accounts.ecitizen.go.ke Open in urlscan Pro
2606:4700:10::6816:5af  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://accounts.ecitizen.go.ke/ Page URL
2. https://accounts.ecitizen.go.ke/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	/ Show response accounts.ecitizen.go.ke/	7 KB 5 KB	99ms 27ms	Document text/html	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d75a116cac56e7bbd05d7d1acc0eea3d08a5c5deee70809bd8dcd21aa74a2662 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 82abbba25d3d2bd5-FRA content-encoding gzip content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Thu, 23 Nov 2023 19:14:03 GMT expires Thu, 01 Jan 1970 00:00:01 GMT origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	challenges.css accounts.ecitizen.go.ke/cdn-cgi/styles/	6 KB 3 KB	23ms 22ms	Stylesheet text/css	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/cdn-cgi/styles/challenges.css Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.ecitizen.go.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 19:14:03 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 16 Nov 2023 21:55:48 GMT server cloudflare etag W/"65568fe4-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 82abbba2bdba2bd5-FRA expires Thu, 23 Nov 2023 21:14:03 GMT
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	122ms 77ms	Script text/javascript	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer Origin https://accounts.ecitizen.go.ke accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 19:14:03 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 82abbba2f87403b0-FRA
GET H2	200	v1 Show response accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	171 KB 57 KB	37ms 36ms	Script application/javascript	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82abbba25d3d2bd5 Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 556a0b43e16114991960a09ad1082b608b053c01af301a749baa9ecab518afa9 Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.ecitizen.go.ke/?__cf_chl_rt_tk=nqqy0cjoEtrLA2YIpk5wTODh6D2ItaoQtcbtcQIu9xs-1700766843-0-gaNycGzNDXs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 19:14:03 GMT cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip server cloudflare cf-ray 82abbba2dde92bd5-FRA content-type application/javascript; charset=UTF-8
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/9914b343/	33 KB 11 KB	93ms 49ms	Script application/javascript	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82abbba25d3d2bd5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7 Request headers Referer Origin https://accounts.ecitizen.go.ke accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 19:14:03 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 82abbba37a42903c-FRA alt-svc h3=":443"; ma=86400
GET H2	403	favicon.ico accounts.ecitizen.go.ke/	6 KB 6 KB	31ms 31ms	Image text/html	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.ecitizen.go.ke/favicon.ico Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93d7be4b47c069892262abf0aff3901968548a4d3d7f3aac6a36f64eb3324d77 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.ecitizen.go.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 19:14:03 GMT content-encoding gzip cross-origin-embedder-policy require-corp cross-origin-resource-policy same-origin referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin cf-mitigated challenge x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=UTF-8 origin-agent-cluster ?1 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-ray 82abbba33e5a2bd5-FRA expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	6d6b7b4e-43c3-4408-b983-ebe02cf3f97c https://accounts.ecitizen.go.ke/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://accounts.ecitizen.go.ke/6d6b7b4e-43c3-4408-b983-ebe02cf3f97c Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.ecitizen.go.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H2	204	rum Show response accounts.ecitizen.go.ke/cdn-cgi/	0 147 B	26ms 26ms	XHR text/plain	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://accounts.ecitizen.go.ke/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 content-type application/json Response headers date Thu, 23 Nov 2023 19:14:03 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://accounts.ecitizen.go.ke x-frame-options DENY access-control-allow-credentials true cf-ray 82abbba3df6d2bd5-FRA
POST H2	200	6fc30795c6990e4 Show response accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/flow/ov1/230450388:1700764145:oEnkkj8XXXUDDOnf9EraL3pPmGD-n6VxRvJuoBiD_f0/82abbba25d3d2bd5/	12 KB 10 KB	47ms 47ms	XHR text/plain	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/flow/ov1/230450388:1700764145:oEnkkj8XXXUDDOnf9EraL3pPmGD-n6VxRvJuoBiD_f0/82abbba25d3d2bd5/6fc30795c6990e4 Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82abbba25d3d2bd5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7d568752fb0548ed199b509ffebf11b755acbfc5467a2c0eac0881b77216aad Request headers Referer https://accounts.ecitizen.go.ke/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 CF-Challenge 6fc30795c6990e4 Content-type application/x-www-form-urlencoded Response headers cf-chl-gen 5VYc1f3bVwDKaGQBXKUXF9H0Us3QrJfN+JoroNd5sZnyaj3m+uQdqvd/0IoORnAg$7PfAKpVl90M22KCdPej8kQ== date Thu, 23 Nov 2023 19:14:03 GMT content-encoding gzip server cloudflare cf-ray 82abbba3ef7a2bd5-FRA content-type text/plain; charset=UTF-8
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/c7quj/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 5799	0 0	56ms 33ms	Document text/html	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/c7quj/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 82abbba49e1e18f7-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Thu, 23 Nov 2023 19:14:03 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H2	200	6fc30795c6990e4 Show response accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/flow/ov1/230450388:1700764145:oEnkkj8XXXUDDOnf9EraL3pPmGD-n6VxRvJuoBiD_f0/82abbba25d3d2bd5/	2 KB 2 KB	46ms 43ms	XHR text/html	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/flow/ov1/230450388:1700764145:oEnkkj8XXXUDDOnf9EraL3pPmGD-n6VxRvJuoBiD_f0/82abbba25d3d2bd5/6fc30795c6990e4 Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82abbba25d3d2bd5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ea7a95ad327643563451a0ed24ad3f71ae30dc49977178c61d093e396f84bfc Request headers Referer https://accounts.ecitizen.go.ke/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 CF-Challenge 6fc30795c6990e4 Content-type application/x-www-form-urlencoded Response headers cf-chl-out L5lMDs51kMz0QJ5g0mlJ+7VAPzXMYNrnDOeS6lOJZHpPxYMEt4HjIaPE4xiBDLyYNJGUjf3UNboQxwEM1f0lQNTDC+pD6zvZBuoxX6tF/t0=$ZvdMzS91S4cIKn/r35/3pA== cf-chl-out-s Xye62V8ATAZjuSem7+o4CF2Do9zCnegSrXRQ5S9d9MnTcXhz2o5V2rU6nXNdDVdPeab3hNoGGDSLsBz7R8IuMzqoi/wbP9bViCdvHCdpU15w33OTOIVgMGJOanBkAZxIhVwNqMTIEgQe+JokEwQHKDkGG42DIaxbHwzc/3JVIjbcN29uE1h01kYJoW4JAU8W$N6LdnQXeEn0fiRfm0pvkUg== date Thu, 23 Nov 2023 19:14:03 GMT content-encoding gzip server cloudflare cf-ray 82abbba6abbe2bd5-FRA content-type text/html; charset=UTF-8
GET H2	403	Primary Request / Show response accounts.ecitizen.go.ke/	6 KB 4 KB	37ms 37ms	Document text/html	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/ Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82abbba25d3d2bd5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84dca82db51a06120de5b74d884ddeace34312d7f3cfe90b959215812c78d7b7 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://accounts.ecitizen.go.ke/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 82abbbb5fbfe2bd5-FRA content-encoding gzip content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Thu, 23 Nov 2023 19:14:06 GMT expires Thu, 01 Jan 1970 00:00:01 GMT origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
POST		rum accounts.ecitizen.go.ke/cdn-cgi/	0 0
GET H2	200	challenges.css accounts.ecitizen.go.ke/cdn-cgi/styles/	6 KB 3 KB	23ms 22ms	Stylesheet text/css	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/cdn-cgi/styles/challenges.css Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.ecitizen.go.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 19:14:06 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 16 Nov 2023 21:55:48 GMT server cloudflare etag W/"65568fe4-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 82abbbb63c6a2bd5-FRA expires Thu, 23 Nov 2023 21:14:06 GMT
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	77ms 76ms	Script text/javascript	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer Origin https://accounts.ecitizen.go.ke accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 19:14:06 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 82abbbb63fa403b0-FRA
GET H2	200	v1 Show response accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	173 KB 59 KB	38ms 38ms	Script application/javascript	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82abbbb5fbfe2bd5 Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e281832256e0e9ef1817bd19557850e3ab971e7010d5ca5ad6bd8eed56efd15a Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.ecitizen.go.ke/?__cf_chl_rt_tk=cRKhhKB6YQQl91xabcA.hEu9G91d88yKQ0MOvmG1cG0-1700766846-0-gaNycGzNCns User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 19:14:06 GMT cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip server cloudflare cf-ray 82abbbb66caa2bd5-FRA content-type application/javascript; charset=UTF-8
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/9914b343/	33 KB 11 KB	44ms 44ms	Script application/javascript	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82abbbb5fbfe2bd5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7 Request headers Referer Origin https://accounts.ecitizen.go.ke accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 19:14:06 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 82abbbb6bc91903c-FRA alt-svc h3=":443"; ma=86400
GET H2	403	favicon.ico accounts.ecitizen.go.ke/	6 KB 6 KB	35ms 35ms	Image text/html	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.ecitizen.go.ke/favicon.ico Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74c55d1d2d29ff26dbf98d9e3f9c99a6c93a40873c88131e7065c5b8183581bb Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.ecitizen.go.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 19:14:06 GMT content-encoding gzip cross-origin-embedder-policy require-corp cross-origin-resource-policy same-origin referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin cf-mitigated challenge x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=UTF-8 origin-agent-cluster ?1 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-ray 82abbbb6bd342bd5-FRA expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	2805c259-764f-44f3-a427-e44edc500ad2 https://accounts.ecitizen.go.ke/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://accounts.ecitizen.go.ke/2805c259-764f-44f3-a427-e44edc500ad2 Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.ecitizen.go.ke/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H2	204	rum Show response accounts.ecitizen.go.ke/cdn-cgi/	0 37 B	23ms 23ms	XHR text/plain	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://accounts.ecitizen.go.ke/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 content-type application/json Response headers date Thu, 23 Nov 2023 19:14:06 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://accounts.ecitizen.go.ke x-frame-options DENY access-control-allow-credentials true cf-ray 82abbbb70dd82bd5-FRA
POST H2	200	75598b5ea773c3a Show response accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/flow/ov1/742726108:1700764066:L9GcDelr9j-jshdIVaQF9o07sPceSD9-8qJPVy5sFU4/82abbbb5fbfe2bd5/	12 KB 9 KB	51ms 50ms	XHR text/plain	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/flow/ov1/742726108:1700764066:L9GcDelr9j-jshdIVaQF9o07sPceSD9-8qJPVy5sFU4/82abbbb5fbfe2bd5/75598b5ea773c3a Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82abbbb5fbfe2bd5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5f1e73f2c1ec7b13786612a4dd1962a27d4b9e8ba6b53a1960a00fe731466e4 Request headers Referer https://accounts.ecitizen.go.ke/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 CF-Challenge 75598b5ea773c3a Content-type application/x-www-form-urlencoded Response headers cf-chl-gen aBjvJN5m+kFshZnIXso3DJxxYceH9HX4u1xR3WshNMp27cvA2gaVKWXOJSv0gVCe$cOYmTmJWhEhqeoEtZiL+mw== date Thu, 23 Nov 2023 19:14:06 GMT content-encoding gzip server cloudflare cf-ray 82abbbb76e992bd5-FRA content-type text/plain; charset=UTF-8
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/0v3q9/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 46BF	0 0	35ms 35ms	Document text/html	2606:4700::6811:3b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/0v3q9/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 82abbbb7df1118f7-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Thu, 23 Nov 2023 19:14:06 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H2	200	75598b5ea773c3a Show response accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/flow/ov1/742726108:1700764066:L9GcDelr9j-jshdIVaQF9o07sPceSD9-8qJPVy5sFU4/82abbbb5fbfe2bd5/	2 KB 2 KB	41ms 40ms	XHR text/html	2606:4700:10::6816:5af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/flow/ov1/742726108:1700764066:L9GcDelr9j-jshdIVaQF9o07sPceSD9-8qJPVy5sFU4/82abbbb5fbfe2bd5/75598b5ea773c3a Requested by Host: accounts.ecitizen.go.ke URL: https://accounts.ecitizen.go.ke/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82abbbb5fbfe2bd5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 125b445e4a8a6377ba32105f9ce585a56bfa60b2ea3485ce3bafa86465f9daa9 Request headers Referer https://accounts.ecitizen.go.ke/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 CF-Challenge 75598b5ea773c3a Content-type application/x-www-form-urlencoded Response headers cf-chl-out jvnHDBsCgCc9MjGhF2QrOrBhpoIbQSSamYZyyAaXFSjeBnJOYnyfJrkcX5TdYmutV1PWspqrSJr76LzGy03XKOLApzJfO32lEAa21dnIrfw=$TGmtsg23rmIxczyUxELzXw== cf-chl-out-s dckaWpl1aoQl2fL+11sfUSWr5TUyEap8N3sfvF65n8ER4Zbuo8/L1/OSOAxXmJ4CNRbYCpWdnM69xChyup5hdVbw1+ncYOntAhY+PseiwC9tAjtgXRembDStUiU++3jF4VaCTvHioJ5P5+Hw+6kT/NnN8eosQLtkfL6ypDgq9/5GmnjQ82h1KNs0UJvg0704$oHw24LyihnA4qj0z7qgAmA== date Thu, 23 Nov 2023 19:14:06 GMT content-encoding gzip server cloudflare cf-ray 82abbbb969ac2bd5-FRA content-type text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

accounts.ecitizen.go.ke

URL

https://accounts.ecitizen.go.ke/cdn-cgi/rum?

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _cf_chl_opt function| FAIg1 boolean| WrwZ6 function| scUG3 function| SgWID6 function| LGYdpr9 function| FdoAsB7 object| nCiPQs6 function| IyIbT4 function| mgSMVQzBWl object| BoUQfS8 object| __cfBeacon object| turnstile boolean| CnXTHZ3 string| LPfb7

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			accounts.ecitizen.go.ke/	1970-01-20 16:26:10	Name: cf_chl_rc_m Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://accounts.ecitizen.go.ke/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.ecitizen.go.ke/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://accounts.ecitizen.go.ke/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.ecitizen.go.ke/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.ecitizen.go.ke
challenges.cloudflare.com
static.cloudflareinsights.com
accounts.ecitizen.go.ke
2606:4700:10::6816:5af
2606:4700::6810:3865
2606:4700::6811:3b8
125b445e4a8a6377ba32105f9ce585a56bfa60b2ea3485ce3bafa86465f9daa9
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
556a0b43e16114991960a09ad1082b608b053c01af301a749baa9ecab518afa9
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6ea7a95ad327643563451a0ed24ad3f71ae30dc49977178c61d093e396f84bfc
74c55d1d2d29ff26dbf98d9e3f9c99a6c93a40873c88131e7065c5b8183581bb
84dca82db51a06120de5b74d884ddeace34312d7f3cfe90b959215812c78d7b7
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
93d7be4b47c069892262abf0aff3901968548a4d3d7f3aac6a36f64eb3324d77
a5f1e73f2c1ec7b13786612a4dd1962a27d4b9e8ba6b53a1960a00fe731466e4
c7d568752fb0548ed199b509ffebf11b755acbfc5467a2c0eac0881b77216aad
d75a116cac56e7bbd05d7d1acc0eea3d08a5c5deee70809bd8dcd21aa74a2662
e281832256e0e9ef1817bd19557850e3ab971e7010d5ca5ad6bd8eed56efd15a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa