sfe-imke.ds.imbank.com Open in urlscan Pro
196.13.209.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sfe-imke.ds.imbank.com/
Submission: On August 22 via automatic, source certstream-suspicious (August 22nd 2024, 9:13:49 pm UTC) — Scanned from DE

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 196.13.209.20, located in Kenya and belongs to I-and-M-Bank, KE. The main domain is sfe-imke.ds.imbank.com.
TLS certificate: Issued by R10 on August 22nd 2024. Valid for: 3 months.

This is the only time sfe-imke.ds.imbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	196.13.209.20 196.13.209.20	327884 (I-and-M-Bank) (I-and-M-Bank)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
15	4

10 196.13.209.20 (Kenya)

ASN327884 (I-and-M-Bank, KE)

sfe-imke.ds.imbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	imbank.com sfe-imke.ds.imbank.com	1 MB
3	gstatic.com fonts.gstatic.com	69 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	850 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	66 KB
15	4

	Domain	Requested by
10	sfe-imke.ds.imbank.com	sfe-imke.ds.imbank.com
3	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	sfe-imke.ds.imbank.com
1	www.googletagmanager.com	sfe-imke.ds.imbank.com
15	4

This site contains links to these domains. Also see Links.

Domain
forms.live.inm.corp

Subject Issuer	Validity	Valid
calltree.ds.imbank.com R10	`2024-08-22` - `2024-11-20`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sfe-imke.ds.imbank.com/
Frame ID: 2913183D51E2C0AE6C79F9BA5C4CFE08
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SFE KENYA

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

15
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1586 kB
Transfer

2914 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://forms.live.inm.corp/forms/
Title: Request access

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sfe-imke.ds.imbank.com/ 5 KB
4 KB 706ms
185ms Document
text/html 196.13.209.20
I-and-M-Bank

General

Check archive.org

Show headers Download Go to

Full URL

https://sfe-imke.ds.imbank.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.209.20 , Kenya, ASN327884 (I-and-M-Bank, KE),

Reverse DNS

Software

openresty/1.15.8.1 /

Resource Hash

3bd9b74b20f9d39ae2dbed7995baf952e2a3a8a6e7db117b57b4b415d99b4acb

Security Headers

Name	Value
Content-Security-Policy	default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Strict-Transport-Security	max-age=63072000; includeSubdomains max-age=63072000; includeSubdomains max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Aug 2024 21:13:42 GMT
ETag: W/"63f85d6c-1363"
Expires: Thu, 22 Aug 2024 21:13:41 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 24 Feb 2023 06:47:08 GMT
Server: openresty/1.15.8.1
Strict-Transport-Security: max-age=63072000; includeSubdomains max-age=63072000; includeSubdomains max-age=15724800; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 6.70f9b5de.chunk.css
sfe-imke.ds.imbank.com/static/css/ 143 KB
24 KB 178ms
177ms Stylesheet
text/css 196.13.209.20
I-and-M-Bank

General

Check archive.org

Show headers Download Go to

Full URL

https://sfe-imke.ds.imbank.com/static/css/6.70f9b5de.chunk.css

Requested by

Host: sfe-imke.ds.imbank.com
URL: https://sfe-imke.ds.imbank.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.209.20 , Kenya, ASN327884 (I-and-M-Bank, KE),

Reverse DNS

Software

openresty/1.15.8.1 /

Resource Hash

6baa716ba073e3f8c9a6b2ce6f9281eaaaca451a860a9c5ebbd6f602989de093

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://sfe-imke.ds.imbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 21:13:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 24 Feb 2023 06:47:08 GMT
Server: openresty/1.15.8.1
Content-Encoding: gzip
ETag: W/"63f85d6c-23ad6"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Expires: Fri, 22 Aug 2025 21:13:42 GMT

GET
H/1.1 200
OK main.f5777684.chunk.css
sfe-imke.ds.imbank.com/static/css/ 16 KB
4 KB 535ms
192ms Stylesheet
text/css 196.13.209.20
I-and-M-Bank

General

Check archive.org

Show headers Download Go to

Full URL

https://sfe-imke.ds.imbank.com/static/css/main.f5777684.chunk.css

Requested by

Host: sfe-imke.ds.imbank.com
URL: https://sfe-imke.ds.imbank.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.209.20 , Kenya, ASN327884 (I-and-M-Bank, KE),

Reverse DNS

Software

openresty/1.15.8.1 /

Resource Hash

602a3400627295fbc53b45145fd158fea9ef7cdbd74346a34d8e0188cc2032d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://sfe-imke.ds.imbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 21:13:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 24 Feb 2023 06:47:08 GMT
Server: openresty/1.15.8.1
Content-Encoding: gzip
ETag: W/"63f85d6c-3e62"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Fri, 22 Aug 2025 21:13:42 GMT

GET
H/1.1 200
OK 6.751ced87.chunk.js Show response
sfe-imke.ds.imbank.com/static/js/ 1 MB
371 KB 523ms
181ms Script
application/javascript 196.13.209.20
I-and-M-Bank

General

Check archive.org

Show headers Download Go to

Full URL

https://sfe-imke.ds.imbank.com/static/js/6.751ced87.chunk.js

Requested by

Host: sfe-imke.ds.imbank.com
URL: https://sfe-imke.ds.imbank.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.209.20 , Kenya, ASN327884 (I-and-M-Bank, KE),

Reverse DNS

Software

openresty/1.15.8.1 /

Resource Hash

3e2a47d75e4557260d43077632ba4764c699fbde606c6e9becd26111262f0707

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://sfe-imke.ds.imbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 21:13:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 24 Feb 2023 06:47:08 GMT
Server: openresty/1.15.8.1
Content-Encoding: gzip
ETag: W/"63f85d6c-15ffe3"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Fri, 22 Aug 2025 21:13:42 GMT

GET
H/1.1 200
OK main.53215e8a.chunk.js Show response
sfe-imke.ds.imbank.com/static/js/ 59 KB
16 KB 540ms
197ms Script
application/javascript 196.13.209.20
I-and-M-Bank

General

Check archive.org

Show headers Download Go to

Full URL

https://sfe-imke.ds.imbank.com/static/js/main.53215e8a.chunk.js

Requested by

Host: sfe-imke.ds.imbank.com
URL: https://sfe-imke.ds.imbank.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.209.20 , Kenya, ASN327884 (I-and-M-Bank, KE),

Reverse DNS

Software

openresty/1.15.8.1 /

Resource Hash

d2d3e67321393e002f4deb312c2e43e429822515ff03e75af29f75dd165a5038

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://sfe-imke.ds.imbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 21:13:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 24 Feb 2023 06:47:08 GMT
Server: openresty/1.15.8.1
Content-Encoding: gzip
ETag: W/"63f85d6c-ec50"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Fri, 22 Aug 2025 21:13:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
66 KB 147ms
55ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJJW4MC

Requested by

Host: sfe-imke.ds.imbank.com
URL: https://sfe-imke.ds.imbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83a953256df2c6dde22171e33324a0c21a134c8cb393e48d069b4d7d48cb6755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sfe-imke.ds.imbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 21:13:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66692
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Aug 2024 21:13:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
850 B 139ms
51ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Requested by

Host: sfe-imke.ds.imbank.com
URL: https://sfe-imke.ds.imbank.com/static/css/main.f5777684.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3db6f8817221a5ae78a52b8e333260135bf2519ebeef8a7d77d3bcd0ed950384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sfe-imke.ds.imbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Aug 2024 21:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Aug 2024 20:39:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Aug 2024 21:13:43 GMT

GET
H/1.1 200
OK i-m-logo.svg
sfe-imke.ds.imbank.com/ 2 KB
2 KB 175ms
175ms Other
image/svg+xml 196.13.209.20
I-and-M-Bank

General

Check archive.org

Show headers Download Go to

Full URL

https://sfe-imke.ds.imbank.com/i-m-logo.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.209.20 , Kenya, ASN327884 (I-and-M-Bank, KE),

Reverse DNS

Software

openresty/1.15.8.1 /

Resource Hash

a162bc93fba80d9d679dc483b198bd3eb2bf529e801e44daa3aea62f75ba75ae

Security Headers

Name	Value
Content-Security-Policy	default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Strict-Transport-Security	max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfe-imke.ds.imbank.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 21:13:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff, nosniff, nosniff
Content-Security-Policy: default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Last-Modified: Fri, 24 Feb 2023 06:46:14 GMT
Server: openresty/1.15.8.1
Content-Encoding: gzip
ETag: W/"63f85d36-75a"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Blue-back.svg
sfe-imke.ds.imbank.com/assets/images/ 642 B
1 KB 177ms
176ms Image
image/svg+xml 196.13.209.20
I-and-M-Bank

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sfe-imke.ds.imbank.com/assets/images/Blue-back.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.209.20 , Kenya, ASN327884 (I-and-M-Bank, KE),

Reverse DNS

Software

openresty/1.15.8.1 /

Resource Hash

e1d45f137d0406b9882132cd82d40a9957bd9ca1bcfdf999e981ea994c1d5946

Security Headers

Name	Value
Content-Security-Policy	default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Strict-Transport-Security	max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfe-imke.ds.imbank.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 21:13:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff, nosniff, nosniff
Content-Security-Policy: default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Last-Modified: Fri, 24 Feb 2023 06:46:14 GMT
Server: openresty/1.15.8.1
Content-Encoding: gzip
ETag: W/"63f85d36-282"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK white_logo.svg
sfe-imke.ds.imbank.com/assets/images/ 4 KB
3 KB 174ms
173ms Image
image/svg+xml 196.13.209.20
I-and-M-Bank

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sfe-imke.ds.imbank.com/assets/images/white_logo.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.209.20 , Kenya, ASN327884 (I-and-M-Bank, KE),

Reverse DNS

Software

openresty/1.15.8.1 /

Resource Hash

b19db582cfeb4357685633f74c764d98cfa73ec43d6c7296579d4e843d92bf58

Security Headers

Name	Value
Content-Security-Policy	default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Strict-Transport-Security	max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfe-imke.ds.imbank.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 21:13:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff, nosniff, nosniff
Content-Security-Policy: default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Last-Modified: Fri, 24 Feb 2023 06:46:14 GMT
Server: openresty/1.15.8.1
Content-Encoding: gzip
ETag: W/"63f85d36-f81"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK i-m-logo.svg
sfe-imke.ds.imbank.com/ 2 KB
0 165ms
165ms Other
image/svg+xml 196.13.209.20
I-and-M-Bank

General

Check archive.org

Show headers Download Go to

Full URL

https://sfe-imke.ds.imbank.com/i-m-logo.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.209.20 , Kenya, ASN327884 (I-and-M-Bank, KE),

Reverse DNS

Software

openresty/1.15.8.1 /

Resource Hash

a162bc93fba80d9d679dc483b198bd3eb2bf529e801e44daa3aea62f75ba75ae

Security Headers

Name	Value
Content-Security-Policy	default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfe-imke.ds.imbank.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 21:13:43 GMT
Content-Security-Policy: default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
X-Content-Type-Options: nosniff, nosniff, nosniff
Last-Modified: Fri, 24 Feb 2023 06:46:14 GMT
Server: openresty/1.15.8.1
Content-Encoding: gzip
ETag: W/"63f85d36-75a"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN, DENY
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Login_background.png
sfe-imke.ds.imbank.com/assets/images/ 1 MB
1 MB 175ms
175ms Image
image/png 196.13.209.20
I-and-M-Bank

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sfe-imke.ds.imbank.com/assets/images/Login_background.png

Requested by

Host: sfe-imke.ds.imbank.com
URL: https://sfe-imke.ds.imbank.com/static/css/main.f5777684.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

196.13.209.20 , Kenya, ASN327884 (I-and-M-Bank, KE),

Reverse DNS

Software

openresty/1.15.8.1 /

Resource Hash

d7cf76417f0154f6ecf386b5ac9be800c08cd93ccad3d52526a88881699382b8

Security Headers

Name	Value
Content-Security-Policy	default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Strict-Transport-Security	max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfe-imke.ds.imbank.com/static/css/main.f5777684.chunk.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 22 Aug 2024 21:13:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains, max-age=63072000; includeSubdomains, max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff, nosniff, nosniff
Content-Security-Policy: default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Last-Modified: Fri, 24 Feb 2023 06:46:14 GMT
Server: openresty/1.15.8.1
ETag: "63f85d36-10022e"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN, DENY
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1049134
X-XSS-Protection: 1; mode=block

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sfe-imke.ds.imbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 15:02:44 GMT
x-content-type-options: nosniff
age: 195060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 15:02:44 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 186ms
98ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sfe-imke.ds.imbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:10:10 GMT
x-content-type-options: nosniff
age: 198214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:10:10 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 170ms
82ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sfe-imke.ds.imbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:11:11 GMT
x-content-type-options: nosniff
age: 198153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:11:11 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com ajax.googleapis.com www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com fonts.googleapis.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' www.google-analytics.com
Strict-Transport-Security	max-age=63072000; includeSubdomains max-age=63072000; includeSubdomains max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
sfe-imke.ds.imbank.com
www.googletagmanager.com
196.13.209.20
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200a
2a00:1450:4001:830::2008
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
3bd9b74b20f9d39ae2dbed7995baf952e2a3a8a6e7db117b57b4b415d99b4acb
3db6f8817221a5ae78a52b8e333260135bf2519ebeef8a7d77d3bcd0ed950384
3e2a47d75e4557260d43077632ba4764c699fbde606c6e9becd26111262f0707
602a3400627295fbc53b45145fd158fea9ef7cdbd74346a34d8e0188cc2032d4
6baa716ba073e3f8c9a6b2ce6f9281eaaaca451a860a9c5ebbd6f602989de093
83a953256df2c6dde22171e33324a0c21a134c8cb393e48d069b4d7d48cb6755
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a162bc93fba80d9d679dc483b198bd3eb2bf529e801e44daa3aea62f75ba75ae
b19db582cfeb4357685633f74c764d98cfa73ec43d6c7296579d4e843d92bf58
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d2d3e67321393e002f4deb312c2e43e429822515ff03e75af29f75dd165a5038
d7cf76417f0154f6ecf386b5ac9be800c08cd93ccad3d52526a88881699382b8
e1d45f137d0406b9882132cd82d40a9957bd9ca1bcfdf999e981ea994c1d5946

sfe-imke.ds.imbank.com Open in urlscan Pro 196.13.209.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

1586 kBTransfer

2914 kBSize

0 Cookies

1 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

sfe-imke.ds.imbank.com Open in urlscan Pro
196.13.209.20 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1586 kB
Transfer

2914 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions