r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13646
Expires: Thu, 19 Jan 2023 06:13:42 GMT
Date: Thu, 19 Jan 2023 02:26:16 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2640
Expires: Thu, 19 Jan 2023 03:10:16 GMT
Date: Thu, 19 Jan 2023 02:26:16 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7afaa97fbfa9baa1485c892eac8e114d
8c17c707c218e28ac14197ce8e5eef873207a732
59db16baacb452453dbf44fc2a24f25ab09c4dbaec3a9271fda84230d8f11925
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59DB16BAACB452453DBF44FC2A24F25AB09C4DBAEC3A9271FDA84230D8F11925"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12803
Expires: Thu, 19 Jan 2023 05:59:39 GMT
Date: Thu, 19 Jan 2023 02:26:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 01:49:24 GMT
content-type: application/json
age: 2212
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BhjwW1aXnTdNGBE7WUcpJHFArebZ/6ihNFLJr519Y9IBHQ4uJoQrDJCBy2y3spGRaO7xz/5kCLM=
x-amz-request-id: 021DVMZC04ZA50YV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 01:56:54 GMT
age: 1762
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:26:16 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 02:17:25 GMT
age: 531
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.saha-banks.com/money-transfer-without-a-bank-account/
172.67.213.3200 OK 26 kB URL HTTP/1.1 www.saha-banks.com/money-transfer-without-a-bank-account/
IP 172.67.213.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 946a8a329de95958d286385af7696219
b76ee5d0595d70d3ac1a8aed7f48c84b410f3cf1
b03342696896e35d14458d8ab83fc6bf23e663e31ebb6162cf8631cc19e16c30
Analyzer Verdict Alert fortinet Phishing
GET /money-transfer-without-a-bank-account/ HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://www.saha-banks.com/wp-json/>; rel="https://api.w.org/", <https://www.saha-banks.com/wp-json/wp/v2/posts/5577>; rel="alternate"; type="application/json", <https://www.saha-banks.com/?p=5577>; rel=shortlink
Cache-Control: max-age=7200
Expires: Thu, 19 Jan 2023 04:26:16 GMT
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6OxBsKeSFdUh%2FxJ93%2FaxDJBuvewzR4tJgdHt1qbONyI1Ef7kWiM9OtNKb%2Bf0wJmclbx7oKhC%2BTwGOxXwVlGkeiZFyxbrcCexWjDjx8x4PL8CCEhVxntzY58V1T4omgksqPd6OY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fe39fac0b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
142.250.74.40302 Found 253 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
IP 142.250.74.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 68bdd82de0620e0f2ae5f2728b4a3ac6
8e6426bc586031e43cb0a17a917e3d225d3aee1e
4e913112163e1abb8c2a9e485ae0acf4456e36c598e52f8d53bc63aeb2d6e7a9
GET /gtag/js?id=G-MNTK4YVF83 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 253
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 79af32d8e279b4cfec147ab51cb6fcb3
d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6
bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3103
Cache-Control: max-age=113534
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:17 GMT
Etag: "63c7b6a8-1d7"
Expires: Fri, 20 Jan 2023 09:58:31 GMT
Last-Modified: Wed, 18 Jan 2023 09:06:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 783c01fa14ade2316e22ead869b3dbf8
71e20a947b3a9e10cb2bf046e2ca3da294d97f70
9b0aee93ad83dd0c14a106a2514b86ab950b2fc679596fd621841242b5c7e95c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
142.250.74.40200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
IP 142.250.74.40:0
File type ASCII text, with very long lines (21956)
Hash f4221209fac4aeccfc51fd9431d59e94
61467bb37566a6a2a4e766edb8a2794284b658a1
2af445a4b10379ebe5dc60e45c746b2ebceb10cc1fffe4e2878d9ca4a31830c4
GET /gtag/js?id=G-MNTK4YVF83 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.saha-banks.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Jan 2023 02:26:17 GMT
expires: Thu, 19 Jan 2023 02:26:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 783c01fa14ade2316e22ead869b3dbf8
71e20a947b3a9e10cb2bf046e2ca3da294d97f70
9b0aee93ad83dd0c14a106a2514b86ab950b2fc679596fd621841242b5c7e95c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saha-banks.com/wp-includes/css/classic-themes.min.css?ver=1
172.67.213.3200 OK 189 B URL HTTP/1.1 www.saha-banks.com/wp-includes/css/classic-themes.min.css?ver=1
IP 172.67.213.3:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/css
Content-Length: 189
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:13 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFsIhRQE7JKmiw%2BtijTutOzErX05rtXhyCQUcWnsPHu4dEFH1maYMGZOFdyasbZmAs0ddH6N1ydf904X75xVqPAqybmgzAmdOMjyRlc1Ulrpz3satsoAhwKkzgvcu4QqqODa1Dg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fe88be10b55-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212
172.67.213.3200 OK 458 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212
IP 172.67.213.3:0
File type ASCII text, with very long lines (1156), with no line terminators
Hash 0700905b705f44f6bef08b2726874c21
99ad11afd1a04122f39a2a05aea5b60ff9dbb812
af2c2830705f77b6784a2635b3cadb5772c025de8f878ad14abab0feb1e81925
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/css
Content-Length: 458
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:26:49 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqY8nzgYAnXZdAdsQnG1G6ahJfaBPiLIB5zqIYYaYAZ2LJ0o9aAJY7Ns6k2kIXer2pJLDSRPInQyTpmdgYYggSZ0ZtkObHQ27M8pTdI0UCmSzgDzIt4Lc0wImhJggTgLebbcxLo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fe88f14b505-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1
172.67.213.3200 OK 12 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (42000)
Hash 5c15986a7f6f7c940ea94de8a0b79fae
32a30e717b4aaba9d4d0325d00c0cad154cb8639
20a931a1c53300760bc2cacfcaea3b877b08053a72998b45f216061c27617e40
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/css
Content-Length: 12209
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sc5jgmBgyvRG%2BfPhGQ4P%2FDkFLOaxeAgGFHFcwhb%2ByR0qoWzFigg78VXdgsc8LBMegEYx2FFotUPNHeHmi%2BhubKgOy2vvOL6EE7uEh3HNxzFI9l5n7y3jfY5Dd4QMkbOpj7XJ7WE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fe88ae2b515-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
34.216.94.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.94.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HYhIGoxyxgWEUOSMV/7Z2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KzPZQ3CjFaceezdNGrZ4UyG+wFA=
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash aaead2137bb51645532d319e016eadd9
69f67e9188c2cb23964c4d5d19e5a876dc6a5eb8
48fb6596bd570bdee84d79f3fb8ac4e209b447a3a84fea1825374db7ab1a0f25
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 409 Conflict
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0zlUNNEs%2B9j25DsdtYZfNRi3A%2Fr7s6C3DtpEOyl7B50bXXWCIz7ThXfYf3p7Ws1HITU8%2FJxc%2B4xlhyTjY2N16LvIy7wwLz15n0Nk9SWn%2FeZtK%2F3074l7iV4lbrB29chw1Qxu%2Bs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc1fe88f57b4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash 607cc8d70f909d1161655558f9ac899f
dc01931e68355f7c63a1aaa4e8b2181d2c78ea5a
a59e8174e4727015a1fff746d5005c6cf08e90228eeb8e98a91409afd33b0fe3
GET /wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 409 Conflict
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkzQHbrojjDFhoFCrDoaqL%2BExuSDujv2ZOFlDFCDZ5f5D1GdItWJenYNPHjLcAFF99K%2FtzvsR1ZHWcfkEN5BFYE4u%2Ft94RuSiAAR0bzDUr303hXHFUabUXiEwir%2B2XwGq05d%2B%2Fo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc1fe88d74b50b-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1
172.67.213.3200 OK 18 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 28f05939dea4edca059c244cc702bfda
7e40e0235f2f7bc4d9f95dfa3f1773de320c3b28
369b0dca347d53e862ff6a7971f1a7d175648b13027e56c1d397d5e8266481a6
GET /wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 20:34:09 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Coi4j%2FG0A1BtCwjb4AqNv0%2BYJQk1HuJlryJ6rpk%2BL7Baww3MePFDx85Pu6z242F%2BOExi5i2lq1NDJmhAgqT4TeQEutMrXBOM3mt9hHxqhu%2B4Cg%2BuBaHlfsiRu1s7x5oycESmN6o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fe889460b39-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1
172.67.213.3200 OK 12 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (47525)
Hash 1a49f64a9824ac7858e559a933e9eccf
caa8b49e61974a81da01a9032393216a05995810
175a7a8805e51048305f212a6f54319606a725044a229190262511468e569a81
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/css
Content-Length: 12354
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiQIwIxF9EOlAPx7KUhdnvITuOn33Zf9TAP8wY51zoLZeHpOnYo9sgX7clrcwu0cRF77T%2FAHYyJ%2BKyrLdMklQp%2FJYqCYH0ipJYUsDoNrmfBHW6eTTD5l8CQySN96EKsiVOFLxMU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1feaafe5b505-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
172.67.213.3200 OK 10 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (40185)
Hash 638ef4cc88b27674ebd9a1355c29c61f
8f532be7574576baa2c56ad1c6c2652296bf0c42
993f335862fede763c118e404999ce60f88e9b870ee07de9e6e1579f7e556df5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/css
Content-Length: 10255
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtMYvzNhXctQExJYF7HcsATtz3BBslLL2WZKzWNc8cIjjCYdaSfIAoJfPbFxI6gDdfQRt0HULusl2M1eSCqF%2FCsFv85yinq06A8KZ2GAcL36Mn8zDdoqCQ3XmLFD8LvpjMgJXq8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1feabbbbb515-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/uploads/2023/01/%D8%AA%D9%86%D8%B4%D9%8A%D8%B7-%D8%AD%D8%B3%D8%A7%D8%A8-%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-390x220.jpg
172.67.213.3200 OK 28 kB URL HTTP/2 www.saha-banks.com/wp-content/uploads/2023/01/%D8%AA%D9%86%D8%B4%D9%8A%D8%B7-%D8%AD%D8%B3%D8%A7%D8%A8-%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-390x220.jpg
IP 172.67.213.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 390x220, components 3\012- data
Hash a8a6f3ecea0558a7a160d427b3e19d67
8243acbb32ff2216eea33ca8f7569cc656e1f9e5
cde55b952fa0fda8fb3cba1e06f6f3f89445db7948bc4b885f46789c5a10cccd
GET /wp-content/uploads/2023/01/%D8%AA%D9%86%D8%B4%D9%8A%D8%B7-%D8%AD%D8%B3%D8%A7%D8%A8-%D8%A7%D9%84%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-390x220.jpg HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 02:26:17 GMT
content-type: image/jpeg
content-length: 28285
last-modified: Wed, 18 Jan 2023 11:14:26 GMT
cache-control: max-age=86400
expires: Fri, 20 Jan 2023 02:26:17 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSVBy0T%2FsIys1405p%2BpSKKMZufOX8f2owsj%2FqwXxqS4fvO6ctLxVLcSc9iZguZnihbmtuCCIdefU21Gk6WPTuCQjwHklMkT4ejLsqgzXM757kHPsQgFex10a%2F4jo%2Bjqzz%2Byu40U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bc1fe8ca7bb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.213.3200 OK 655 B URL HTTP/1.1 www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.213.3:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 13 Jan 2023 23:34:08 GMT
ETag: W/"63c1ea70-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXJohrLcjiKwTYsw8QrCuuoBLWnNJxw0Mtcqx6YXdxs%2FLxmGEqeaKyQWlBu6VzcjweOx1t5Ln5uPxib%2FK9NgeIZLfna9hnsCBLhEbQhPj23ZYAkiC4QRT%2FcPWZcL%2BquOmNUjdgU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc1fececa4b515-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sat, 21 Jan 2023 02:26:17 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.213.3200 OK 3.9 kB URL HTTP/1.1 www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.213.3:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 13 Jan 2023 23:34:08 GMT
ETag: W/"63c1ea70-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bF4ggm3gZinmO%2FwHAV6wS%2FoUkPGmKEbPYWuiuhgNKX%2Fu4Sv5fPTuo57dt53ixNAnsWFTNMwSpy3GP3%2Be10kjYvM1qcAzGiG6AqAUoC2c1rSaGT7%2BODTISC4MCEjrcwurwJgI4UE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc1fecfcaab515-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sat, 21 Jan 2023 02:26:17 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.saha-banks.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1
172.67.213.3200 OK 12 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (58661)
Hash 0913411c20bb983546f234d4685b40be
52b1104571de6fe046f0b76fece038bb06f7dcd4
1342814f0b2a66024a055e2037caab0bac8bdefe26a194d4a2605f13ab4cdc5f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/css
Content-Length: 12516
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8CWRvtzbwjh6snW5f8YWt2KZaSmRkIcnZBNrqsTV4DxmaKDNHwlissEtuCQB%2FWD5tkVIyz11mxKNsPz8TOzJnJGh6otppRa%2BZqu5eSUDyfUdcEDuTCWm5fJ9jAtmwM1Toyuvmg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1feb88ceb4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1
172.67.213.3200 OK 2.9 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (4936), with CRLF line terminators
Hash 11ef5282e4e1793227bcc1aff992219e
11990fef6eb1dcffffc40fb12f770a7aee21251c
c419b80ac34071cc030d0e26427de827a30f1d58b03e51f72d13126a7c11bb4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/css
Content-Length: 2928
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMuMsPbRTn0xiatIDUhcVAK5TNqnQBNogoXBfIjPFvoijBEmNB1mEcYBFikNSDxzhqy3sXEVn3z2txVWy%2BruLBXGbUupoWOdW%2FdFxcfvSziWJRIBQ5qtYlXZZf5Iq3MGpVxX7aY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1feb9eb3b50b-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1
172.67.213.3200 OK 13 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (46574)
Hash 54c898701c208d545bcba86cda4f31f6
bce6775632f3f76fbefa139b20ca6a563c242e03
24a761a2ec326cd6ac52be7e2b9fc11618a4db76eb28ad132cc331f1e9c58e6b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/css
Content-Length: 13233
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEr6LlY%2BkliS2FoJQ7UX1%2FVRMABf5XRsXERlmdwSOqRorlIViRoEfQznBmKb4%2BoyM0XQzNtkkABKJ7oabBEG0F0n9a7yE3TobGhUcPmw%2BmtwZYgeD0aZLjHwJDb597XkruBYgAY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1febba440b39-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1
172.67.213.3200 OK 40 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fd0cfb25ff8ba12d3d717f5a1cdd0b75
9f0509a79961728b5554633b4ead59392919002e
3720e4aa3059e4a23d21ab677d701392fdff1cb43ad037521daa8a1be5bccdc6
GET /wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHX0FLyrLkpUdSKAe6N3gmmyA6wzSZaCnCVcHAxwpv5qMqw%2B8mPDVsV7HyM2zLd4zbBDJ9Wg6EesVOjf5OXYev4%2FXk320Gbp0DFkLFoIu5bOK9weV6mcwmNI3MCmb2BQzCYXhgM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1feaac6a0b55-OSL
alt-svc: h2=":443"; ma=60
region1.google-analytics.com/g/collect?v=2&tid=G-MNTK4YVF83>m=2oe1i0&_p=1014467937&gdid=dZGIzZG&cid=941679977.1674095177&ul=en-us&sr=1280x1024&_s=1&sid=1674095177&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fmoney-transfer-without-a-bank-account%2F&dt=%D8%AA%D8%AD%D9%88%D9%8A%D9%84%20%D8%A7%D9%85%D9%88%D8%A7%D9%84%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AD%D8%B3%D8%A7%D8%A8%20%D8%A8%D9%86%D9%83%D9%8A%20%E2%80%93%20%D9%83%D9%8A%D9%81%20%D9%8A%D8%AA%D9%85%20%D8%AA%D8%AD%D9%88%D9%8A%D9%84%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D9%84%D8%BA%20%D8%A7%D9%84%D9%83%D8%A8%D9%8A%D8%B1%D8%A9%D8%9F%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-MNTK4YVF83>m=2oe1i0&_p=1014467937&gdid=dZGIzZG&cid=941679977.1674095177&ul=en-us&sr=1280x1024&_s=1&sid=1674095177&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fmoney-transfer-without-a-bank-account%2F&dt=%D8%AA%D8%AD%D9%88%D9%8A%D9%84%20%D8%A7%D9%85%D9%88%D8%A7%D9%84%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AD%D8%B3%D8%A7%D8%A8%20%D8%A8%D9%86%D9%83%D9%8A%20%E2%80%93%20%D9%83%D9%8A%D9%81%20%D9%8A%D8%AA%D9%85%20%D8%AA%D8%AD%D9%88%D9%8A%D9%84%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D9%84%D8%BA%20%D8%A7%D9%84%D9%83%D8%A8%D9%8A%D8%B1%D8%A9%D8%9F%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-MNTK4YVF83>m=2oe1i0&_p=1014467937&gdid=dZGIzZG&cid=941679977.1674095177&ul=en-us&sr=1280x1024&_s=1&sid=1674095177&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fmoney-transfer-without-a-bank-account%2F&dt=%D8%AA%D8%AD%D9%88%D9%8A%D9%84%20%D8%A7%D9%85%D9%88%D8%A7%D9%84%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AD%D8%B3%D8%A7%D8%A8%20%D8%A8%D9%86%D9%83%D9%8A%20%E2%80%93%20%D9%83%D9%8A%D9%81%20%D9%8A%D8%AA%D9%85%20%D8%AA%D8%AD%D9%88%D9%8A%D9%84%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D9%84%D8%BA%20%D8%A7%D9%84%D9%83%D8%A8%D9%8A%D8%B1%D8%A9%D8%9F%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.saha-banks.com
date: Thu, 19 Jan 2023 02:26:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saha-banks.com/wp-content/themes/jannah/rtl.css
172.67.213.3200 OK 10 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/rtl.css
IP 172.67.213.3:0
Hash c8916d805e401072c3e814c0b4893f9e
7245a0f7dcfdaca731de648bb9ebbf34942a3177
1ab7417c5db7f6730a2633765151f158893ac8c134a08d796a8930c5781a30bf
GET /wp-content/themes/jannah/rtl.css HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: text/css
Content-Length: 10111
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uce4A8eNxPNaDP7PwKeK0KcRZKFuyheEAUtSdtTVkyoVFjJZjQY7tUn%2FgOD75C%2B6L7MrSL%2F734i%2FPNCyWLmtnxqRnyV9sLef1TQjZ4r0%2Bhjr40sujr8clJSDJ4vQfgAC13%2FOpfw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fecd8d4b505-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415
142.250.74.66200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415
IP 142.250.74.66:0
File type ASCII text, with very long lines (4885)
Hash f1d3a18d0ec4b2a3b51a0eb5aff50cb8
41d6ca1bce5b9fffe9db36f0e651ea02f42bb0c9
06e8c806c4d9cbf2f5140c7eaa42c185dfd872606e1034fd44ecb852df1a404a
GET /pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Jan 2023 02:26:18 GMT
expires: Thu, 19 Jan 2023 02:26:18 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12300823638500990478
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474
142.250.74.66200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474
IP 142.250.74.66:0
File type ASCII text, with very long lines (4885)
Hash 129db4bf4ef973f80b7c84212a87184d
ca25064f45be74ce0ce8c251c5c8e35640e72856
c630098947bc7bc8e3ff7e145060017a137a85cbcf416498870be9053fd24815
GET /pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Jan 2023 02:26:18 GMT
expires: Thu, 19 Jan 2023 02:26:18 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16676968965292191618
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49389
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saha-banks.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1
172.67.213.3200 OK 6.8 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (18002)
Hash 08f3564fe02643f632af8db483079dec
fd5897658a57986b46a3dc88e2c6f129412f0e7b
f21a0152825b0609135e73a0077a3742c2add8eea66a6ba1167fbcdb5e0e0421
GET /wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: application/javascript
Content-Length: 6771
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bldUikdXwtojjC5ZgsvTHzQ7LU7MFDDj9rGZS9wN6Jsiz55sY%2FWzkB4K2e9KRp%2BjIHwcCeZSWeV%2FPgsqLzNsYebU3XNh7yZFfT59GT%2BBjQTAab7r0R%2BaSPIp8v4j0l1lQxjwK%2F0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fef3826b50b-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saha-banks.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
172.67.213.3200 OK 41 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP 172.67.213.3:0
File type Web Open Font Format, TrueType, length 40812, version 2.0\012- data
Hash b5b7e935f421e6ca7967b036fb08afd5
38a99c496548c5d2ee22c6df3b9dfd5081a73332
f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: font/woff
Content-Length: 40812
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAw3izgVV%2FyxmWrqZRLS37qFBDQRbeLS3kpT%2FwC70%2F1rAd%2F3iHd%2B5HAm4wfXvQBTymLe0yK866VZdcXbQU2H2IxA%2Buh6JbcQcLCSwVX8OmlKFvx%2B%2FRML1ASW4qKYNTy3yOiWioo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc1feefdc60b55-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/print.css?ver=6.0.1
172.67.213.3200 OK 702 B URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/print.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (1760)
Hash 8ea40413b0999dedb6605ebeb8bb610b
2a6428bdb0a9e53bab87ed5f8d2d1e5c015de9de
2ce6e8aeb208877c5e6c046177a7a739600417b7da2e747eea36d22ce722e8bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/print.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: text/css
Content-Length: 702
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmpUawfLMinU8Dl0duLKYEkuuTQeIHQA2ff%2BTA8V%2BuQmfgADW%2BAKuK%2FBwXjGLPY8MLMIHQ3MAPBnNtjeLtKMe0K8vhSlcad1tEnLb0UG959z0bg4c%2FJruy8GU5HCUn3Xe1rCBh0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fef1a8ab4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1
172.67.213.3200 OK 2.2 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1
IP 172.67.213.3:0
File type HTML document, ASCII text, with very long lines (5548)
Hash 54ee2458031284f8ff653682b1afcdd8
fec4e94be86f5fdb938f0048cbb977a84bd8f3dd
d65f2e5c8b694987dbfc42359cc5ea3092b7e878b67cec45ed5c353d5dc06771
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: application/javascript
Content-Length: 2194
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FNuhYGV2ii8M49XFodvu5%2BrqYfHwZ2GcZxvY0eC0N%2FDGIz515aNFpT%2BqPjdzd%2FVUj2gRZ9lyiSyHqM5p45HhDiAN2EgQaVVGP0PUewmhf%2Fx6%2FTLPCQ6n44n%2FvTN4PrGxjy0vcQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fef29fcb505-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1
172.67.213.3200 OK 5.8 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (13532)
Hash 9bf567f02589ecd685ea926901d1c3ae
ca48792eabbc9cd167bab26dc52728711ba5b3e0
6ba8506c5aac579499e3eb9022d0972ccd31199774b8e8a7e0e8629f46a13f64
GET /wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: application/javascript
Content-Length: 5752
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGLq2w95ERMFSkm7nL%2FpBZp8ZKmyBj%2F3GLFqw408L3jkqMOVab%2FG2DDwRxF9YWbCbh3XX9LQGvaHKhLwI0yRGBLAcFcqS0br9QdxGxhNUCisKnjoISM%2FvMONEx%2B3inpC%2BpWQKxc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fef2d7bb515-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash 074415472a105c09c48dc7c37cf487f9
c235d8cb039b82c977dff5f789dd0d46c7f0f9d5
5afcfbd58b31dbecebf1624101056db45cac607eddfa3bf314ff280ffad2e6c2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 409 Conflict
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjN934oIWYbkU%2BYtdLYzueER9hy%2Bdq%2BlBEfhCgUOSgyVZDgzhHtwBFkUih3j89zuoW5c58O77LzIq4OADqErQ6aVhxfCsssieSsxiX%2BLhUBrhryM0AVRMiTEj0O64UGtv1Cgy0U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc1ff13b5ab4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1
172.67.213.3200 OK 32 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (2026)
Hash 04c34bd00edeca5e9f0067d8de727263
8303c1c817ef8f2719dd26ff9ea7ab3fe878163d
a7ba5f9c7bb2a1eacaaf3d91ac38ed27ab66548379884936e7cc890834e351c9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hukCy0BlMoiQJ5SNftGrzT%2FE%2FkWGp6fw2rJuRanlcXGssYJ%2FeAoy3YXb6N3MvxVIjG1v024ZeqpcEe%2FtFMRo2cnFrawt0bdt6hRFcCWOLYLYW2j8RaQHRJlIrhgxhLujUGdZxF4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1fef3b890b39-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1
172.67.213.3200 OK 9.3 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1
IP 172.67.213.3:0
File type HTML document, ASCII text, with very long lines (23452)
Hash c71948baa7efc749b427fa84f76a17b9
906d046ea213beb93d6c02eb68bfb3cfa10edb48
3bbe2e1e4b4982f5e17d8fb150f0f45f2362122f5a845c3090cbb4153e5aa5d0
GET /wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: application/javascript
Content-Length: 9292
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGgtNCv0iwzDIwbdqkvCqu8%2BsBhnefsOLYcfCqlxDxDFH8nI4lCBLMgIuez078XwtUJq9pxdMczHu%2FAhOS6uwsiQYnFbLfVpZmOV%2BeoV9Fo7yXoY%2BYCIwOhUvUJNqmAOXTC8pp0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1ff04892b50b-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1674086400
172.67.213.3200 OK 20 kB URL HTTP/1.1 www.saha-banks.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1674086400
IP 172.67.213.3:0
File type ASCII text, with very long lines (42838), with no line terminators
Hash 62f324cfc874c91878d1b1422bcf6153
fe9dfa1a145c5801d10792c6e4d1afc7436281b8
70a7d782ad8e975dbcd3ba60b97ff9aca47e3e027496f4121a2fba334314c98b
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1674086400 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: accept-encoding
cache-control: max-age=14400, public
content-encoding: gzip
x-control-type-options: nosniff
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BB%2BKcm%2BU3AtEkKLhjXnoXIjmQjQEk6jOFgJ0bHzvQnR4fSJk%2FCHhPGAO8fzjHnsIM9fMOjbF6Z%2FEy6pEQj%2F5IAdO4syDVb1C9e3vP7iiW1Fat1GPmhMmKJKylVjryQDg3ldA1fM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1ff27984b50b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14203
Expires: Thu, 19 Jan 2023 06:23:01 GMT
Date: Thu, 19 Jan 2023 02:26:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14203
Expires: Thu, 19 Jan 2023 06:23:01 GMT
Date: Thu, 19 Jan 2023 02:26:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14203
Expires: Thu, 19 Jan 2023 06:23:01 GMT
Date: Thu, 19 Jan 2023 02:26:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14203
Expires: Thu, 19 Jan 2023 06:23:01 GMT
Date: Thu, 19 Jan 2023 02:26:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14203
Expires: Thu, 19 Jan 2023 06:23:01 GMT
Date: Thu, 19 Jan 2023 02:26:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee23b50996d59e5b3d4d99af0d0bc05f
76fbdbd85092cb841ca269206de46cc1b6e0f215
20e83f1e7f48eaee8f946958d4bd94d0c876dd2fdab85f3c4dfe088d7726e0eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6902
x-amzn-requestid: eac4818f-27cf-4e74-967f-ba9b761e236f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0uNuF0QIAMFUEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4f724-3a8ae0ba482b10f04c90c3b5;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 07:05:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AKGI_lQSNDKkYkcLfgIsQOt8ghMJbouQt26TehAyOBDEkg0ZU-L_Tw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 07:32:30 GMT
age: 68028
etag: "76fbdbd85092cb841ca269206de46cc1b6e0f215"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7817aa566a3271f82153811b756bb90f
6be8688f3b8d2f053afed5c09d00e71ad9210258
1ec4a11d1598683001714eb1a130c5ba96c37aef0e43623a17780f848543b1c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7864
x-amzn-requestid: 932e4550-d62d-448d-b60d-d3c62944c86c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fnEEVOIAMFZcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c612f9-0977cfca7fe22f83168e5d9e;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rcBwm967yrKleLXr5OzF8SynTLuZIXY85zeUwRyCP56tAt5ChjIapg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 03:43:10 GMT
age: 81788
etag: "6be8688f3b8d2f053afed5c09d00e71ad9210258"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1b47910c4f71976f73a884bcae6f9bc
26c0d42fddb2a02d9878c34a76874710c92a9d30
9c5ce4945939b126cd36202f5afb8009ce790a792270ec31cc22099e4cd12a24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3861
x-amzn-requestid: c8fbb2e1-9ec6-42c0-8030-9be785e8913e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9TegFNEoAMFwqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c865f6-04a9e7db684e88ed69e1bd43;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0vlLtF3fPmIBiYrKVY8qBwVvS7PMn3OTGpu6C0umuCqXdzYxsF-xgQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:53:12 GMT
age: 16386
etag: "26c0d42fddb2a02d9878c34a76874710c92a9d30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b015242ebdda9cc22cfe6741d2e926f1
76072223007cd11c6f7b9fda8f01818ab0fea740
b7a72c737cac91c83c39718de999bc6ff0ec4ede63342e86407190d95e60d9a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6908
x-amzn-requestid: 5f0a0b3b-1d4c-450e-bcd5-481bda79f4e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq1qQHwYIAMF-IQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1030e-62d053e35c8ab2374fd2fe35;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:06:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1eiEXaC2jHawVVHg6KAlFvdV7ZMpXdCaN8o36sbYL9WwPvXejGobKA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:36:56 GMT
age: 31762
etag: "76072223007cd11c6f7b9fda8f01818ab0fea740"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ew6UYM2a_TNmSJNwTdR0fKiQg4V05R0RsS1rPp0sMOZ4Cn7-TJc3_A==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:45:29 GMT
age: 16849
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b8f931fb5afe958e67fce9e1822dac4
5732887999b819f6facc6f4608a407b5a09adf75
3c6c787e700f8139ec0eeaad93923f647f9efa5ce60120fc0aab52fa9588efaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5005
x-amzn-requestid: 647dd62e-6b47-4298-9457-c7f37e653e0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e5qLKEX6IAMFX0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c6f0ad-3dc1396c1b3662fa4ec5f1fa;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 19:02:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oi7K1Z45sral6ne0AsNTVD5vGc4WbZ7acJoq--4NFhN_f2z-xq7pWQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:55:43 GMT
etag: "5732887999b819f6facc6f4608a407b5a09adf75"
content-type: image/jpeg
age: 16235
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212
172.67.213.3200 OK 2.6 kB URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212
IP 172.67.213.3:0
File type ASCII text, with very long lines (6091), with no line terminators
Hash 04707e026d958b0930058e62e149a320
5add6ddce69863946c147d32b8b17ebf8d996270
25ba9835e3b974f8f386b819df9e9458775f30cb4d5411f4264f754be09659ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: application/javascript
Content-Length: 2574
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:26:49 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFuwXifxdDGPMcmSMPeyMCxDuI8Icn0iJQHiVP6yriliyEb5OviaDOdIxqJC6DYDB444%2BkrDKLPTC5lYJgzBK1gaMAVqN5dqx5nhg33YXMSd40bLwzVRIIr7TXkDjq5rteiJe3A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1ff12e650b55-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash 6c598be3f2ed19fe0c235fe38fc188ed
d7b2e8fe845ff02d4e2b14bb44f127342befb563
a915392de675fb1d8ff4d3f00ae7b9ad3c7422bbb66246105ad4de312504f0cd
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 409 Conflict
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtdE5UjH5WoXCjfHqJiufgrlkZof5quzIeNqoy0hHaZMJL3kDTTdYmMiifIf85aRrDmsx3kNY04DmtJc0wxQay83slRW2uIsgNtr7WeqhOeS7jWEUzVFqvZ%2BCIUQb9cgAZ4w4O4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc1ff14b08b505-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
172.67.213.3200 OK 4.6 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 172.67.213.3:0
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: application/javascript
Content-Length: 4618
Connection: keep-alive
Last-Modified: Wed, 18 Nov 2020 21:36:06 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdai8Cz2YV8CbCL2YdmOaoUcYSPjR4xWlOTxPcMf%2Fhyfpwth7XWakFlaKMDQgINjopuHD9LcI7tdXEffo6UPRYuhJU%2B2AUzybr1y7tleDXMcHLO5ylDGbIMEAyNfiXguhSw5gdY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1ff15e5eb515-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
172.67.213.3200 OK 3.9 kB URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (1577)
Hash 0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:18 GMT
Content-Type: application/javascript
Content-Length: 3861
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 20:34:15 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCfyH8VT8iV5%2FrhkDxTc0A%2F53%2B6jrgm5EESTQoP6B6eeAhJwaofsJAFoGDjUeEWRDToPnZKrcPMozvi1%2Bwcuvwa%2B3c0rbA%2BjG7o%2BIV23xeREA3atofwuirlhuGanWrIx6OfIINc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1ff25c770b39-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
172.67.213.3200 OK 5.3 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:19 GMT
Content-Type: application/javascript
Content-Length: 5321
Connection: keep-alive
Last-Modified: Tue, 12 Apr 2022 17:26:24 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOH8iVDDl9OFvJxVTlknJ2KY4OSsTJTjccYYH0Ze2W8GYVMlqqnzYX7KqHEKnJKB3uKamuoyd0QU3yLk9DMivQruLZAGxIihbbxGBHOYDJw24vNKc1dRoRCWh83KWMI%2FiqJ2An4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1ff2b99cb50b-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
172.67.213.3200 OK 39 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (65447)
Hash 32f58a61f7c5a7e10f8b2dcf8e9a8e34
865c25589283ab1debd45bdfa6c4d8c6ecf15ad3
481cb2216fbdb0797af8c61b69c0bda2c10d025f7b11f2cdfac382d35dc45d63
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:13 GMT
Cache-Control: max-age=86400
Expires: Fri, 20 Jan 2023 02:26:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2F0AJOv7iK6phcOJi9nwsjdKBNid570y6maqegHbAvVqbWKkmHO0kN2Z%2BbBWaok7M9KOFuqVw15ZscB5lCE32vqFpBxN0ik6SW4MzEWzqd%2Bz8EHg4OMOU4t9TDd372M70NzY9UY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1ff24bbcb4eb-OSL
alt-svc: h2=":443"; ma=60
2.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g
192.0.73.2200 OK 8.1 kB URL HTTP/2 2.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 140x140, components 3\012- data
Hash c25cbc4a9a13cad4cd9d4763afa94359
d9fbab0918619a9094338198020ed46792fd801e
e2ac7c902c15f2367a7de997362ec45490b4a4b72a7282cb13ea896c78d607a5
GET /avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g HTTP/1.1
Host: 2.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 02:26:19 GMT
content-type: image/jpeg
content-length: 8076
last-modified: Thu, 09 Mar 2017 15:27:12 GMT
link: <https://www.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g>; rel="canonical"
content-disposition: inline; filename="e683bd3c16c93896774f76c132ffb44f.jpeg"
access-control-allow-origin: *
expires: Thu, 19 Jan 2023 02:31:19 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230117/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 19 Jan 2023 01:59:25 GMT
expires: Thu, 02 Feb 2023 01:59:25 GMT
cache-control: public, max-age=1209600
age: 1614
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash 917af1c990762e16459bd985498e63ee
200f76a043d3da3d7f66d4772f14351a7e414cfb
928d438cf822463a25d1ec5ff4060326b951d36f0cfc65808ece683cfcf81880
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 409 Conflict
Date: Thu, 19 Jan 2023 02:26:19 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNIVH2bUxPPUAXaW3Om1UbIimqkDAKrHdbHkwEuGcFQ0w3cDAu172xK%2BSFMBLK3QBb4M4KGZH8u58ksxPmns229Vhodgg3rduvuhN%2BoL5qzNFVSKQxumeKWWAC5szt0XQlVGwH0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc1ff5bf9f0b55-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 96932e7ee122dfbe89a87a0265f8bf94
a260e5fb88fa73efaedcd7880f4bfea7acf44fbb
e806134fe3187494ab16df5a777bb4d7b8d0a8c400b542a5414b63c7ef3ac3e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 558ca082e2b49b22ae356cf10b191c68
c3956046019b64bc525381a4ab7f0c70002b5b17
862dfa54857c199a1d5450b0b07d8fcc3e2702476e7a0938b3d34e2fab332af3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.saha-banks.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.saha-banks.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 19 Jan 2023 02:26:19 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 19 Jan 2023 02:26:19 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 870b56b31988dbba7484d107a3455332
bcea1ac4e6afb8d92bf1f074910db7492098e854
d6a42a2b06ca9f6aca467356435ee125626474f28803b4ed8e4b4271b03e0068
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 558ca082e2b49b22ae356cf10b191c68
c3956046019b64bc525381a4ab7f0c70002b5b17
862dfa54857c199a1d5450b0b07d8fcc3e2702476e7a0938b3d34e2fab332af3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 96932e7ee122dfbe89a87a0265f8bf94
a260e5fb88fa73efaedcd7880f4bfea7acf44fbb
e806134fe3187494ab16df5a777bb4d7b8d0a8c400b542a5414b63c7ef3ac3e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415&gpid_exp=1
142.250.74.34200 OK 250 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415&gpid_exp=1
IP 142.250.74.34:0
File type ASCII text, with very long lines (395), with no line terminators
Hash 69519953d351e2c7411c577314ebe9f4
050f424a208a400ac404be2dd1a107d89cd08b86
ebf0fef4a98ad18500fd4937e2aa25300f37190db45ddb5a7232717ada77c835
GET /gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 19 Jan 2023 02:26:19 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 870b56b31988dbba7484d107a3455332
bcea1ac4e6afb8d92bf1f074910db7492098e854
d6a42a2b06ca9f6aca467356435ee125626474f28803b4ed8e4b4271b03e0068
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash 6ca5ac23da85c2939bee1738e05fed8f
4f325d99dbba49becda43af368d72e1e476e90e4
2480848db6f3d80e79ec42e76a57a99cbf29312bd0a30a7ce69340ca063a0875
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177
HTTP/1.1 409 Conflict
Date: Thu, 19 Jan 2023 02:26:19 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nc7WPv3tsjKm5AwbXRgFqmTWbp1wmXxWw7IAvB89XVdBywQuTZnAsqhizC9VVUU9feBmUL07CdJ2tr11yxf%2BQb%2FTQdfuB4axIhbS3cZu%2BTFHTCC4OAYKiDUEBCsxDY4v%2FL2iZ8k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bc1ff7f8420b55-OSL
alt-svc: h2=":443"; ma=60
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.42200 OK 5.4 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 5437
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 16 Jan 2023 09:37:22 GMT
Expires: Tue, 16 Jan 2024 09:37:22 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 233337
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cd55997dd608ce987f0dbf559cb6e927
87253a8c3b1587d897c507818006e89180936f91
a20d1577b7836b149485c757ee21cd3d243d6646e74dd504f3fd59e0a34ece17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 19 Jan 2023 02:26:20 GMT
expires: Thu, 19 Jan 2023 02:26:20 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap
142.250.74.106200 OK 609 B URL HTTP/1.1 fonts.googleapis.com/css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap
IP 142.250.74.106:0
Hash 361fdf2276076cc33d6b512e7f8591d8
3b940dacd9f1207eab2bcb6fc47c2524fa853815
76f15d81c8faa3d4a27f851e06a63488846c47d7c64fc856627ee96b292870f0
GET /css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 19 Jan 2023 02:26:20 GMT
Date: Thu, 19 Jan 2023 02:26:20 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.saha-banks.com/cdn-cgi/challenge-platform/h/b/cv/result/78bc1fe39fac0b39
172.67.213.3200 OK 28 B URL HTTP/1.1 www.saha-banks.com/cdn-cgi/challenge-platform/h/b/cv/result/78bc1fe39fac0b39
IP 172.67.213.3:0
File type ASCII text, with no line terminators
Hash 86de097d54457ad4fbf85150ea2dc2fb
194863f4b15ecf7eb4f38bf7ed46b688289be8a4
6301b31e8f84ba8a7465199ebf1c2341253198f21763ad7e7cf6fdebe3d832ec
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/cv/result/78bc1fe39fac0b39 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Content-Length: 11857
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/money-transfer-without-a-bank-account/
Cookie: _ga_MNTK4YVF83=GS1.1.1674095177.1.0.1674095177.0.0.0; _ga=GA1.1.941679977.1674095177; __gads=ID=f7751cb7abaa1f0b-22925ead87da00dc:T=1674095179:RT=1674095179:S=ALNI_MZ9gtWHwo_0L09Nv1eVHsk0H9ijOg; __gpi=UID=00000ba4d590c56c:T=1674095179:RT=1674095179:S=ALNI_MbEotnFngn9OmnXrrSpA7k9U5sctg
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 02:26:20 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=x_nMMVwl6b06x9X8ZPHRhNXISgAr_QByNwJn5_Iplw8-1674095180-0-ARhVNIfsoUDtLYN3CsDFSGaD1ysXC/a7uL6WaxiyrxxOdZDten7NEJm1JKY5MgAT05XCjgPklbtUQStbjobrcHsnsbTgzw9HpnMC0Knf5cSW4vXUDZMh7X7g4quiHAFfqLpqPez++ePOcQdr5gcOJfw=; path=/; expires=Thu, 19-Jan-23 02:56:20 GMT; domain=.saha-banks.com; HttpOnly; SameSite=None
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JDk%2BuHdL6Xyxo%2B9d%2F81a46ystGQqjhtvhHwolXyxIOe8Y9bY%2FF8YMqUajTVT%2B9UCdUSiQ%2BisdtykHeASLsAceD2wm52eVHDJK%2FMmqbs7gLDaDPFH6kD4oroBmcn4ZYzkkwDJdc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78bc1ffeca340b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 532289832b1f21cd9014c904ca0a1ad6
16b0dbd03283cf8a80316e49ab0a0299fd237d99
e0b0758c8bea976e4963c7ca91cc223d9b68f1e45048dd9d5cce73c9f20a08a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 02:26:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.132200 OK 511 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash e5b3a3ea2be6eeb563d108b3e2039373
9ccdd114ad420358364b96b5e03401afaa4cfc8c
adc629560435c7c0bf90e7d0ef7e8645e41c468e103732ebf248f8861dcf5cc7
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 19 Jan 2023 02:26:20 GMT
date: Thu, 19 Jan 2023 02:26:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-59uIlfcNqp5sElxM1ecqsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2
142.250.74.35200 OK 9.1 kB URL HTTP/1.1 fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 9120, version 1.0\012- data
Hash 18ad880aaa4e28b6cd1ef0d30ac95573
da6a33a1ecc296aa481432e2727b273140b78543
f2c5710634752d1a156adf5ac961c8400e3a577c90f97a6a293a07f4a28957fd
GET /s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9120
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 17 Jan 2023 03:11:52 GMT
Expires: Wed, 17 Jan 2024 03:11:52 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 24 Jun 2022 18:40:48 GMT
Content-Type: font/woff2
Age: 170068
fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
142.250.74.35200 OK 14 kB URL HTTP/1.1 fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14316, version 1.0\012- data
Hash 9383ff090e200fc692eb9d0f91df0e6a
eae567c614d06c697ab908310bbf3af6fa331db3
91fa743b90662d1247ff2a9e452e5cfa525e0d4a4caa1a29ed9820a74bb0f80c
GET /s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14316
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 18 Jan 2023 15:03:05 GMT
Expires: Thu, 18 Jan 2024 15:03:05 GMT
Cache-Control: public, max-age=31536000
Age: 40995
Last-Modified: Tue, 08 Nov 2022 19:56:04 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
142.250.74.35200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 16 Jan 2023 06:30:00 GMT
Expires: Tue, 16 Jan 2024 06:30:00 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
Age: 244580
fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2
142.250.74.35200 OK 8.7 kB URL HTTP/1.1 fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8708, version 1.0\012- data
Hash cd316e4c96f15e4f5ee9b4cad904f4c7
c9d4a1c25311b932f4707d1315cfa037bff2687c
4e1343e3fad2721d8db43b01c81295a45afd6f82d519f0376290715426abbacc
GET /s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8708
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 17 Jan 2023 20:40:53 GMT
Expires: Wed, 17 Jan 2024 20:40:53 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 24 Jun 2022 18:40:47 GMT
Content-Type: font/woff2
Age: 107127
fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
142.250.74.35200 OK 12 kB URL HTTP/1.1 fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11760, version 1.0\012- data
Hash dc696827ea29c67ac521ff0b36f50562
5fad76118dc2cf6d27666856a085693f0569db9a
157025606cebc118ce7bb7a62122058604fb39cbae9ae6bf2e7ad57bf4eb8087
GET /s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11760
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 12 Jan 2023 11:03:46 GMT
Expires: Fri, 12 Jan 2024 11:03:46 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Nov 2022 19:55:08 GMT
Content-Type: font/woff2
Age: 573754