7.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ 0
0

GET ico-feat-service-6.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ 0
0

GET ico-feat-service-4.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ 0
0

GET ico-feat-service-1.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ 0
0

GET ico-feat-service-10.png
demoadmin.ecitizen.pesaflow.com/assets/media/ 0
0

GET
H/1.1 200
OK ico-feat-service-8.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ 718 B
1 KB 1274ms
366ms Image
image/png 197.248.8.192
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ico-feat-service-8.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.8.192 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-8-192.safaricombusiness.co.ke
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1589e284aca7923e5504d57b4daf8846fdf5169cecb81d771ba0772deecb1ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 29 May 2023 22:19:33 GMT
Last-Modified: Thu, 30 Mar 2023 16:00:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6425b216-2ce"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 718
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ico-feat-service-11.png
demoadmin.ecitizen.pesaflow.com/assets/media/ 902 B
1 KB 1640ms
365ms Image
image/png 197.248.8.192
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/ico-feat-service-11.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.8.192 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-8-192.safaricombusiness.co.ke
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 98684aad7471616e016859e22aa0f515c7863959f8fab826b6d4ea3f8abb61cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 29 May 2023 22:19:33 GMT
Last-Modified: Thu, 18 May 2023 15:15:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64664104-386"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 902
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mda-logo-1.png
demo2.sso.pesaflow.com/images/ 8 KB
8 KB 370ms
369ms Image
image/png 197.248.11.107
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo2.sso.pesaflow.com/images/mda-logo-1.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.11.107 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-11-107.safaricombusiness.co.ke
Software: Cowboy /
Resource Hash: 5de87e29f3b22569a4b56d3a623e5a3371d584e6caac798dffa853ffb7605e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:19:31 GMT
cache-control: public
server: Cowboy
accept-ranges: bytes
etag: "19EF83D"
content-length: 8497
content-type: image/png

GET agency-national-transport-and-safety-authority.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/ 0
0

GET agency-directorate-of-immigration-services.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/ 0
0

GET agency-directorate-of-criminal-investigations.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/ 0
0

GET agency-business-registration-services.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/ 0
0

GET agency-kenya-revenue-authority.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/ 0
0

GET coa-republic-of-kenya.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/ 0
0

GET agency-boma-yangu.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/ 0
0

GET agency-higher-education-loans-board-helb.jpg
demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/ 0
0

GET county-emblem-meru.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/04/ 0
0

GET county-emblem-tharaka-nithi.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/04/ 0
0

GET county-emblem-embu.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/04/ 0
0

GET county-emblem-kajiado.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/04/ 0
0

GET county-emblem-bomet.png
demoadmin.ecitizen.pesaflow.com/assets/media/2023/04/ 0
0

GET
H/1.1 200
OK eCitizen-hero-2.jpg
demoadmin.ecitizen.pesaflow.com/assets/media/ 176 KB
0 1635ms
728ms Image
image/jpeg 197.248.8.192
Safaricom

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/eCitizen-hero-2.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 197.248.8.192 Nairobi, Kenya, ASN37061 (Safaricom, KE),
Reverse DNS: 197-248-8-192.safaricombusiness.co.ke
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo2.sso.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 29 May 2023 22:19:33 GMT
Last-Modified: Sun, 21 May 2023 19:08:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "646a6c45-51428"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 332840
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ico-feat-service-7.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ico-feat-service-6.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ico-feat-service-4.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/03/ico-feat-service-1.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/ico-feat-service-10.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/agency-national-transport-and-safety-authority.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/agency-directorate-of-immigration-services.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/agency-directorate-of-criminal-investigations.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/agency-business-registration-services.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/agency-kenya-revenue-authority.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/coa-republic-of-kenya.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/agency-boma-yangu.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/05/agency-higher-education-loans-board-helb.jpg

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/04/county-emblem-meru.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/04/county-emblem-tharaka-nithi.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/04/county-emblem-embu.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/04/county-emblem-kajiado.png

Domain: demoadmin.ecitizen.pesaflow.com
URL: https://demoadmin.ecitizen.pesaflow.com/assets/media/2023/04/county-emblem-bomet.png

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
demo2.sso.pesaflow.com/	1969-12-31 23:59:59	Name: _single_signon_key Value: SFMyNTY.g3QAAAABbQAAAAtfY3NyZl90b2tlbm0AAAAYYVFYM1pTS3VLM01HNWhQT0M1VTR0eHpW.FKv9iAVADjRUpIctq2REuiPO_2729pqFp1EpG17XPQk
.pesaflow.com/	1970-01-20 21:45:58	Name: _ga_VGDNZMLX1M Value: GS1.1.1685398767.1.0.1685398767.0.0.0
.pesaflow.com/	1970-01-20 21:45:58	Name: _ga Value: GA1.1.326831597.1685398767

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
demo2.sso.pesaflow.com
demoadmin.ecitizen.pesaflow.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
www.googletagmanager.com
demoadmin.ecitizen.pesaflow.com
197.248.11.107
197.248.8.192
2001:4860:4802:34::36
2606:4700::6811:190e
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:829::200a
2a04:4e42:400::485
116f7fd41bf96c3881805a25dc8bf19d731807de97a90316544fcf311ba5123b
1589e284aca7923e5504d57b4daf8846fdf5169cecb81d771ba0772deecb1ab5
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
1b646e0302f2641be08313513719ce71a8b1105c073fba79b6e1ba9e23188635
212cab2c8f18589ea483920adea5f5d180ab007a4140ad723d931dae89d876e5
22853729731d0aa1ea76508517191faec6039ccc7dfc8f188cfc571e84f6da92
4d6d68a24877fac026109c3e826ca5295ca4a1b33118862baaba3e7830b4b59f
59752b6d727eaf8b310ab236d476182531e9488b448dcf9e52cf07806baab11a
5de87e29f3b22569a4b56d3a623e5a3371d584e6caac798dffa853ffb7605e0a
73a4544ae1dfdea5faae60912a5b4320c597449059a3a97ab999f323c581b037
76b0600e3374c331e0494f57f02d032e90895ed020ea62730f74f5cab8266bb5
775f58acd9da697eb8c6b49a41d3191f7061d68f7a034dfcd821f154b813f76f
81225d7402f5346e056d8359a1bc85d08a4d533edc097d8e2dac36fc030e0c48
83a79810b6b2ca1536b384486e415d675e1f782cbba2e113695935a906c96498
861f09ae385b1b226cec8dd9e1807eb9dd2d4a7b9a9114f6ed2a527c5f4312d1
9282aa6e0fe72189daefc4fdbee2edfa9ab90031825e5c5cfafec63dbfc0b494
9865bd94bf2c5bd346939fabfd81211d7c078b5eeb7d499e0ad048cd2ed44f49
98684aad7471616e016859e22aa0f515c7863959f8fab826b6d4ea3f8abb61cf
c2261929bc9e6efba9fc726b72163127811bbd8c813139b3042a4143676bdc8b
dfcf735dc568a6fae25f1d0863d93924ac0cef3a6b759afe299b0882a8501337
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa165079f80984d2bb780d7aaa74cc20f08107ae344d474b7ebe02b6dfd93b5e
fa4910f3eeb3061be3aaf5cfd464295adafc200ab161c971a290e92bf49b009c

demo2.sso.pesaflow.com Open in urlscan Pro 197.248.11.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

57 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

9 IPs

3 Countries

2343 kBTransfer

2740 kBSize

3 Cookies

16 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

demo2.sso.pesaflow.com Open in urlscan Pro
197.248.11.107 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

57 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2343 kB
Transfer

2740 kB
Size

3
Cookies

42 HTTP transactions
0 data transactions