urlscan.io logo urlscan.io
SecurityTrails logo

client.oldmutual.co.ke Open in urlscan Pro
167.99.135.171  Public Scan

Go To Rescan Add Verdict Report
URL: https://client.oldmutual.co.ke/
Submission: On May 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 27 HTTP transactions. The main IP is 167.99.135.171, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is client.oldmutual.co.ke.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 16th 2024. Valid for: a year.
This is the only time client.oldmutual.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 167.99.135.171 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
27 4
Apex Domain
Subdomains		 Transfer
23 oldmutual.co.ke
client.oldmutual.co.ke
api-client.oldmutual.co.ke
2 MB
2 gstatic.com
fonts.gstatic.com
63 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
27 3
Domain Requested by
22 client.oldmutual.co.ke client.oldmutual.co.ke
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com client.oldmutual.co.ke
1 api-client.oldmutual.co.ke client.oldmutual.co.ke
27 4

This site contains no links.

Subject Issuer Validity Valid
*.oldmutual.co.ke
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-16 -
2025-05-16		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
api-client.oldmutual.co.ke
E1		 2024-04-07 -
2024-07-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://client.oldmutual.co.ke/
Frame ID: FE14228B35045B1D746F609C7F0C0416
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1970 kB
Transfer

1988 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
client.oldmutual.co.ke/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
02f9e8f135f49089d641837b9680e6a0e5fa8c0942ab314c555731d870a8c185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 May 2024 07:11:54 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
css
fonts.googleapis.com/ 		10 KB
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e43d76a198070a2391068dc3ea7370839a51b57f67eda2655bfcef3cda952792
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 May 2024 07:11:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 May 2024 06:57:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 May 2024 07:11:54 GMT
bootstrap.min.css
client.oldmutual.co.ke/plugins/bootstrap/dist/css/ 		138 KB
138 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-22688"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
140936
all.min.css
client.oldmutual.co.ke/plugins/fontawesome-free/css/ 		50 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/fontawesome-free/css/all.min.css
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-c80f"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51215
ionicons.min.css
client.oldmutual.co.ke/plugins/ionicons/dist/css/ 		45 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/ionicons/dist/css/ionicons.min.css
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
dadf318fbcd0c307d2719b32bb822e62166db48f56b6b570dbdbd168e43cc820
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-b5ff"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46591
iconkit.min.css
client.oldmutual.co.ke/plugins/icon-kit/dist/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/icon-kit/dist/css/iconkit.min.css
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
400582c09111dbf808df9bf5a4f5a0bec09fa265df58fcd7d5bdaf8932016dd4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-2b1f"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11039
perfect-scrollbar.css
client.oldmutual.co.ke/plugins/perfect-scrollbar/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/perfect-scrollbar/css/perfect-scrollbar.css
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7b6508c9e8e04de8ebfec5de2ce1c4303bc46a0a279283eff7e248c1c900a91b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-a26"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2598
theme.min.css
client.oldmutual.co.ke/dist/css/ 		162 KB
162 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/dist/css/theme.min.css
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a5cdec6a6c5d1c194c76c389f496a39ed500b21757f4a663593f38eeb5de96eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-28642"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
165442
theme-image.css
client.oldmutual.co.ke/dist/css/ 		70 B
327 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/dist/css/theme-image.css
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d4b775ee330d4acc7fa940b1c87856e90f901ebb4f5e1552b7cb9d3e22e7b42d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-46"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70
modernizr-2.8.3.min.js
client.oldmutual.co.ke/src/js/vendor/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/src/js/vendor/modernizr-2.8.3.min.js
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-3c9a"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15514
toastr.min.css
client.oldmutual.co.ke/plugins/toastr/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/toastr/toastr.min.css
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5e8ccf13f90af9f0a51d9b437b2f0c28e412485ed02af43fbe72c6d957d87ac8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-1a55"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6741
css2
fonts.googleapis.com/ 		4 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 May 2024 07:11:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 May 2024 07:09:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 May 2024 07:11:54 GMT
custom.css
client.oldmutual.co.ke/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/css/custom.css
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
82b7fe740b35f9c3edf77fbdbbcc1fc428811e0590219540ffe58261fb9dc9d4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-17a9"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6057
logo.png
client.oldmutual.co.ke/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.oldmutual.co.ke/img/logo.png
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c13fb58642425a160c67a2c237c33a7981f3df75f3464f269d735f7566a6b133
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Thu, 11 Apr 2024 08:53:43 GMT
Server
nginx
ETag
"6617a517-3eec"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16108
jquery-3.3.1.min.js
client.oldmutual.co.ke/src/js/vendor/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/src/js/vendor/jquery-3.3.1.min.js
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-1538f"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86927
popper.min.js
client.oldmutual.co.ke/plugins/popper.js/dist/umd/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/popper.js/dist/umd/popper.min.js
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
55305bb9041fddba69d6eee99b956bb169fe5a7e9c84e896d94d5d38c060f59b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-5083"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20611
bootstrap.min.js
client.oldmutual.co.ke/plugins/bootstrap/dist/js/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-c75f"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51039
perfect-scrollbar.min.js
client.oldmutual.co.ke/plugins/perfect-scrollbar/dist/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/perfect-scrollbar/dist/perfect-scrollbar.min.js
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-4773"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18291
screenfull.js
client.oldmutual.co.ke/plugins/screenfull/dist/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/screenfull/dist/screenfull.js
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3cb58305b04dca3c181a8518e093d6f4111506573ce8b452d1f2f0a17c084a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-dcc"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3532
toastr.min.js
client.oldmutual.co.ke/plugins/toastr/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/plugins/toastr/toastr.min.js
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
2cbcfe2d09d5f43e8430c13b6815b61a4caa6698e72882e95f41ae1e9d768b21
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-18f1"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6385
LiveChat.js
client.oldmutual.co.ke/assets/js/ 		310 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/assets/js/LiveChat.js
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
37fc7d7bbc42ef1c4465e462c58cdc42399a91fccfbde92bd0887d695d019dd4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-136"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
310
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://client.oldmutual.co.ke
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 02:40:48 GMT
x-content-type-options
nosniff
age
16266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 May 2025 02:40:48 GMT
login-bg.jpg
client.oldmutual.co.ke/img/auth/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.oldmutual.co.ke/img/auth/login-bg.jpg
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/dist/css/theme-image.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d3f406134c353b1c116504af1501889b69f55f960505faed8918751db07b365c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/dist/css/theme-image.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-13a4c6"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1287366
down-arrow.svg
client.oldmutual.co.ke/dist/img/ 		419 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.oldmutual.co.ke/dist/img/down-arrow.svg
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/dist/css/theme.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0c17c413e0e142b4a514648955181cd06492211f9fe88e4293179e9654a6ff36
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/dist/css/theme.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 07:11:54 GMT
Last-Modified
Tue, 14 May 2024 12:30:10 GMT
Server
nginx
ETag
"66435952-1a3"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
419
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://client.oldmutual.co.ke
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 06:41:12 GMT
x-content-type-options
nosniff
age
174642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 06:41:12 GMT
daily_rates
api-client.oldmutual.co.ke/api/ 		715 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-client.oldmutual.co.ke/api/daily_rates
Requested by
Host: client.oldmutual.co.ke
URL: https://client.oldmutual.co.ke/src/js/vendor/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2847ed076f03e9a151512f68222d834acee71bc5f87370cc72a0cb1d662f5c05
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
*/*
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:11:54 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"2cb-xhhwUAubgalSa7tBkgRMhTTrNdk"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cf-ray
88833c0f6a52718b-FRA
favicon.png
client.oldmutual.co.ke/ 		8 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://client.oldmutual.co.ke/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.135.171 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1ab09663d65003db4425e0929a326c216b487e150bb969c72a798d0b0f52295e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.oldmutual.co.ke/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 07:11:54 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr function| yepnope function| $ function| jQuery function| Popper object| bootstrap function| PerfectScrollbar object| screenfull object| toastr string| link object| Tawk_API object| Tawk_LoadStart

2 Cookies

Domain/Path Name / Value
client.oldmutual.co.ke/ Name: XSRF-TOKEN
Value: eyJpdiI6IlJRZkxCODJydU45cllMQ3V5blRJYmc9PSIsInZhbHVlIjoidHFiZ0dMZ0JrZlRCb3VFbG5lTXgrRGpFU3p3NDBMSjBFYWRuM25NTE80TDhFU0JVWXNoVlFOOTVHSmtYcVhPb3U2bHp5QXU2NVdmWHcxR2FKbDZ2Q3FUUjNxYjNUNmx1M2lLNVRHNUtuWEtHNDBFb2YxV0g0dWcvbUJ1Sit5OWMiLCJtYWMiOiJjNDE4NmIxMzgwY2Y2MWEyOTYyOTE2ZTY2ZGEzNWU5ZWQzODUyOWMwMjZlYmM1YzkxYTkzMGZiYjEwMjE3M2MyIn0%3D
client.oldmutual.co.ke/ Name: old_mutual_kenya_web_portal_session
Value: eyJpdiI6IjlzYjJ2cTVDaUdRRmROMzRNUEl0bFE9PSIsInZhbHVlIjoiMGo1RTVtcm9ob2xOL1dndTNrbDJ1UW5NZ282TFdwbHpwMElHME56RVJYOURMaWhYdG9ORE1sYW5KajMxbHJnbFJmYkdBOUljSVR0RDU4bjJKZzFoNnVOTTF3R2pja2NOSFRMMHNNcmNkaDBsdm9ieVZlQ3RiZmZyc1RQa0ZFUmwiLCJtYWMiOiI1Yjk5NjBjY2ZiZjUzODAzOTVjYzU4OGMzMzliOThiMmNjNDE2NjI3ZmY1OThlZmMzZWJjNjU5ZmQyM2EwYjVmIn0%3D

1 Console Messages

Source Level URL
Text
network error URL: https://client.oldmutual.co.ke/favicon.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-client.oldmutual.co.ke
client.oldmutual.co.ke
fonts.googleapis.com
fonts.gstatic.com
167.99.135.171
2606:4700:4400::ac40:94bc
2a00:1450:4001:80b::2003
2a00:1450:4001:812::200a
02f9e8f135f49089d641837b9680e6a0e5fa8c0942ab314c555731d870a8c185
0c17c413e0e142b4a514648955181cd06492211f9fe88e4293179e9654a6ff36
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ab09663d65003db4425e0929a326c216b487e150bb969c72a798d0b0f52295e
2847ed076f03e9a151512f68222d834acee71bc5f87370cc72a0cb1d662f5c05
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967
2cbcfe2d09d5f43e8430c13b6815b61a4caa6698e72882e95f41ae1e9d768b21
37fc7d7bbc42ef1c4465e462c58cdc42399a91fccfbde92bd0887d695d019dd4
400582c09111dbf808df9bf5a4f5a0bec09fa265df58fcd7d5bdaf8932016dd4
55305bb9041fddba69d6eee99b956bb169fe5a7e9c84e896d94d5d38c060f59b
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5e8ccf13f90af9f0a51d9b437b2f0c28e412485ed02af43fbe72c6d957d87ac8
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7b6508c9e8e04de8ebfec5de2ce1c4303bc46a0a279283eff7e248c1c900a91b
82b7fe740b35f9c3edf77fbdbbcc1fc428811e0590219540ffe58261fb9dc9d4
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634
a5cdec6a6c5d1c194c76c389f496a39ed500b21757f4a663593f38eeb5de96eb
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c13fb58642425a160c67a2c237c33a7981f3df75f3464f269d735f7566a6b133
d3f406134c353b1c116504af1501889b69f55f960505faed8918751db07b365c
d4b775ee330d4acc7fa940b1c87856e90f901ebb4f5e1552b7cb9d3e22e7b42d
dadf318fbcd0c307d2719b32bb822e62166db48f56b6b570dbdbd168e43cc820
e3cb58305b04dca3c181a8518e093d6f4111506573ce8b452d1f2f0a17c084a1
e43d76a198070a2391068dc3ea7370839a51b57f67eda2655bfcef3cda952792