spirulinabyeserianifarm.co.ke Open in urlscan Pro
104.243.35.42 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
Submission: On March 04 via automatic, source openphish (March 4th 2022, 12:11:46 pm UTC) — Scanned from DE

Summary HTTP 60 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 60 HTTP transactions. The main IP is 104.243.35.42, located in United States and belongs to RELIABLESITE, US. The main domain is spirulinabyeserianifarm.co.ke.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 19th 2022. Valid for: 3 months.

This is the only time spirulinabyeserianifarm.co.ke was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: National Bank of Greece (Banking)

Domain & IP information

	IP Address	AS Autonomous System
5	104.243.35.42 104.243.35.42	23470 (RELIABLESITE) (RELIABLESITE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	2.16.186.248 2.16.186.248	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6812:1ac2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:7c00:1b:ef38:3680:21	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
60	16

5 104.243.35.42 (United States)

ASN23470 (RELIABLESITE, US)
PTR: kcic.crystalsystemssolutions.com

spirulinabyeserianifarm.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.16.186.248 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-248.deploy.static.akamaitechnologies.com

ibank.nbg.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1ac2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.nbg.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:7c00:1b:ef38:3680:21 (United States)

ASN16509 (AMAZON-02, US)

d21y75miwcfqoq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	nbg.gr ibank.nbg.gr — Cisco Umbrella Rank: 377251 www.nbg.gr — Cisco Umbrella Rank: 335098	157 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6433	956 B
6	google.com www.google.com — Cisco Umbrella Rank: 2	956 B
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	8 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	236 KB
5	spirulinabyeserianifarm.co.ke spirulinabyeserianifarm.co.ke	29 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	48 KB
2	gstatic.com www.gstatic.com	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	410 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	30 KB
1	cloudfront.net d21y75miwcfqoq.cloudfront.net	436 B
1	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 796	4 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
60	14

	Domain	Requested by
10	ibank.nbg.gr	spirulinabyeserianifarm.co.ke ibank.nbg.gr
6	www.google.de	spirulinabyeserianifarm.co.ke
6	www.google.com	spirulinabyeserianifarm.co.ke
6	googleads.g.doubleclick.net	spirulinabyeserianifarm.co.ke www.googleadservices.com
6	www.googletagmanager.com	spirulinabyeserianifarm.co.ke www.googletagmanager.com
5	spirulinabyeserianifarm.co.ke	spirulinabyeserianifarm.co.ke
3	connect.facebook.net	spirulinabyeserianifarm.co.ke connect.facebook.net
2	www.gstatic.com	spirulinabyeserianifarm.co.ke translate.googleapis.com
2	www.nbg.gr	spirulinabyeserianifarm.co.ke
1	www.facebook.com	spirulinabyeserianifarm.co.ke
1	code.jquery.com	spirulinabyeserianifarm.co.ke
1	d21y75miwcfqoq.cloudfront.net	spirulinabyeserianifarm.co.ke
1	translate.googleapis.com	spirulinabyeserianifarm.co.ke
1	www.googleadservices.com	spirulinabyeserianifarm.co.ke
1	www.google-analytics.com	spirulinabyeserianifarm.co.ke
60	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.nbg.gr

Subject Issuer	Validity	Valid
spirulinabyeserianifarm.co.ke cPanel, Inc. Certification Authority	`2022-02-19` - `2022-05-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-11` - `2022-03-11`	3 months	crt.sh
ibank.nbg.gr DigiCert SHA2 Extended Validation Server CA	`2020-05-20` - `2022-05-25`	2 years	crt.sh
WWW.NBG.GR DigiCert SHA2 Extended Validation Server CA	`2021-12-06` - `2022-11-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
Frame ID: D5B5CC3DDA8D2D0CD91CB7BA4E592CCE
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NBG i-bank

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

87 %
HTTPS

80 %
IPv6

14
Domains

15
Subdomains

16
IPs

3
Countries

552 kB
Transfer

1352 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ibanknbg

Search URL Search Domain Scan URL

URL: https://twitter.com/NationalBankGR

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCAwPZIUpdP3aIQlfw4bETLQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/national-bank-of-greece/

Search URL Search Domain Scan URL

URL: https://www.nbg.gr/el/contact/contact-form

Search URL Search Domain Scan URL

URL: https://www.nbg.gr/Style%20Library/ReusableContent/privacy_statement.pdf
Title: Προστασία Δεδομένων Προσωπικού Χαρακτήρα

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request code.htm Show response
spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/ 29 KB
29 KB 673ms
174ms Document
text/html 104.243.35.42
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.35.42 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: kcic.crystalsystemssolutions.com
Software: Apache /
Resource Hash: edaabf9e4e2d951fa3b86aca4c4071301814af1e1542d3f0ef2d51df94cbe154

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 04 Mar 2022 12:11:40 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2022 05:10:38 GMT
Accept-Ranges: bytes
Content-Length: 29412
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 408
date: Fri, 04 Mar 2022 12:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 04 Mar 2022 14:04:52 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 45ms
21ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 12:11:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
40 KB 42ms
18ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-670113652&l=dataLayer&cx=c

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf0fbc6918afe8501e0c964d882b8e211af7ebaeb69133a393fe1bde3172e8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40080
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:11:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 44ms
19ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-670112929&l=dataLayer&cx=c

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

835b935e80c09bd7f9376f7f9600f5eb3da83cbf740e9f919e67d9d62f9924f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40075
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:11:40 GMT

GET
H2 200 669086076924105 Show response
connect.facebook.net/signals/config/ 41 KB
11 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/669086076924105?v=2.9.48&r=stable

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

997ff25d876d6f95f55944b14cb8b4d8793aa351f77b36dd2475cdcb67ddc94d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10825
x-xss-protection: 0
pragma: public
x-fb-debug: ji/thXa27KKO/9MQ3t3f8dQFcEMjPM4TciUTBoYqM4tfcN5mgnciefPj/4Hyt/ezVbej7bgARH7fc1uM53E6Ew==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 04 Mar 2022 12:11:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: yLfydNITqP2K3pB+aeZUH4IluQ/oRvB0sp7KYxAX46oLhDaQvW+xKpX2DluUH8iNyhfRgnh8OiN36TnMUyh+Sw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 04 Mar 2022 12:11:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 53ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-672837021

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eac97e6040eeb62a4997bcbf5fe48801c0a89b4dfcc5481e1453bee2218cd026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40066
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:11:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-670112929

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8493074818e846b7359d2a74998d2fce7f6041ea58bfe16c27e1654ea96504e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40067
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:11:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 32ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-670113652

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecbc63cd39546b63bde1c65216e26cc6ca157e3e1e4d0c7b3a06d922fdb5131e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40069
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:11:40 GMT

GET
H2 200 style.ca526fce9e30c290bc50.css
ibank.nbg.gr/identity/dist/ 202 KB
33 KB 116ms
40ms Stylesheet
text/css 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

Resource Hash

19df7680322f127251b8b1a18a4a44c9948207b3861bf574b337a2eca41ec6d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 12:58:57 GMT
etag: "7d4c82c2e8b9d71:0"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 33829

GET
H2 404 19ae83df
ibank.nbg.gr/akam/11/ 0
0 25ms
24ms Script
text/html 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ibank.nbg.gr/akam/11/19ae83df

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
content-length: 9
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 nbg.jquery.cookiebar.css
www.nbg.gr/Style%20Library/css/ 1 KB
816 B 315ms
239ms Stylesheet
text/css 2606:4700::6812:1ac2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbg.gr/Style%20Library/css/nbg.jquery.cookiebar.css

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ac2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

aba55c1d024641781cb8fdb7a2ebd290c450c3fd1911045bfde41158431e0071

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: https: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
last-modified: Thu, 23 Apr 2020 14:45:50 GMT
server: cloudflare
etag: W/"02391e17d19d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
expires: Fri, 04 Mar 2022 12:16:40 GMT
cache-control: public, max-age=300
cf-polished: origSize=1452
content-security-policy: default-src 'self' data: https: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:;
cf-ray: 6e6a840b3bac020d-ZRH
cf-bgj: minify

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/670112929/ 3 KB
2 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/670112929/?random=1636058035780&cv=9&fst=1636058035780&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1536&u_ah=984&u_aw=1536&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaar0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fibank.nbg.gr%2Fidentity%2Flogin%3FReturnUrl%3Dhttps%3A%252F%252Fibank.nbg.gr%252Fidentity%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D48423927-4F90-46A4-9F41-63A0B3114A92%2526redirect_uri%253Dhttps%25253A%25252F%25252Fibank.nbg.gr%25252Fweb%25252F%2526response_mode%253Dform_post%2526response_type%253Dcode%252520id_token%2526scope%253Dopenid%252520role%252520ibank_profile%252520ibank-cards-api-v1%252520ibank-loans-api-v1%252520ibank-profile-api-v1%252520ibank-go4more-api-v1%252520ibank-billpayments-api-v1%252520ibank-accounts-api-v1%252520ibank-proxy-api-v1%25&ref=https%3A%2F%2Fwww.nbg.gr%2F&tiba=NBG%20i-bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be5a0b165162285919707892ac410a70ac0e819a4f1e1a7aa0aea928d7af77fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1276
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/670113652/ 3 KB
1 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/670113652/?random=1636058035786&cv=9&fst=1636058035786&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1536&u_ah=984&u_aw=1536&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&gtm=2oab31&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fibank.nbg.gr%2Fidentity%2Flogin%3FReturnUrl%3Dhttps%3A%252F%252Fibank.nbg.gr%252Fidentity%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D48423927-4F90-46A4-9F41-63A0B3114A92%2526redirect_uri%253Dhttps%25253A%25252F%25252Fibank.nbg.gr%25252Fweb%25252F%2526response_mode%253Dform_post%2526response_type%253Dcode%252520id_token%2526scope%253Dopenid%252520role%252520ibank_profile%252520ibank-cards-api-v1%252520ibank-loans-api-v1%252520ibank-profile-api-v1%252520ibank-go4more-api-v1%252520ibank-billpayments-api-v1%252520ibank-accounts-api-v1%252520ibank-proxy-api-v1%25&ref=https%3A%2F%2Fwww.nbg.gr%2F&tiba=NBG%20i-bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a8bebb62584375a3c98dcc024f1c0365078079580a500a3c52fb2893d509ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1275
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/672837021/ 3 KB
1 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/672837021/?random=1636058035790&cv=9&fst=1636058035790&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1536&u_ah=984&u_aw=1536&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaar0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fibank.nbg.gr%2Fidentity%2Flogin%3FReturnUrl%3Dhttps%3A%252F%252Fibank.nbg.gr%252Fidentity%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D48423927-4F90-46A4-9F41-63A0B3114A92%2526redirect_uri%253Dhttps%25253A%25252F%25252Fibank.nbg.gr%25252Fweb%25252F%2526response_mode%253Dform_post%2526response_type%253Dcode%252520id_token%2526scope%253Dopenid%252520role%252520ibank_profile%252520ibank-cards-api-v1%252520ibank-loans-api-v1%252520ibank-profile-api-v1%252520ibank-go4more-api-v1%252520ibank-billpayments-api-v1%252520ibank-accounts-api-v1%252520ibank-proxy-api-v1%25&ref=https%3A%2F%2Fwww.nbg.gr%2F&tiba=NBG%20i-bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd2bd0ba3f57fe5bd4c1ced004055468cc0b83cd23bb6bac6caaec7cabc47043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1278
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 31ms
7ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 04 Mar 2022 12:52:52 GMT

GET
H2 200 login-logo.el.png
ibank.nbg.gr/identity/Content/images/logos/light/ 26 KB
26 KB 63ms
62ms Image
image/png 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank.nbg.gr/identity/Content/images/logos/light/login-logo.el.png

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

Resource Hash

909457e7d2ab71d52c2fa3386917fee5031be62e179b01804940a6cc9f5d61ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
last-modified: Tue, 06 Jul 2021 08:35:48 GMT
accept-ranges: bytes
etag: "22b4e1eb4172d71:0"
content-length: 26907
strict-transport-security: max-age=31536000
content-type: image/png

GET
H2 200 c003107e
d21y75miwcfqoq.cloudfront.net/ 68 B
436 B 651ms
632ms Image
image/png 2600:9000:2250:7c00:1b:ef38:3680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d21y75miwcfqoq.cloudfront.net/c003107e
Requested by: Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7c00:1b:ef38:3680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Mar 2022 12:11:42 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
last-modified: Wed, 09 Dec 2020 14:53:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "91e42db1c66c0b276abf6234dc50b2eb"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 68
x-amz-cf-id: M_yogZPzSJvM8RJWPFhtuvT57djpTJm4Spglug2zbDH-AODEt6AQhA==

GET
H/1.1 404
Not Found polyfills.ca526fce9e30c290bc50.js
spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/dist/ 0
0 317ms
317ms Script
text/html 104.243.35.42
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/dist/polyfills.ca526fce9e30c290bc50.js
Requested by: Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.35.42 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: kcic.crystalsystemssolutions.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:11:40 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://spirulinabyeserianifarm.co.ke/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found vendor.ca526fce9e30c290bc50.js
spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/dist/ 0
0 513ms
338ms Script
text/html 104.243.35.42
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/dist/vendor.ca526fce9e30c290bc50.js
Requested by: Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.35.42 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: kcic.crystalsystemssolutions.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:11:41 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://spirulinabyeserianifarm.co.ke/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found app.ca526fce9e30c290bc50.js
spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/dist/ 0
0 504ms
330ms Script
text/html 104.243.35.42
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/dist/app.ca526fce9e30c290bc50.js
Requested by: Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.35.42 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: kcic.crystalsystemssolutions.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:11:41 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://spirulinabyeserianifarm.co.ke/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 31ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15851"
vary: Accept-Encoding
x-hw: 1646395900.dop233.fr8.t,1646395900.cds218.fr8.hn,1646395900.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 404
Not Found SHEB
spirulinabyeserianifarm.co.ke/bQ6G/l6YQ/eZ/0HhM/_mQQ/N5i1hGNz5N/Dmt0/YSYjVklb/ 0
0 494ms
318ms Script
text/html 104.243.35.42
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://spirulinabyeserianifarm.co.ke/bQ6G/l6YQ/eZ/0HhM/_mQQ/N5i1hGNz5N/Dmt0/YSYjVklb/SHEB
Requested by: Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.35.42 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: kcic.crystalsystemssolutions.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 12:11:41 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://spirulinabyeserianifarm.co.ke/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 jquery.cookiebar.js Show response
www.nbg.gr/Style%20Library/js/ 9 KB
3 KB 160ms
158ms Script
application/x-javascript 2606:4700::6812:1ac2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbg.gr/Style%20Library/js/jquery.cookiebar.js?rev=240519

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ac2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

32ee55428b14817e64dc0dd6fcc14b628dad6f663359027b553680de06046d13

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: https: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 23 Apr 2020 14:43:22 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"0215a897d19d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=300
content-security-policy: default-src 'self' data: https: 'unsafe-eval' 'unsafe-inline'; img-src * 'self' data: https:;
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 6e6a840cce38020d-ZRH
expires: Fri, 04 Mar 2022 12:16:41 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 36ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:01:50 GMT
x-content-type-options: nosniff
age: 590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 04 Mar 2023 12:01:50 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/670112929/ 42 B
548 B 45ms
20ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/670112929/?random=1636058035780&cv=9&fst=1636056000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1536&u_ah=984&u_aw=1536&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaar0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fibank.nbg.gr%2Fidentity%2Flogin%3FReturnUrl%3Dhttps%3A%252F%252Fibank.nbg.gr%252Fidentity%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D48423927-4F90-46A4-9F41-63A0B3114A92%2526redirect_uri%253Dhttps%25253A%25252F%25252Fibank.nbg.gr%25252Fweb%25252F%2526response_mode%253Dform_post%2526response_type%253Dcode%252520id_token%2526scope%253Dopenid%252520role%252520ibank_profile%252520ibank-cards-api-v1%252520ibank-loans-api-v1%252520ibank-profile-api-v1%252520ibank-go4more-api-v1%252520ibank-billpayments-api-v1%252520ibank-accounts-api-v1%252520ibank-proxy-api-v1%25&ref=https%3A%2F%2Fwww.nbg.gr%2F&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=1325811221&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/670112929/ 42 B
548 B 44ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/670112929/?random=1636058035780&cv=9&fst=1636056000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1536&u_ah=984&u_aw=1536&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaar0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fibank.nbg.gr%2Fidentity%2Flogin%3FReturnUrl%3Dhttps%3A%252F%252Fibank.nbg.gr%252Fidentity%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D48423927-4F90-46A4-9F41-63A0B3114A92%2526redirect_uri%253Dhttps%25253A%25252F%25252Fibank.nbg.gr%25252Fweb%25252F%2526response_mode%253Dform_post%2526response_type%253Dcode%252520id_token%2526scope%253Dopenid%252520role%252520ibank_profile%252520ibank-cards-api-v1%252520ibank-loans-api-v1%252520ibank-profile-api-v1%252520ibank-go4more-api-v1%252520ibank-billpayments-api-v1%252520ibank-accounts-api-v1%252520ibank-proxy-api-v1%25&ref=https%3A%2F%2Fwww.nbg.gr%2F&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=1325811221&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/670113652/ 42 B
108 B 35ms
20ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/670113652/?random=1636058035786&cv=9&fst=1636056000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1536&u_ah=984&u_aw=1536&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&gtm=2oab31&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fibank.nbg.gr%2Fidentity%2Flogin%3FReturnUrl%3Dhttps%3A%252F%252Fibank.nbg.gr%252Fidentity%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D48423927-4F90-46A4-9F41-63A0B3114A92%2526redirect_uri%253Dhttps%25253A%25252F%25252Fibank.nbg.gr%25252Fweb%25252F%2526response_mode%253Dform_post%2526response_type%253Dcode%252520id_token%2526scope%253Dopenid%252520role%252520ibank_profile%252520ibank-cards-api-v1%252520ibank-loans-api-v1%252520ibank-profile-api-v1%252520ibank-go4more-api-v1%252520ibank-billpayments-api-v1%252520ibank-accounts-api-v1%252520ibank-proxy-api-v1%25&ref=https%3A%2F%2Fwww.nbg.gr%2F&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=1279655205&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/670113652/ 42 B
108 B 21ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/670113652/?random=1636058035786&cv=9&fst=1636056000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1536&u_ah=984&u_aw=1536&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&gtm=2oab31&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fibank.nbg.gr%2Fidentity%2Flogin%3FReturnUrl%3Dhttps%3A%252F%252Fibank.nbg.gr%252Fidentity%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D48423927-4F90-46A4-9F41-63A0B3114A92%2526redirect_uri%253Dhttps%25253A%25252F%25252Fibank.nbg.gr%25252Fweb%25252F%2526response_mode%253Dform_post%2526response_type%253Dcode%252520id_token%2526scope%253Dopenid%252520role%252520ibank_profile%252520ibank-cards-api-v1%252520ibank-loans-api-v1%252520ibank-profile-api-v1%252520ibank-go4more-api-v1%252520ibank-billpayments-api-v1%252520ibank-accounts-api-v1%252520ibank-proxy-api-v1%25&ref=https%3A%2F%2Fwww.nbg.gr%2F&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=1279655205&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/672837021/ 42 B
108 B 20ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/672837021/?random=1636058035790&cv=9&fst=1636056000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1536&u_ah=984&u_aw=1536&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaar0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fibank.nbg.gr%2Fidentity%2Flogin%3FReturnUrl%3Dhttps%3A%252F%252Fibank.nbg.gr%252Fidentity%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D48423927-4F90-46A4-9F41-63A0B3114A92%2526redirect_uri%253Dhttps%25253A%25252F%25252Fibank.nbg.gr%25252Fweb%25252F%2526response_mode%253Dform_post%2526response_type%253Dcode%252520id_token%2526scope%253Dopenid%252520role%252520ibank_profile%252520ibank-cards-api-v1%252520ibank-loans-api-v1%252520ibank-profile-api-v1%252520ibank-go4more-api-v1%252520ibank-billpayments-api-v1%252520ibank-accounts-api-v1%252520ibank-proxy-api-v1%25&ref=https%3A%2F%2Fwww.nbg.gr%2F&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=2272781611&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/672837021/ 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/672837021/?random=1636058035790&cv=9&fst=1636056000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1536&u_ah=984&u_aw=1536&u_cd=24&u_his=1&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaar0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fibank.nbg.gr%2Fidentity%2Flogin%3FReturnUrl%3Dhttps%3A%252F%252Fibank.nbg.gr%252Fidentity%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253D48423927-4F90-46A4-9F41-63A0B3114A92%2526redirect_uri%253Dhttps%25253A%25252F%25252Fibank.nbg.gr%25252Fweb%25252F%2526response_mode%253Dform_post%2526response_type%253Dcode%252520id_token%2526scope%253Dopenid%252520role%252520ibank_profile%252520ibank-cards-api-v1%252520ibank-loans-api-v1%252520ibank-profile-api-v1%252520ibank-go4more-api-v1%252520ibank-billpayments-api-v1%252520ibank-accounts-api-v1%252520ibank-proxy-api-v1%25&ref=https%3A%2F%2Fwww.nbg.gr%2F&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=2272781611&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 new-login-big.66c1b00b0c38dbef35ad2235cc7203a2.jpg
ibank.nbg.gr/identity/dist/images/ 87 KB
87 KB 85ms
84ms Image
image/jpeg 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank.nbg.gr/identity/dist/images/new-login-big.66c1b00b0c38dbef35ad2235cc7203a2.jpg

Requested by

Host: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

Resource Hash

b6a641e96d081785173e64c24b36a0b3828c2b4ca65c82b872edcd0a5a3eb4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
last-modified: Tue, 05 Oct 2021 12:58:57 GMT
accept-ranges: bytes
etag: "e41991c2e8b9d71:0"
content-length: 88880
strict-transport-security: max-age=31536000
content-type: image/jpeg

GET
H2 200 help-faq.09d363d89aba54167e4e163aef23d5bd.svg
ibank.nbg.gr/identity/dist/icons/ 2 KB
1 KB 113ms
113ms Image
image/svg+xml 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank.nbg.gr/identity/dist/icons/help-faq.09d363d89aba54167e4e163aef23d5bd.svg

Requested by

Host: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

Resource Hash

161761d367e7686d40033c1a0daeb88006e9e90b676c3e1368362748a2791fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 12:58:57 GMT
etag: "c07d90c2e8b9d71:0"
vary: Accept-Encoding
content-type: image/svg+xml
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1172

GET
H2 200 fb.ab304d17b9496bc6b935c4432936bd0c.svg
ibank.nbg.gr/identity/dist/icons/ 1 KB
691 B 118ms
118ms Image
image/svg+xml 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank.nbg.gr/identity/dist/icons/fb.ab304d17b9496bc6b935c4432936bd0c.svg

Requested by

Host: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

Resource Hash

ab9872644e58c312c6c45df79fd68e005b03423385801e0689d96cadbd0620bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 12:58:57 GMT
etag: "0a590c2e8b9d71:0"
vary: Accept-Encoding
content-type: image/svg+xml
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 531

GET
H2 200 twitter.82ce7df40056fcadd0606296fd2fd6cc.svg
ibank.nbg.gr/identity/dist/icons/ 2 KB
1 KB 115ms
115ms Image
image/svg+xml 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank.nbg.gr/identity/dist/icons/twitter.82ce7df40056fcadd0606296fd2fd6cc.svg

Requested by

Host: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

Resource Hash

a2f2447ea2c696232412fb46b12c8344dc93740b712a8689d324031e0428beb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 12:58:57 GMT
etag: "dcc90c2e8b9d71:0"
vary: Accept-Encoding
content-type: image/svg+xml
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1035

GET
H2 200 youtube.487fffeb171ea4b2b655013e3d76a6a7.svg
ibank.nbg.gr/identity/dist/icons/ 3 KB
1 KB 116ms
115ms Image
image/svg+xml 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank.nbg.gr/identity/dist/icons/youtube.487fffeb171ea4b2b655013e3d76a6a7.svg

Requested by

Host: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

Resource Hash

91dc715405d0bb25103890b512621749faeacf1fb13299fbda4eac81f15e7cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 12:58:57 GMT
etag: "dcc90c2e8b9d71:0"
vary: Accept-Encoding
content-type: image/svg+xml
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1361

GET
H2 200 linkedin.8d26e4a4e8edd5cb6c5ce18076102dc3.svg
ibank.nbg.gr/identity/dist/icons/ 2 KB
1 KB 122ms
122ms Image
image/svg+xml 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank.nbg.gr/identity/dist/icons/linkedin.8d26e4a4e8edd5cb6c5ce18076102dc3.svg

Requested by

Host: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

Resource Hash

724be1d544d3f4044e97e8e515f23c0f33f08e96e421021c6729947e62f10642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 12:58:57 GMT
etag: "0a590c2e8b9d71:0"
vary: Accept-Encoding
content-type: image/svg+xml
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 872

GET
H2 200 email.58449ee1338aaa0ed3b91944e1c7812c.svg
ibank.nbg.gr/identity/dist/icons/ 1 KB
763 B 125ms
124ms Image
image/svg+xml 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ibank.nbg.gr/identity/dist/icons/email.58449ee1338aaa0ed3b91944e1c7812c.svg

Requested by

Host: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

Resource Hash

1615a6f2e08b5edf2b9756ce02bf0e4be6b83860951c4beb9f1b4c0c39886be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ibank.nbg.gr/identity/dist/style.ca526fce9e30c290bc50.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 12:58:57 GMT
etag: "0a590c2e8b9d71:0"
vary: Accept-Encoding
content-type: image/svg+xml
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 603

GET ibredesign.f0ceac6f3471ca7186d40de1d3e2f374.woff
ibank.nbg.gr/identity/dist/images/ 0
0

GET PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
ibank.nbg.gr/identity/dist/images/ 0
0

GET PFDinDisplayPro-Medium.61e7fd90675f0eb31beed62b660edde2.woff2
ibank.nbg.gr/identity/dist/images/ 0
0

GET PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2
ibank.nbg.gr/identity/dist/images/ 0
0

GET
H2 200 669086076924105 Show response
connect.facebook.net/signals/config/ 41 KB
11 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/669086076924105?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a3a388f8e9f02dc7532363cf9744e7dc4ef8fd29e0e3fb83f2344f44e57bf01

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10803
x-xss-protection: 0
pragma: public
x-fb-debug: wIlkgneU+syOjE5iO8stObggHN40ZnEzj8F5SSrUu86Du5+4gKPqBCC0/f75aAuQyBjqlpqKFaFKMamr7l95DA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 04 Mar 2022 12:11:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 25ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=669086076924105&ev=PageView&dl=https%3A%2F%2Fspirulinabyeserianifarm.co.ke%2Fwp-content%2FmynbgGR%2Fc3395dd46c34fa7fd8d729d8cf88b7a8%2Fcode.htm&rl=&if=false&ts=1646395900954&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=28&fbp=fb.2.1646395900952.1537892389&it=1646395900941&coo=false&rqm=GET

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 04 Mar 2022 12:11:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 36ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-672837021&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-670112929&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73d0826be5dbaf1013f0b3fe1a44fd60ac023184ed535f37e18fb8dfae5dbca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40078
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:11:41 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/672837021/ 2 KB
1 KB 62ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/672837021/?random=1646395901033&cv=9&fst=1646395901033&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspirulinabyeserianifarm.co.ke%2Fwp-content%2FmynbgGR%2Fc3395dd46c34fa7fd8d729d8cf88b7a8%2Fcode.htm&tiba=NBG%20i-bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e4c5118c3f41d31a93f473956c2186b555cf25a14b41bc4b557f5baf64a43e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/670112929/ 2 KB
1 KB 41ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/670112929/?random=1646395901037&cv=9&fst=1646395901037&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspirulinabyeserianifarm.co.ke%2Fwp-content%2FmynbgGR%2Fc3395dd46c34fa7fd8d729d8cf88b7a8%2Fcode.htm&tiba=NBG%20i-bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0efb545c10cd190989753dbfeda35477e24b768e83eeacbf8a10af9926bd51ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/670113652/ 2 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/670113652/?random=1646395901041&cv=9&fst=1646395901041&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspirulinabyeserianifarm.co.ke%2Fwp-content%2FmynbgGR%2Fc3395dd46c34fa7fd8d729d8cf88b7a8%2Fcode.htm&tiba=NBG%20i-bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9690cdf2348c2744a3396851ea8b71a30e4c5d08ec5d1aa6df4ffca3b6fbff62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ibredesign.03777dd56efa224a89ad69d10fad3aab.ttf
ibank.nbg.gr/identity/dist/images/ 0
0

GET PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff
ibank.nbg.gr/identity/dist/images/ 0
0

GET PFDinDisplayPro-Medium.3ff30429317b30c83e51bb3917dcd746.woff
ibank.nbg.gr/identity/dist/images/ 0
0

GET PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff
ibank.nbg.gr/identity/dist/images/ 0
0

GET
H3 200 /
www.google.com/pagead/1p-user-list/670113652/ 42 B
64 B 40ms
21ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/670113652/?random=1646395901041&cv=9&fst=1646395200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspirulinabyeserianifarm.co.ke%2Fwp-content%2FmynbgGR%2Fc3395dd46c34fa7fd8d729d8cf88b7a8%2Fcode.htm&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=3308221067&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/670113652/ 42 B
64 B 38ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/670113652/?random=1646395901041&cv=9&fst=1646395200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspirulinabyeserianifarm.co.ke%2Fwp-content%2FmynbgGR%2Fc3395dd46c34fa7fd8d729d8cf88b7a8%2Fcode.htm&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=3308221067&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/670112929/ 42 B
64 B 37ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/670112929/?random=1646395901037&cv=9&fst=1646395200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspirulinabyeserianifarm.co.ke%2Fwp-content%2FmynbgGR%2Fc3395dd46c34fa7fd8d729d8cf88b7a8%2Fcode.htm&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=1945070730&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/670112929/ 42 B
64 B 39ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/670112929/?random=1646395901037&cv=9&fst=1646395200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspirulinabyeserianifarm.co.ke%2Fwp-content%2FmynbgGR%2Fc3395dd46c34fa7fd8d729d8cf88b7a8%2Fcode.htm&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=1945070730&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/672837021/ 42 B
64 B 34ms
24ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/672837021/?random=1646395901033&cv=9&fst=1646395200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspirulinabyeserianifarm.co.ke%2Fwp-content%2FmynbgGR%2Fc3395dd46c34fa7fd8d729d8cf88b7a8%2Fcode.htm&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=1422890981&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/672837021/ 42 B
64 B 29ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/672837021/?random=1646395901033&cv=9&fst=1646395200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fspirulinabyeserianifarm.co.ke%2Fwp-content%2FmynbgGR%2Fc3395dd46c34fa7fd8d729d8cf88b7a8%2Fcode.htm&tiba=NBG%20i-bank&async=1&fmt=3&is_vtc=1&random=1422890981&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: spirulinabyeserianifarm.co.ke
URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spirulinabyeserianifarm.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 12:11:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 22ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:05:27 GMT
x-content-type-options: nosniff
age: 3974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 04 Mar 2023 11:05:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/images/ibredesign.f0ceac6f3471ca7186d40de1d3e2f374.woff

Domain: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2

Domain: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Medium.61e7fd90675f0eb31beed62b660edde2.woff2

Domain: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2

Domain: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/images/ibredesign.03777dd56efa224a89ad69d10fad3aab.ttf

Domain: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff

Domain: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Medium.3ff30429317b30c83e51bb3917dcd746.woff

Domain: ibank.nbg.gr
URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: National Bank of Greece (Banking)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.spirulinabyeserianifarm.co.ke/	1970-01-20 03:29:31	Name: _fbp Value: fb.2.1646395900952.1537892389
.facebook.com/	1970-01-20 03:29:31	Name: fr Value: 0jMj0XMSYFg9hnBRW..BiIgH8...1.0.BiIgH8.
.spirulinabyeserianifarm.co.ke/	1970-01-20 03:29:31	Name: _gcl_au Value: 1.1.487368683.1646395901
.doubleclick.net/	1970-01-20 10:41:31	Name: IDE Value: AHWqTUnm0ooQS2TIfmHqBUaWyns7RJ0bSQDlN3wFFVmJYaFqplg8za3aPN8Gf8Qn

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ibank.nbg.gr/akam/11/19ae83df Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm Message: Access to font at 'https://ibank.nbg.gr/identity/dist/images/ibredesign.f0ceac6f3471ca7186d40de1d3e2f374.woff' from origin 'https://spirulinabyeserianifarm.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ibank.nbg.gr/identity/dist/images/ibredesign.f0ceac6f3471ca7186d40de1d3e2f374.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/dist/polyfills.ca526fce9e30c290bc50.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm Message: Access to font at 'https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2' from origin 'https://spirulinabyeserianifarm.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm Message: Access to font at 'https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Medium.61e7fd90675f0eb31beed62b660edde2.woff2' from origin 'https://spirulinabyeserianifarm.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Medium.61e7fd90675f0eb31beed62b660edde2.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm Message: Access to font at 'https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2' from origin 'https://spirulinabyeserianifarm.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm Message: Access to font at 'https://ibank.nbg.gr/identity/dist/images/ibredesign.03777dd56efa224a89ad69d10fad3aab.ttf' from origin 'https://spirulinabyeserianifarm.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ibank.nbg.gr/identity/dist/images/ibredesign.03777dd56efa224a89ad69d10fad3aab.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm Message: Access to font at 'https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff' from origin 'https://spirulinabyeserianifarm.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm Message: Access to font at 'https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Medium.3ff30429317b30c83e51bb3917dcd746.woff' from origin 'https://spirulinabyeserianifarm.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Medium.3ff30429317b30c83e51bb3917dcd746.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/code.htm Message: Access to font at 'https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff' from origin 'https://spirulinabyeserianifarm.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ibank.nbg.gr/identity/dist/images/PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://spirulinabyeserianifarm.co.ke/bQ6G/l6YQ/eZ/0HhM/_mQQ/N5i1hGNz5N/Dmt0/YSYjVklb/SHEB Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/dist/app.ca526fce9e30c290bc50.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://spirulinabyeserianifarm.co.ke/wp-content/mynbgGR/c3395dd46c34fa7fd8d729d8cf88b7a8/dist/vendor.ca526fce9e30c290bc50.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
connect.facebook.net
d21y75miwcfqoq.cloudfront.net
googleads.g.doubleclick.net
ibank.nbg.gr
spirulinabyeserianifarm.co.ke
translate.googleapis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.nbg.gr
ibank.nbg.gr
104.243.35.42
142.250.185.194
2.16.186.248
2001:4de0:ac18::1:a:3a
2600:9000:2250:7c00:1b:ef38:3680:21
2606:4700::6812:1ac2
2a00:1450:4001:808::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2004
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0efb545c10cd190989753dbfeda35477e24b768e83eeacbf8a10af9926bd51ad
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1615a6f2e08b5edf2b9756ce02bf0e4be6b83860951c4beb9f1b4c0c39886be1
161761d367e7686d40033c1a0daeb88006e9e90b676c3e1368362748a2791fda
19df7680322f127251b8b1a18a4a44c9948207b3861bf574b337a2eca41ec6d8
1e4c5118c3f41d31a93f473956c2186b555cf25a14b41bc4b557f5baf64a43e5
32ee55428b14817e64dc0dd6fcc14b628dad6f663359027b553680de06046d13
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
724be1d544d3f4044e97e8e515f23c0f33f08e96e421021c6729947e62f10642
73d0826be5dbaf1013f0b3fe1a44fd60ac023184ed535f37e18fb8dfae5dbca5
835b935e80c09bd7f9376f7f9600f5eb3da83cbf740e9f919e67d9d62f9924f3
909457e7d2ab71d52c2fa3386917fee5031be62e179b01804940a6cc9f5d61ac
91dc715405d0bb25103890b512621749faeacf1fb13299fbda4eac81f15e7cab
9690cdf2348c2744a3396851ea8b71a30e4c5d08ec5d1aa6df4ffca3b6fbff62
997ff25d876d6f95f55944b14cb8b4d8793aa351f77b36dd2475cdcb67ddc94d
9a3a388f8e9f02dc7532363cf9744e7dc4ef8fd29e0e3fb83f2344f44e57bf01
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f2447ea2c696232412fb46b12c8344dc93740b712a8689d324031e0428beb2
ab9872644e58c312c6c45df79fd68e005b03423385801e0689d96cadbd0620bb
aba55c1d024641781cb8fdb7a2ebd290c450c3fd1911045bfde41158431e0071
b6a641e96d081785173e64c24b36a0b3828c2b4ca65c82b872edcd0a5a3eb4b3
bd2bd0ba3f57fe5bd4c1ced004055468cc0b83cd23bb6bac6caaec7cabc47043
be5a0b165162285919707892ac410a70ac0e819a4f1e1a7aa0aea928d7af77fc
c3a8bebb62584375a3c98dcc024f1c0365078079580a500a3c52fb2893d509ad
cf0fbc6918afe8501e0c964d882b8e211af7ebaeb69133a393fe1bde3172e8d3
e8493074818e846b7359d2a74998d2fce7f6041ea58bfe16c27e1654ea96504e
eac97e6040eeb62a4997bcbf5fe48801c0a89b4dfcc5481e1453bee2218cd026
ecbc63cd39546b63bde1c65216e26cc6ca157e3e1e4d0c7b3a06d922fdb5131e
edaabf9e4e2d951fa3b86aca4c4071301814af1e1542d3f0ef2d51df94cbe154
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

spirulinabyeserianifarm.co.ke Open in urlscan Pro 104.243.35.42 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

87 %HTTPS

80 %IPv6

14 Domains

15 Subdomains

16 IPs

3 Countries

552 kBTransfer

1352 kBSize

4 Cookies

6 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

spirulinabyeserianifarm.co.ke Open in urlscan Pro
104.243.35.42 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

87 %
HTTPS

80 %
IPv6

14
Domains

15
Subdomains

16
IPs

3
Countries

552 kB
Transfer

1352 kB
Size

4
Cookies

60 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!