www.payments.konointti.ac.ke Open in urlscan Pro
57.129.1.142 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.payments.konointti.ac.ke/
Submission: On March 18 via automatic, source certstream-suspicious (March 18th 2024, 8:16:47 am UTC) — Scanned from DE

Summary HTTP 9 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 9 HTTP transactions. The main IP is 57.129.1.142, located in Frankfurt am Main, Germany and belongs to OVH, FR. The main domain is www.payments.konointti.ac.ke.
TLS certificate: Issued by R3 on March 18th 2024. Valid for: 3 months.

This is the only time www.payments.konointti.ac.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	57.129.1.142 57.129.1.142	16276 (OVH) (OVH)
1	2c0f:fe38:7:1... 2c0f:fe38:7:16:face:b00c:0:a7	33771 (SAFARICOM...) (SAFARICOM-LIMITED)
2 3	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
9	5

4 57.129.1.142 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: thirty.geonta.com

www.payments.konointti.ac.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2c0f:fe38:7:16:face:b00c:0:a7 (Kenya)

ASN33771 (SAFARICOM-LIMITED, KE)

scontent.fnbo10-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7eaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	konointti.ac.ke www.payments.konointti.ac.ke	219 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 757	17 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	2 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	fbcdn.net scontent.fnbo10-1.fna.fbcdn.net	21 B
9	5

	Domain	Requested by
4	www.payments.konointti.ac.ke	www.payments.konointti.ac.ke
3	unpkg.com	2 redirects www.payments.konointti.ac.ke
2	fonts.googleapis.com	www.payments.konointti.ac.ke
1	fonts.gstatic.com	fonts.googleapis.com
1	scontent.fnbo10-1.fna.fbcdn.net	www.payments.konointti.ac.ke
9	5

This site contains links to these domains. Also see Links.

Domain
accounts.ecitizen.go.ke
x.com

Subject Issuer	Validity	Valid
www.payments.konointti.ac.ke R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
*.fnbo10-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2024-03-02` - `2024-05-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.payments.konointti.ac.ke/
Frame ID: D0C003E386A0F592D7BB4E88C75526C9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

T PAY

Page Statistics

9
Requests

89 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

270 kB
Transfer

303 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts.ecitizen.go.ke/en
Title: Get Started

Search URL Search Domain Scan URL

URL: https://x.com/wamae_arnold
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://unpkg.com/alpinejs HTTP 302
https://unpkg.com/alpinejs@3.13.7 HTTP 302
https://unpkg.com/alpinejs@3.13.7/dist/cdn.min.js

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.payments.konointti.ac.ke/ 11 KB
12 KB 950ms
135ms Document
text/html 57.129.1.142
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payments.konointti.ac.ke/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 57.129.1.142 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS: thirty.geonta.com
Software: Apache /
Resource Hash: 61a7e8ffcb76f7a64a4b15454fd8bd65d07bc3fba4aadfb86ac28c2b6ff5e381

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Mar 2024 08:16:43 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H/1.1 200
OK app-b6f6b5fa.css
www.payments.konointti.ac.ke/build/assets/ 137 KB
137 KB 35ms
33ms Stylesheet
text/css 57.129.1.142
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payments.konointti.ac.ke/build/assets/app-b6f6b5fa.css
Requested by: Host: www.payments.konointti.ac.ke
URL: https://www.payments.konointti.ac.ke/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 57.129.1.142 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS: thirty.geonta.com
Software: Apache /
Resource Hash: b6f6b5fa88766640bbe4b48d765c9cd77e670f4ad2cf6f0a71ef1befa4907af5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payments.konointti.ac.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:16:43 GMT
Last-Modified: Wed, 21 Feb 2024 17:23:12 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 140191

GET
H/1.1 200
OK app-4a08c204.js Show response
www.payments.konointti.ac.ke/build/assets/ 69 KB
69 KB 30ms
8ms Script
application/javascript 57.129.1.142
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payments.konointti.ac.ke/build/assets/app-4a08c204.js
Requested by: Host: www.payments.konointti.ac.ke
URL: https://www.payments.konointti.ac.ke/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 57.129.1.142 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS: thirty.geonta.com
Software: Apache /
Resource Hash: d35cd0250a2145eda6291a30999e44f245544cd6e261d42ee49a4622055eef0b

Request headers

Referer: https://www.payments.konointti.ac.ke/
Origin: https://www.payments.konointti.ac.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:16:43 GMT
Last-Modified: Thu, 15 Feb 2024 12:58:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 70818

GET
H2 403 256847103_4910943372258787_3011477247262094753_n.jpg
scontent.fnbo10-1.fna.fbcdn.net/v/t39.30808-6/ 21 B
21 B 431ms
136ms Image
text/plain 2c0f:fe38:7:16:face:b00c:0:a7
SAFARICOM-LIMITED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fnbo10-1.fna.fbcdn.net/v/t39.30808-6/256847103_4910943372258787_3011477247262094753_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=efb6e6&_nc_ohc=QmgwnHi_9xEAX9e5uJ6&_nc_ht=scontent.fnbo10-1.fna&oh=00_AfCVoIV12y6qIW2CN16fDKFJ2xxaUC2whozS9pZYxdHUWQ&oe=65DAE4D6
Requested by: Host: www.payments.konointti.ac.ke
URL: https://www.payments.konointti.ac.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2c0f:fe38:7:16:face:b00c:0:a7 , Kenya, ASN33771 (SAFARICOM-LIMITED, KE),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payments.konointti.ac.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=134, rtx=0, c=12, mss=1326, tbw=2722, tp=-1, tpl=-1, uplat=0, ullat=-1
date: Mon, 18 Mar 2024 08:16:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 21
proxy-status: http_request_error; e_fb_configversion="AcKGcN8bpPURB3GIq2YplDcsQ93A708uKOqjLOnbI4WkqUFHrgBaK6die0uK7A"; e_clientaddr="AcK7oQBduuQvy9jveLejNxlmOsTBFDI5Mc8P--Adwda-9xEdMfvBpxtP2nd3MX4h9HFR60e5BIwAdsCY7L8rdu6hpJgkHA"; e_fb_vipport="AcLPoQIZjcw7baFnTACrV1AS3FM2j0IKE3e_Aufr18RnKreijmIV6EYwpPrF"; e_fb_requestsequencenumber="AcKHQn6yFan4PT9kVwamEdpVumHxrNQTC_hIasYnSWibg_VmzAlo9MBNaA"; e_fb_hostheader="AcL4wMiLplR8AeGTvD6WbT3GJcu93qrqi8ZTj6jc1TbPIO--3B7-zgALu-dGCDjT4vfKIw3-UjEJa13qDRTCDi4io-Zpb-aICg"; e_fb_vipaddr="AcIXqdnQNylsmnCBi3cfD6Cz2MoJbr09TGg6vMej3Da7snNnL7YOaUJx7wCBl46KJ22fQT1FMzPTU7Dpt149P8fbn21ysUg"; e_fb_requesthandler="AcLB9LQiqE4yLJzjfljCS9luRxS8If7okGDXrWye-7CSHRD5XidEVqKIKcSbb5OJJiXdIIK6yJ2oUSiv"; e_fb_requesttime="AcJNZSfUZiSnwbAx7wG1v4Y-b-BMWZ22dQ22PFPtLuZHt0uXx19urtCsayU8eJWaekMDih086Q"; e_fb_builduser="AcIBt9-DhD9lDoil9yaU7J0V7ZiSabWeCtdgnhvq2vG2CmL6_NX--zk7keq52bnE_bg"; e_fb_httpversion="AcJtmkAStAhVmQDC7byNtpKU5765yDdl8TX40dyUFgiovNmHHWPDkVWelb4K"; e_fb_binaryversion="AcK1xOBuxZDTgkj-l9nfBN7bW2oyx2c-TP3qf2g1kWRjQJZvrvLXeAherW2qSLld_zb7tptRmd5sm22k7Re9hszJipYe9vwKSQs"; e_proxy="AcJYQEnYfgvzV5TZw-ZZqlaRC822MvZCMKz68vJwc4xBk8hB2bMpiiU15tvDc9b1TXDna42vlPVv1A", http_request_error; e_fb_configversion="AcLvQA0C8oHUF7ubvyzNHjW_Yx1dThNaFVLCFKQy3L30DlvGIdzDRrflTYhNsw"; e_clientaddr="AcKxTNBpGSLJ-3wOk6KQ3rh1BDi9CZPgxDII2eDMsOAVnkPVEyymR0OnXH75a7_OjeaWQ32XOl7XSzMB257yOgBFrq8E4w"; e_fb_vipport="AcJRADasm-bieyG4dl2pQgwc3TINOpwpV1mgoYJoNJVUTJSvEaJHEVHLRdd8"; e_fb_requestsequencenumber="AcKPoLPUEaZjmKIfoyqjCbLF9rXBOtpOiKviw98ovju2W6JCSQ33ODHfaQ"; e_fb_hostheader="AcIN_f10TIthqrcltPgIvAZ_GR6A4-UVBGVoKYRdv8HLuh9SR3jCiDW9l2obDfnEvqL3cqxkTrQWQUmUGEwvc9jpsAhsCN4-Mg"; e_fb_vipaddr="AcKReqXbROtx1yP28JYCfOXtqKIiSqA1UUIg1m-I4DG_dhYEs2JCcs4ytCbX33XpH16o3RGB3aXp-s4UXeghUeIYVireqSE"; e_fb_requesthandler="AcIUOhxzWToKZAXSN8VKsrybRAjcpT4gyhvI_CMOkIcmCg522cI7g6pfJYoEDwY6OAqW0NGyOlRXpNWV"; e_fb_requesttime="AcIsZ7PUef3LJRdd_p4L0rqbUHk4s8bHManGbRp4ZqNqvdDwI8IazuyGH49HPxY9ZHWwbADkcA"; e_fb_builduser="AcInOInwpRK_REsn_A-2y8odZot-OPNqh_gnlYxcNtfuu3Yiz6y6eKXPCrsQIor0-gA"; e_fb_httpversion="AcLti4YVL1hB3ysZ9HOmdmxn0c8_WdBmONhsQrUz8Yd9lXDUJPfjUdwN19F8"; e_fb_binaryversion="AcK3j_Q5WFtUUFbr9AfaZa5bNqLfPExFNF7jv-o6DLx2SVu7BczxvUEquwbimFmcu7Q0k_DAyMhsburB2y5QOA1FaA3TJyPJRGU"; e_proxy="AcI89HpL-AS9D2d80Ixjq02ewZrhYbIYHSLrjBq2606yITcZfC8KJEdOgFfv-B9JLcLABxhBECF93A"

GET
H/1.1 200
OK p.js Show response
www.payments.konointti.ac.ke/js_/ 547 B
802 B 29ms
7ms Script
application/javascript 57.129.1.142
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payments.konointti.ac.ke/js_/p.js
Requested by: Host: www.payments.konointti.ac.ke
URL: https://www.payments.konointti.ac.ke/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 57.129.1.142 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS: thirty.geonta.com
Software: Apache /
Resource Hash: 7952e376e1f2939cbd75266bf915ccd5d7fe524f7c697b00de5bc362444ce291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payments.konointti.ac.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 08:16:43 GMT
Last-Modified: Thu, 15 Feb 2024 15:25:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 547

GET
H2

200

cdn.min.js Show response
unpkg.com/alpinejs@3.13.7/dist/
Redirect Chain

https://unpkg.com/alpinejs
https://unpkg.com/alpinejs@3.13.7
https://unpkg.com/alpinejs@3.13.7/dist/cdn.min.js

43 KB
16 KB

25ms
24ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/alpinejs@3.13.7/dist/cdn.min.js

Requested by

Host: www.payments.konointti.ac.ke
URL: https://www.payments.konointti.ac.ke/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bdc5d6356b4364d902406552c8195a89e878861bcf75183165ef80d2a295ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payments.konointti.ac.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 08:16:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 397002
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFH79C9BESAZ2V60BRG8NB-fra
server: cloudflare
etag: W/"abc8-1fGzL4b6Wxcsrlk2kaIuFYT6aR8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8663c83ea91c9b7c-FRA

Redirect headers

date: Mon, 18 Mar 2024 08:16:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HRWB3YVWGG20JCYFTN8PQHRT-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 401631
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /alpinejs@3.13.7/dist/cdn.min.js
cache-control: public, max-age=31536000
cf-ray: 8663c83e08889b7c-FRA

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
643 B 213ms
54ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: www.payments.konointti.ac.ke
URL: https://www.payments.konointti.ac.ke/build/assets/app-b6f6b5fa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20185357ab88094444afb8b9bcd2f4bd8eeaeb58cbe0f27c6a823994c02f4085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payments.konointti.ac.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 08:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 07:34:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 08:16:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1017 B 206ms
47ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,700

Requested by

Host: www.payments.konointti.ac.ke
URL: https://www.payments.konointti.ac.ke/build/assets/app-b6f6b5fa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92d510895c10115b9195ba6ca921293876e7d072277db9ed79cac21de103cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payments.konointti.ac.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 08:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 06:29:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 08:16:43 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 113ms
35ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.payments.konointti.ac.ke
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 571359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 17:34:04 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| axios object| Alpine

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.payments.konointti.ac.ke/	1970-01-20 19:12:37	Name: XSRF-TOKEN Value: eyJpdiI6Ino1ZnZ2VmIwd3VzWU43MUhVTmhERkE9PSIsInZhbHVlIjoiQ0d4VTdpazFka2Y1c2hHTms2NGt4TmRNbGcwOGhUZEJLZjB6K0RxT3kyQVVpeTd4UE5ReU1zejN5dGJSQXdvdkpmZlBBRFI1enFkRzY5N1ZEUlcwbHVQZ0FJUG1teUpvN2FmM2ZXMGFueEo3NzBDeFphbjNDOGRGdG15Z2VPUzMiLCJtYWMiOiJkMTgwMzFjMjQ0YzM4MjBiNWFhNTM1MWMzZDUxNWY2ZWRiM2EyNDcwNjgwYTMyNzUwYzRmMzRmNTIwOWY0OGNlIiwidGFnIjoiIn0%3D
			www.payments.konointti.ac.ke/	1970-01-20 19:12:37	Name: t_pay_session Value: eyJpdiI6InFGNW4wQWJyM3FjQ0VKVk56WDl1ZXc9PSIsInZhbHVlIjoiRTdLNXB3MTdUSGdvdlZNblZScHZPb3Z6cHdsWTB1ZlhhdEZNb1lNN21pdFByNzZDTkZXcDZWb05OYjFPK0Y3b1RsYUxRL2tCeHhyZUVBR0V0dkpsRHhVdW9GYWR6TlpnNVRPNkhsQ2hMK0FkQm9BTGxmSFZzRzlVV25NdU55eEkiLCJtYWMiOiIxNDg5Y2NmODFiNDc4ZGIzMTJkYTU5N2RjYjhmYzNmMmE0NTdlYWRlNDNiNzgwZjYzZTFjMzk2MmE5NTkwZGI5IiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scontent.fnbo10-1.fna.fbcdn.net/v/t39.30808-6/256847103_4910943372258787_3011477247262094753_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=efb6e6&_nc_ohc=QmgwnHi_9xEAX9e5uJ6&_nc_ht=scontent.fnbo10-1.fna&oh=00_AfCVoIV12y6qIW2CN16fDKFJ2xxaUC2whozS9pZYxdHUWQ&oe=65DAE4D6 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
scontent.fnbo10-1.fna.fbcdn.net
unpkg.com
www.payments.konointti.ac.ke
2606:4700::6810:7eaf
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2c0f:fe38:7:16:face:b00c:0:a7
57.129.1.142
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
20185357ab88094444afb8b9bcd2f4bd8eeaeb58cbe0f27c6a823994c02f4085
5bdc5d6356b4364d902406552c8195a89e878861bcf75183165ef80d2a295ae2
61a7e8ffcb76f7a64a4b15454fd8bd65d07bc3fba4aadfb86ac28c2b6ff5e381
7952e376e1f2939cbd75266bf915ccd5d7fe524f7c697b00de5bc362444ce291
92d510895c10115b9195ba6ca921293876e7d072277db9ed79cac21de103cf1b
b6f6b5fa88766640bbe4b48d765c9cd77e670f4ad2cf6f0a71ef1befa4907af5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
d35cd0250a2145eda6291a30999e44f245544cd6e261d42ee49a4622055eef0b

www.payments.konointti.ac.ke Open in urlscan Pro 57.129.1.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

89 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

270 kBTransfer

303 kBSize

2 Cookies

2 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

www.payments.konointti.ac.ke Open in urlscan Pro
57.129.1.142 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

270 kB
Transfer

303 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions