r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14233
Expires: Sat, 28 Jan 2023 23:53:44 GMT
Date: Sat, 28 Jan 2023 19:56:31 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7765
Expires: Sat, 28 Jan 2023 22:05:56 GMT
Date: Sat, 28 Jan 2023 19:56:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 19:43:06 GMT
content-type: application/json
age: 805
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16729
Expires: Sun, 29 Jan 2023 00:35:20 GMT
Date: Sat, 28 Jan 2023 19:56:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1Vjh7yTGHdr453k9VvISLuh/JI4j2YjIQL+BMDSNJoEAOxfY0b5Fwofm9PElCoGGJ4iYTgWEHJs=
x-amz-request-id: RYW9WF2FJ32DW96Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 19:21:05 GMT
age: 2126
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 19:56:31 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
142.250.74.168302 Found 253 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 68bdd82de0620e0f2ae5f2728b4a3ac6
8e6426bc586031e43cb0a17a917e3d225d3aee1e
4e913112163e1abb8c2a9e485ae0acf4456e36c598e52f8d53bc63aeb2d6e7a9
GET /gtag/js?id=G-MNTK4YVF83 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 28 Jan 2023 19:56:31 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 253
X-XSS-Protection: 0
www.saha-banks.com/redeeming-alinma-mazaya-points/
172.67.213.3200 OK 25 kB URL HTTP/1.1 www.saha-banks.com/redeeming-alinma-mazaya-points/
IP 172.67.213.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 5558824b2a27327e1345d161670a43d4
b97bb7c689f794796979e0dcedd2dc764184f6d4
1e6ecf2754563e2018e0a1f65e6e5addd1a0a48332f33406d564ce7cc74c431e
Analyzer Verdict Alert fortinet Phishing
GET /redeeming-alinma-mazaya-points/ HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://www.saha-banks.com/wp-json/>; rel="https://api.w.org/", <https://www.saha-banks.com/wp-json/wp/v2/posts/5765>; rel="alternate"; type="application/json", <https://www.saha-banks.com/?p=5765>; rel=shortlink
Cache-Control: max-age=7200
Expires: Sat, 28 Jan 2023 21:56:31 GMT
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffwpT4nuT9Bxt1RWUOpeXKWvLHWqnhvPM9K7%2BNR8dSNo0tD7gDChWEs7ucAyRyuhBnssLZQ9CZB7%2FnTPsRpjP7iIekfGaU8ou%2BfQh0J11SHIJzvG8Ww5mIznKK%2BcRfF3je7y5pE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ab70c20b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
142.250.74.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
IP 142.250.74.168:0
File type ASCII text, with very long lines (21849)
Hash 4dd06798d4ae8ad3c1e3e8c1fb9f28f5
9729bba2cfb1b82aaae8cb1fd99bf0cd6c821a6b
09f480e1de3325968e45fa5d0e7a6203a28002832effc07881eea346fdd8e5aa
GET /gtag/js?id=G-MNTK4YVF83 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.saha-banks.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 19:56:31 GMT
expires: Sat, 28 Jan 2023 19:56:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77821
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 19:49:03 GMT
age: 449
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14290
Expires: Sat, 28 Jan 2023 23:54:42 GMT
Date: Sat, 28 Jan 2023 19:56:32 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 67ffcab1f07d8b1657d9ea54f089db3e
ea415f529860b4f2672e3f72e09ac854c110ccf7
b3acc09c81d6acb070882b301c24bc5a542c312aa7bd215428bb4135817bc9bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:32 GMT
Server: ECS (amb/6B97)
Content-Length: 279
www.saha-banks.com/wp-content/uploads/2023/01/%D8%B9%D8%B1%D9%88%D8%B6-%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D8%A5%D9%86%D9%85%D8%A7%D8%A1-%D8%B4%D8%B1%D8%A7%D8%A1-%D9%85%D8%AF%D9%8A%D9%88%D9%86%D9%8A%D8%A9-390x220.jpg
172.67.213.3200 OK 17 kB URL HTTP/2 www.saha-banks.com/wp-content/uploads/2023/01/%D8%B9%D8%B1%D9%88%D8%B6-%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D8%A5%D9%86%D9%85%D8%A7%D8%A1-%D8%B4%D8%B1%D8%A7%D8%A1-%D9%85%D8%AF%D9%8A%D9%88%D9%86%D9%8A%D8%A9-390x220.jpg
IP 172.67.213.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 390x220, components 3\012- data
Hash 0e5514d9a5904a3b08749d520268dd3d
ef8da35729e93237d3583b9f6eb4284ee7cc1a83
416e598b87721965cc2674219aeae0c23c7fb00c4d1c3f8e273f83652ed3b2c1
GET /wp-content/uploads/2023/01/%D8%B9%D8%B1%D9%88%D8%B6-%D8%A8%D9%86%D9%83-%D8%A7%D9%84%D8%A5%D9%86%D9%85%D8%A7%D8%A1-%D8%B4%D8%B1%D8%A7%D8%A1-%D9%85%D8%AF%D9%8A%D9%88%D9%86%D9%8A%D8%A9-390x220.jpg HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 19:56:32 GMT
content-type: image/jpeg
content-length: 16558
last-modified: Sat, 28 Jan 2023 15:33:12 GMT
cache-control: max-age=86400
expires: Sun, 29 Jan 2023 19:02:57 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 3215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXKHKkAG%2B%2FxDcwCfIpsDvGzQoCs2qlHi%2FUU45ij3WOM5mEtnug4HR3G4KmzK4tfC1G6vyo76HdDEvsW5W6VzUSvSEq6eEUAIRtTXIXvWs9oYjoDuufkIyBSiWjSErTuok2shmr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c4abccb29b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.saha-banks.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212
172.67.213.3200 OK 458 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212
IP 172.67.213.3:0
File type ASCII text, with very long lines (1156), with no line terminators
Hash 0700905b705f44f6bef08b2726874c21
99ad11afd1a04122f39a2a05aea5b60ff9dbb812
af2c2830705f77b6784a2635b3cadb5772c025de8f878ad14abab0feb1e81925
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Content-Length: 458
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:26:49 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoENRnqisDQgC41Uu1nL4rlMYk1f%2F92VKnEh1tcfDhOdaY0nqvmUqMw83SnF4taFBF%2BGGjsmjHabssC1EApx9dAdWqMvgP7HtNApXbRB0h%2FK2R0u8U4NX1Zld86Y7740IsiEdyg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abacf9cb4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-includes/css/classic-themes.min.css?ver=1
172.67.213.3200 OK 189 B URL HTTP/1.1 www.saha-banks.com/wp-includes/css/classic-themes.min.css?ver=1
IP 172.67.213.3:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Content-Length: 189
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:13 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KISiuwr8Frquv6ea4Lokrv8syOOI3LkKxXdMSsmEhEZ%2F3voD4gXTvCr5P3gXsTmpuFjZ9lcBsOPDn1xTkgw1wcDwrL%2BBGRDpgyFNby311uMhHMu6W7TVwd%2Fpsa2o17JkcdbMaW8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abacb3f0b59-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 67ffcab1f07d8b1657d9ea54f089db3e
ea415f529860b4f2672e3f72e09ac854c110ccf7
b3acc09c81d6acb070882b301c24bc5a542c312aa7bd215428bb4135817bc9bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:32 GMT
Last-Modified: Sat, 28 Jan 2023 19:56:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
www.saha-banks.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1
172.67.213.3200 OK 12 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (42000)
Hash 5c15986a7f6f7c940ea94de8a0b79fae
32a30e717b4aaba9d4d0325d00c0cad154cb8639
20a931a1c53300760bc2cacfcaea3b877b08053a72998b45f216061c27617e40
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Content-Length: 12209
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CfqdshAO3wDdt2Jv%2FfAwmt%2FKe%2BYDXQ4%2FACyRdPpzd%2BjZIh%2BQApWr5bJD1IwpzqPgEAfSx7h0t41HnJzY5Xvu1xiEZi4%2BO9GCpCoHZBt66XnZPlC32AHfsHIO0aJkNQKed2HHBY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abb29c3b523-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash 4d38a3656687223aca36a2197f8dddea
d6b02168fe0136ecd485b0547fb08375964f005a
5c43f29901d7bcff16a4f1d068be035470b1cadd069cc47582421c3f535ecb74
GET /wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 409 Conflict
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tJDzGu%2BUaZ8LUH3dm8lhyCNGwbXaPMZyah3i7tOUK4tmAcG%2Bt12skQNKhicP%2BdT3CMezlBtQwOjf8jXhkl72Xdl3oAVKhMtzj5mV6%2FV5tc1gPiRG5VwOVB8uMZwKpJ3bawtd4M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c4abac89c0b61-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash a1252bfbb456e048b7ceb03a81fe9ffa
f09f030de05718a9c92f00cfff5a715249a6a807
3550fdf1ad3d6fa6f917cbe027ff28399460646da200559f55445717ffb5c023
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 409 Conflict
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfFt1J65dOE%2Bl5qvSiCxmQW2EZRgnvIQqstU3I2YPAXQXOJ3MBIx7gOLp1W%2FivDDYFaUiGjvIsy20FDYbQ19rQjFcn8rK0Lduq%2B%2Fva%2FhtRkY1N9XzjiZ7c7cpX3EGyNstQdZ41M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c4abac8dffac4-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1
172.67.213.3200 OK 18 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 28f05939dea4edca059c244cc702bfda
7e40e0235f2f7bc4d9f95dfa3f1773de320c3b28
369b0dca347d53e862ff6a7971f1a7d175648b13027e56c1d397d5e8266481a6
GET /wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 20:34:09 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze080e8DlMpTzVgHP%2FGvrfZFUkiZVUdYOm6uiLF8XCM7rnDstUa4jrb7U6odt75JeJMh4N0oo%2FXB9RjHIWpeqdKuypjXVqB7dvqeankpc748qDZpUmregfzmFArUv8f69Bw%2BBo0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abacd1f1c0e-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
52.41.11.218101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.11.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: E4OWIAXjnDxgQb+x0WCJ2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VTX6Sb0ywJeGeJNvb7oFquE9Owk=
www.saha-banks.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1
172.67.213.3200 OK 12 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (58661)
Hash 0913411c20bb983546f234d4685b40be
52b1104571de6fe046f0b76fece038bb06f7dcd4
1342814f0b2a66024a055e2037caab0bac8bdefe26a194d4a2605f13ab4cdc5f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Content-Length: 12516
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3CA4NqRxPYTFiN0AZL92QF5HQykJaaTVWiNWMSi0yiMyVv1ZYXkW0oM3we9OwD8SSDnayCS5orCVGsLTeDXschN9WIYMXDmgSX%2B%2FKkgblgaxCbXHrhO9afDzr1O%2Bx4F3tZqhwg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abddbd90b61-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1
172.67.213.3200 OK 12 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (47525)
Hash 1a49f64a9824ac7858e559a933e9eccf
caa8b49e61974a81da01a9032393216a05995810
175a7a8805e51048305f212a6f54319606a725044a229190262511468e569a81
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Content-Length: 12354
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZJnlGb0FmwF9Pp637%2Ff66XVAlCandG8zQY%2FV2JInH5obbZv0fWhL2Q4zrLxjBg97AA3AtwPpVEb3E%2BxPjWLbqIHKn8bJAl4sJuFSOhMp1stK41FWqWvLLUwWAPLlwT2IEn1buw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abd0d200b59-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.213.3200 OK 655 B URL HTTP/1.1 www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.213.3:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 11:05:52 GMT
ETag: W/"63ce6a10-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lioGsU5FE6eT%2Bl5w7EuITC%2FXCNV%2Fr1L4F6MKdYzJAh5v05GRPmlZo%2B9pQ6INoXeRIofzG3Tx508on%2BSxU8XWLRfFoCUiFTNb8Ndeo%2BFpfNkH3q4u5dwkQ23d6AR1mBJT%2FVhNDrM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c4abf4f0c0b59-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Mon, 30 Jan 2023 19:56:32 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.213.3200 OK 3.9 kB URL HTTP/1.1 www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.213.3:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 11:05:52 GMT
ETag: W/"63ce6a10-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOfMCKfJh4RWm%2FsPB%2F0tL9g4MjNVucMRVe6031qgKJCCh0o58SgBswvPWnclJrOZgEMncOjNDdY%2FEGOYeOOgcLjV0TLDMQRg3kVeqNbevFlh5OgxtxNF3nQ89q0pXilgqzQQUOw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c4abf4f100b59-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Mon, 30 Jan 2023 19:56:32 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
172.67.213.3200 OK 10 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (40185)
Hash 638ef4cc88b27674ebd9a1355c29c61f
8f532be7574576baa2c56ad1c6c2652296bf0c42
993f335862fede763c118e404999ce60f88e9b870ee07de9e6e1579f7e556df5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Content-Length: 10255
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKiMffTRA78QJDJ068oCYCyy2R%2B0ys4FaAS6uGeQWKTQmB62uZ0V0awHINq0u0qdwoBsjYZGQkzTwVhQpo8k6av8NLvQcMBtu06ABAxj33Z7jew%2BrFrUJKb5XDs7GTEHt33WhyM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abd5d48b523-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1
172.67.213.3200 OK 2.9 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (4936), with CRLF line terminators
Hash 11ef5282e4e1793227bcc1aff992219e
11990fef6eb1dcffffc40fb12f770a7aee21251c
c419b80ac34071cc030d0e26427de827a30f1d58b03e51f72d13126a7c11bb4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Content-Length: 2928
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDypduXolS9DBHf3%2B%2FfW5YK6Jv6SG5h5WU8pmMngCqZGoaDCSmCaugkybTLSXfBM7%2FWxV9ubWTCctJYMuKQ6%2BobdwxJNHvsbuvlxXgS4LUeGUHmhNEXlqVmek9cDBWG0ebybXzc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abdeb78fac4-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1
172.67.213.3200 OK 40 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fd0cfb25ff8ba12d3d717f5a1cdd0b75
9f0509a79961728b5554633b4ead59392919002e
3720e4aa3059e4a23d21ab677d701392fdff1cb43ad037521daa8a1be5bccdc6
GET /wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sP0J1FIYA06mOyOwASBK6D%2FMIiYMi6fNRoSdM7tMG1RYeQzlhIenuuT5RVf2kg1%2FIU8cCSIf2CZEXWY4QJKz4XRKAJRbE8h7b5DflNJUs7K9KfL231S0keeYXefzjp8JPV447XA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abd0b08b4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1
172.67.213.3200 OK 13 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (46574)
Hash 54c898701c208d545bcba86cda4f31f6
bce6775632f3f76fbefa139b20ca6a563c242e03
24a761a2ec326cd6ac52be7e2b9fc11618a4db76eb28ad132cc331f1e9c58e6b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Content-Length: 13233
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTd7dmzz313ek0YlPGJ6s6q7RlOz7dglalDRzn68mui6Y0lZnLnzetrU7%2B0QJ2GlEj%2BNC0rYyJ4YeUhVif4GpBuRRFpeHB4RszMHY6kqGLJ15pedQXt6508ZOh9kcaxXdIJnxm0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abe18191c0e-OSL
alt-svc: h2=":443"; ma=60
region1.google-analytics.com/g/collect?v=2&tid=G-MNTK4YVF83>m=2oe1p0&_p=883060571&gdid=dZGIzZG&cid=588996591.1674935796&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674935796&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fredeeming-alinma-mazaya-points%2F&dt=%D8%A7%D8%B3%D8%AA%D8%A8%D8%AF%D8%A7%D9%84%20%D9%86%D9%82%D8%A7%D8%B7%20%D9%85%D8%B2%D8%A7%D9%8A%D8%A7%20%D8%A7%D9%84%D8%A5%D9%86%D9%85%D8%A7%D8%A1%20%D8%A7%D8%B3%D9%87%D9%84%20%D8%B7%D8%B1%D9%8A%D9%82%D8%A9%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-MNTK4YVF83>m=2oe1p0&_p=883060571&gdid=dZGIzZG&cid=588996591.1674935796&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674935796&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fredeeming-alinma-mazaya-points%2F&dt=%D8%A7%D8%B3%D8%AA%D8%A8%D8%AF%D8%A7%D9%84%20%D9%86%D9%82%D8%A7%D8%B7%20%D9%85%D8%B2%D8%A7%D9%8A%D8%A7%20%D8%A7%D9%84%D8%A5%D9%86%D9%85%D8%A7%D8%A1%20%D8%A7%D8%B3%D9%87%D9%84%20%D8%B7%D8%B1%D9%8A%D9%82%D8%A9%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-MNTK4YVF83>m=2oe1p0&_p=883060571&gdid=dZGIzZG&cid=588996591.1674935796&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674935796&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fredeeming-alinma-mazaya-points%2F&dt=%D8%A7%D8%B3%D8%AA%D8%A8%D8%AF%D8%A7%D9%84%20%D9%86%D9%82%D8%A7%D8%B7%20%D9%85%D8%B2%D8%A7%D9%8A%D8%A7%20%D8%A7%D9%84%D8%A5%D9%86%D9%85%D8%A7%D8%A1%20%D8%A7%D8%B3%D9%87%D9%84%20%D8%B7%D8%B1%D9%8A%D9%82%D8%A9%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.saha-banks.com
date: Sat, 28 Jan 2023 19:56:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.saha-banks.com/wp-content/themes/jannah/rtl.css
172.67.213.3200 OK 10 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/rtl.css
IP 172.67.213.3:0
Hash c8916d805e401072c3e814c0b4893f9e
7245a0f7dcfdaca731de648bb9ebbf34942a3177
1ab7417c5db7f6730a2633765151f158893ac8c134a08d796a8930c5781a30bf
GET /wp-content/themes/jannah/rtl.css HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:32 GMT
Content-Type: text/css
Content-Length: 10111
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3q6JfVPy2bjpFwQyNDXV63orA9sCeZSbn6uN8ZgySlKCMfp18cJOqrPD2fJ2nhiiKeGM3Qze1AEjwoKGB%2FahLBCkk%2Bnr9lJVfctdfsf%2BZQ%2BbaBxGER5f9%2FEYiMVbs3aCZogO0R0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4abf0cfc0b61-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474
172.217.21.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474
IP 172.217.21.162:0
File type ASCII text, with very long lines (3649)
Hash be56f80beca12bb2b583bff90b726c88
e9d71a9af60a2249433279b776077593e1022bac
fb6508b2950aa840d15da134797eede791354e5f6ab81259c9e7a586c71e979f
GET /pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 28 Jan 2023 19:56:32 GMT
expires: Sat, 28 Jan 2023 19:56:32 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16138195462611337293
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50017
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415
172.217.21.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415
IP 172.217.21.162:0
File type ASCII text, with very long lines (3649)
Hash 40f3769ba47874a2c739e259b151f776
96b7632ee19983b3ec8296e6105400f87e4f9357
e3cd9241fae74581cbadd0e095392646b825dcfd158902e41d5f697a252f8a1c
GET /pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 28 Jan 2023 19:56:32 GMT
expires: Sat, 28 Jan 2023 19:56:32 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3209929807135782003
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saha-banks.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1
172.67.213.3200 OK 5.8 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (13532)
Hash 9bf567f02589ecd685ea926901d1c3ae
ca48792eabbc9cd167bab26dc52728711ba5b3e0
6ba8506c5aac579499e3eb9022d0972ccd31199774b8e8a7e0e8629f46a13f64
GET /wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript
Content-Length: 5752
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JD7TgHC%2Bry147K0AdA%2B9DT%2FPR1lzg5nOz0VhVWNr1ypVMP14u%2FGyebcG8JJJYBW0aVyUJrHRQczRzeTxP6ge4SdY%2B3PHiPKUVlTrVPFqmpGJ9ssSn3%2Fx8jUx4uBOLkBaQT%2BsH8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac179530b59-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1
172.67.213.3200 OK 6.8 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (18002)
Hash 08f3564fe02643f632af8db483079dec
fd5897658a57986b46a3dc88e2c6f129412f0e7b
f21a0152825b0609135e73a0077a3742c2add8eea66a6ba1167fbcdb5e0e0421
GET /wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript
Content-Length: 6771
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrD2q%2BLxDQRtPbFHtdv1v8CnMbYMVVxb8fBPRpcTX2E2w8dB4WvgreJnpZoc1QtNbEzs5LtNn0kE35zjp9UFYdoNC1U4GMNEe%2Bsl1tX3SUIxXn114HgX%2FiZjivFEeAgU4orrpwQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac17e6bfac4-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
172.67.213.3200 OK 41 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP 172.67.213.3:0
File type Web Open Font Format, TrueType, length 40812, version 2.0\012- data
Hash b5b7e935f421e6ca7967b036fb08afd5
38a99c496548c5d2ee22c6df3b9dfd5081a73332
f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: font/woff
Content-Length: 40812
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:32 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPB5fzqP796JZ99%2FP6wpDIc0yIs%2BObvE0wdnCrm0GvomP9Z6or4eyx0uGqZ8Oov5J%2FklP%2FWIYymcwgBtW%2BelUYmkCuk9rZM4qWVYWmcYDrL4xctGA9cF0hI5Ti48acKNi8Z%2F1c4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c4ac1398ab4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1
172.67.213.3200 OK 2.2 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1
IP 172.67.213.3:0
File type HTML document, ASCII text, with very long lines (5548)
Hash 54ee2458031284f8ff653682b1afcdd8
fec4e94be86f5fdb938f0048cbb977a84bd8f3dd
d65f2e5c8b694987dbfc42359cc5ea3092b7e878b67cec45ed5c353d5dc06771
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript
Content-Length: 2194
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0moZOMGbGMLi%2FR%2FOoakRMvmLECql3PgtrKJ5KpbDHUpRCF%2FSo5YtOmDS27sZtU9pwAZ2EyqHORVg5ezxglSlp7ci44nDSyKf3MqKjl%2BqTOuQ5PP1tTsdMWQoDSb56jcLfz8uaMQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac17fe70b61-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/print.css?ver=6.0.1
172.67.213.3200 OK 702 B URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/print.css?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (1760)
Hash 8ea40413b0999dedb6605ebeb8bb610b
2a6428bdb0a9e53bab87ed5f8d2d1e5c015de9de
2ce6e8aeb208877c5e6c046177a7a739600417b7da2e747eea36d22ce722e8bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/print.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: text/css
Content-Length: 702
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zju2W7yejvWj6Zx7hRhRvWugWxoIQ%2FMeyK6Kkyr8yOZq1FvsQGwCLmICMSPcSeoe1z3KyY7BGkj8RqrYGYh2%2FKILi9Jk454XgciDBcsZrS07i%2FPuIyUIlnQ2LCMEug7nz%2BkUQjU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac15ba21c0e-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash 81119fb5d16441df884b49c6f0b0f314
9e9cac283e95297c099c58c2519944955b328e21
5af6a8335ab91c896bc6fc31272d3f7ada7cc00c44fd32620d1295a7f9321bc2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 409 Conflict
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgC%2FZrSE9Hv%2BP34xeX3Iwo7kN8WdGUzYd2iPowoAN4xz5AYiKF8k7BOYWuG0nKlBY%2Bg2%2BD6HkvaGZgtWv%2FckkIMG6f61WadE5U6ji6c9hKC3PJ1QuisouIi49Tw7x0BaEmlMujg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c4ac36c90b4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1
172.67.213.3200 OK 32 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (2026)
Hash 04c34bd00edeca5e9f0067d8de727263
8303c1c817ef8f2719dd26ff9ea7ab3fe878163d
a7ba5f9c7bb2a1eacaaf3d91ac38ed27ab66548379884936e7cc890834e351c9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6uqEIdZfGSccYKzvQcKsyuNXqD3UcoYWFctvXWCsL%2BQ4SQI441Maut5SfKVqbHOKyl4eoUJE%2BoR3MrGBcIlfIEvbJFyugfiWjcJmZOungV6jP9I1uxIlIn4wSU7fynLDp%2FTfjQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac17ab4b523-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1
172.67.213.3200 OK 9.3 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1
IP 172.67.213.3:0
File type HTML document, ASCII text, with very long lines (23452)
Hash c71948baa7efc749b427fa84f76a17b9
906d046ea213beb93d6c02eb68bfb3cfa10edb48
3bbe2e1e4b4982f5e17d8fb150f0f45f2362122f5a845c3090cbb4153e5aa5d0
GET /wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript
Content-Length: 9292
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dv7UsIWJCFW16%2F8aoebsG9pwqmRQyCZFUekL4B7BLwwa%2F3bj3Yyl6pGeqEHxc90Bw%2Bl7lsWfvyBTZWBJUNchUnnEohjBpB4qgy0Cy8uySBDB%2Fsff%2FiemEod6EHLQutb2sBfDe0o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac29a840b59-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212
172.67.213.3200 OK 2.6 kB URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212
IP 172.67.213.3:0
File type ASCII text, with very long lines (6091), with no line terminators
Hash 04707e026d958b0930058e62e149a320
5add6ddce69863946c147d32b8b17ebf8d996270
25ba9835e3b974f8f386b819df9e9458775f30cb4d5411f4264f754be09659ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript
Content-Length: 2574
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:26:49 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbVCPX92ON8x8S%2BiaS%2FrubqxtAHgjKzxIXJjpBE0PjAq8%2FB%2Fe%2BpBblo6RG8FWuBQRigMISKVD0PEjTFOU1P3dHvZoZxCB1arVDd7ST1wONQA7EHkfBCfxJBEEpxSFu1m4mSoc1g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac29f78fac4-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674921600
172.67.213.3200 OK 18 kB URL HTTP/1.1 www.saha-banks.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674921600
IP 172.67.213.3:0
File type ASCII text, with very long lines (38461), with no line terminators
Hash a56ebd09ef01319df72e99e4d71e6eb6
f7e3706227527e82d05072d026793dd5e579e16f
0b84163c4fb69899620f6e323ad6c851354e6f8d30bcecce505f7e99cf0b5dac
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674921600 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jm%2FLCNyHD3vI5UWe6Z%2FTFN3ogFXor6FBR%2BxLfq5Me0mmM060lJz3bDbQpJ3hPCxtD0wccBMjfBQPkYIKjmAwLxjCj9lQGNWurXFlZwIVidzBXJk1uZVy2YG8S%2BeSL620FLMvhnI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac4dc800b59-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash f5685bb86cd075cf1a8c6f07a3d85888
55669f1cf59bccdea9c840f566e8e9f0f7f4f661
cf19936c4fb1690b7ffef9cd78f92c4bab8fb1c2832e72e46d9cdf7516178aac
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 409 Conflict
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNQULbP%2B%2F71%2F%2BQDTX0vlFqfDmiYPdIuqcJa7JZbUuzMD1O%2F0EluNnYrXHHf53xb09M7crgTwp9oZITsqBqp82KfPwCrGFNf8jJOGsMNrdxUtsMS330JN5V1HoqCB8SVwukzR610%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c4ac3aa3d0b61-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
172.67.213.3200 OK 3.9 kB URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (1577)
Hash 0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript
Content-Length: 3861
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 20:34:15 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cm8yLsBJNrepWHJs5T24zwpnQRK75G8sbh7PJOUoIiCMaJZCImCKl%2Bo4kePglVqfzNkbpKckDf7tU0yoc5rb6%2BfEqN78gm3PD0jDHF%2BChfF6hndZFZHxO2DN4UbH1OFTnAsSsMk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac4bee9b523-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
172.67.213.3200 OK 4.6 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 172.67.213.3:0
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript
Content-Length: 4618
Connection: keep-alive
Last-Modified: Wed, 18 Nov 2020 21:36:06 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cJr%2BV8o85eiR2AROwV5TTawLg3G%2FTgzxroYPKT6oHtN%2BmBp5QfWLBK3%2BXfrxCWvmcqAoX9DNH1vTatkYdApcPBqD7TOe2B8KIpnQcOMH3iOA9IpeBQZBIMr4bKy42k2Dv1gpYY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac3cdf01c0e-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2998
Expires: Sat, 28 Jan 2023 20:46:31 GMT
Date: Sat, 28 Jan 2023 19:56:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2998
Expires: Sat, 28 Jan 2023 20:46:31 GMT
Date: Sat, 28 Jan 2023 19:56:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2998
Expires: Sat, 28 Jan 2023 20:46:31 GMT
Date: Sat, 28 Jan 2023 19:56:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ed1a0bd725b2078b4cfe4ed83877901
62493ca03be9870aac2341e033611a6d56bd322a
706e84bc63fd98acaeb72789239af3210ae6e3910e6589d92a25899dc9059dfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12397
x-amzn-requestid: e8436997-696d-483a-b03a-a84e7ca614ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T5HbzoAMFXsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-1c2ccd0a187d0a3e2f6a59cc;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lmLHc8fKQYUpq9B-GyOQ0FKzhxi0ToTEPA7cu6JnQftgDFDNV8USvw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:37 GMT
age: 79196
etag: "62493ca03be9870aac2341e033611a6d56bd322a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 78033
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 79187
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4afa01d2ffe17f8378e4c0b5afd4608
f5c7e2137efa07a207427a6b6fe1df541f85ea25
84fc0c05d25d674b5594b54720017332b86d391f66c7136d76cfce3e884e8e12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13375
x-amzn-requestid: 372fcbe8-85a1-4be2-a006-31fb9289c5e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CxF6BoAMFyGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-4b9860545c612cc416cbe599;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yEFlWGi3J14JLA0l2h02VlIqV8opHesKP6GOvfoP5Tp0m7dOYDxIGA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:32 GMT
age: 79021
etag: "f5c7e2137efa07a207427a6b6fe1df541f85ea25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 18:36:06 GMT
age: 4827
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 195316042e7f798eeeb7993fecb3a383
4aeca24ad4702f87feaf9674ea0c1ff6d71826a3
b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13376
x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-DvHIyoAMF6fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jqb6G21QeTDiI0HWT9Fd87D-HkAOiesyfN9vr7vMxrOUADBxV-_Fug==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:42 GMT
age: 79251
etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
172.67.213.3200 OK 5.3 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript
Content-Length: 5321
Connection: keep-alive
Last-Modified: Tue, 12 Apr 2022 17:26:24 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pB%2BGR74tQP0290On%2BpHBFeWMiafgTiXQbafeFPDmVO0Q91%2BDiSe1s5o60wvLNpe4A%2FuJWpHD72a1TKcBn3RTxnj%2BkJBvWdFhOciTVoStekX1fnncyUngeh4lyOCPDauc1tSerI0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac50cb90b59-OSL
alt-svc: h2=":443"; ma=60
2.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g
192.0.73.2200 OK 8.1 kB URL HTTP/2 2.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 140x140, components 3\012- data
Hash c25cbc4a9a13cad4cd9d4763afa94359
d9fbab0918619a9094338198020ed46792fd801e
e2ac7c902c15f2367a7de997362ec45490b4a4b72a7282cb13ea896c78d607a5
GET /avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g HTTP/1.1
Host: 2.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 19:56:33 GMT
content-type: image/jpeg
content-length: 8076
last-modified: Thu, 09 Mar 2017 15:27:12 GMT
link: <https://www.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g>; rel="canonical"
content-disposition: inline; filename="e683bd3c16c93896774f76c132ffb44f.jpeg"
access-control-allow-origin: *
expires: Sat, 28 Jan 2023 20:01:33 GMT
cache-control: max-age=300
x-nc: HIT arn 1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
172.67.213.3200 OK 39 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 172.67.213.3:0
File type ASCII text, with very long lines (65447)
Hash 32f58a61f7c5a7e10f8b2dcf8e9a8e34
865c25589283ab1debd45bdfa6c4d8c6ecf15ad3
481cb2216fbdb0797af8c61b69c0bda2c10d025f7b11f2cdfac382d35dc45d63
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:13 GMT
Cache-Control: max-age=86400
Expires: Sun, 29 Jan 2023 19:56:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpNfwK2E%2B%2BOVdDsD8p7nxGaCjIcK3W2XRV4h7tMEXlNU5aVFNvbwfJwwYJAq1alkVYTK7l9ygk%2Btv4PR3ov9o%2BXI%2F9aG2uPpqv4yr%2B3czPEKonzLIpzuCs4U68FqN%2FOaFIxBAsM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ac47dcdb4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash 3645f5425bc3eec186f6b8bf9beee564
3d011c80b9b830b8ada316004d410ef600f4020c
b9304b35e6a1b85bc204480349d8c21656293ac7ac7d4b19e810d66efe76a9ec
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 409 Conflict
Date: Sat, 28 Jan 2023 19:56:34 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUlynoYnBx1lK%2FwGvxMcrMYurefgc4z2FDu1zX95JIyWxIsBrmXouvS1M%2B7%2BASqzaPTNYIgI2uroR%2B0FamXi21Fm8eMY26Jey%2B3NlOlGWU6ps2NcgWlt9DPgb%2F3Egnrjz%2FHRt8g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c4ac80a47b4eb-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4abb97e5fd107cb87b896feb33a2159b
757fc267c534b8f5191f97d4c6dce60753e965f2
88d691d314752499a884e54232b88c0d19e4c8163236851b99a0b0d3ac0d7f8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 28 Jan 2023 19:56:34 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.saha-banks.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.saha-banks.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 28 Jan 2023 19:56:34 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415
216.58.207.226200 OK 254 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415
IP 216.58.207.226:0
File type ASCII text, with very long lines (395), with no line terminators
Hash 129d6661807d6e329610fd8a6b2c0208
886de048d118e226669ba7a750407dbf0c6b9d3e
0f78f9b7ab67d6e66fda232c14bd4baf5e3ee7cec1d5091f25156b1e3e37deb3
GET /gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 28 Jan 2023 19:56:34 GMT
server: cafe
cache-control: private
content-length: 254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ae45eeb8e62398ce3fc49c0234699163
f5506898f66248b331e84b573a010c5c1a8ad0d2
3d298a54e6d0f6e8f6a48a398e372720fb871623080b7408d66f296068ec6ddc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
172.67.213.3409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 172.67.213.3:0
File type HTML document, ASCII text, with no line terminators
Hash 7e27c7e72340437b2f49f30b0cd44ab0
96c8c9567a11ba1a47d5e03844b8dc3ef23a12c3
ec71d554bd8dc2e83b6dd43789f3e44c51a5cd6f3c5677c2df62c8b05efeb616
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796
HTTP/1.1 409 Conflict
Date: Sat, 28 Jan 2023 19:56:34 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7NZ6pzxwZBX7tqt14qvUey%2F5%2BYX5DxC03VM25OOYyZRuKe3bkdj7YFjMieHqQ7MyeaTcAD5lxqQjAg0r82VF3jnov3EFhIErbnGnBtdzkxw2UqLLy7rNWxmzSAGORra8xNMqzQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c4acabe12b4eb-OSL
alt-svc: h2=":443"; ma=60
adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 28 Jan 2023 19:56:34 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.170200 OK 5.4 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 5437
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 26 Jan 2023 02:21:02 GMT
Expires: Fri, 26 Jan 2024 02:21:02 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 236132
fonts.googleapis.com/css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap
142.250.74.106200 OK 609 B URL HTTP/1.1 fonts.googleapis.com/css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap
IP 142.250.74.106:0
Hash 361fdf2276076cc33d6b512e7f8591d8
3b940dacd9f1207eab2bcb6fc47c2524fa853815
76f15d81c8faa3d4a27f851e06a63488846c47d7c64fc856627ee96b292870f0
GET /css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 28 Jan 2023 19:56:34 GMT
Date: Sat, 28 Jan 2023 19:56:34 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 17504951994384b5dfa3387f5e8b684f
d76ab271cbc580a05222ec155fbc0e82545ae97c
f7e09c196a20bed2d1c1f6fada5eb982e04880a2f1c8c24d7fdce87e46152c3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 28 Jan 2023 19:56:35 GMT
expires: Sat, 28 Jan 2023 19:56:35 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.saha-banks.com/cdn-cgi/challenge-platform/h/g/cv/result/790c4ab70c20b523
172.67.213.3200 OK 28 B URL HTTP/1.1 www.saha-banks.com/cdn-cgi/challenge-platform/h/g/cv/result/790c4ab70c20b523
IP 172.67.213.3:0
File type ASCII text, with no line terminators
Hash 86de097d54457ad4fbf85150ea2dc2fb
194863f4b15ecf7eb4f38bf7ed46b688289be8a4
6301b31e8f84ba8a7465199ebf1c2341253198f21763ad7e7cf6fdebe3d832ec
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/g/cv/result/790c4ab70c20b523 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Content-Length: 11846
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/redeeming-alinma-mazaya-points/
Cookie: _ga_MNTK4YVF83=GS1.1.1674935796.1.0.1674935796.0.0.0; _ga=GA1.1.588996591.1674935796; __gads=ID=34d3256688185171-221d3d8071db0068:T=1674935794:RT=1674935794:S=ALNI_MYXbPQxP9goxnOeUu3Fb10uLw2zhQ; __gpi=UID=00000bab8d0b19e9:T=1674935794:RT=1674935794:S=ALNI_MYU4yNcPRhdEjrPfgklZs611fR9og
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:56:35 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=qD57.WJYdSm70Bql2_zCNP0XrmeTuXv3P0m8Q7kN1W0-1674935795-0-AVLUgl6HFWDMg/Vj1B5n69vMHOxYA26HD359bVd22slN9w28NWzGHNRIjc93WC3Oqd0xgZlH+zz6nBB8639qPecvJKXutfqqY/YkdiyPonuoRH9YbBDMFGwZnbuyhl+1EmOmuI/KoWPZxT1RxVtDEYA=; path=/; expires=Sat, 28-Jan-23 20:26:35 GMT; domain=.saha-banks.com; HttpOnly; SameSite=None
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4MKqaqheiEUxZNBtDm9WlgCMBwNMg%2FFQhn1bTPM61jgB%2BYgeYiXNANbvAkUUXDQ8Vw2VpfYuj9bbDMZGHy%2Fijdi2Qip8U44lCNF%2BycWbSZSGjoRrRPPONn%2FzHXegDAtqMxEASs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790c4ad1f927b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 622311873d3819b9911301b09bc2d43c
9f08d648e40479aa12da033da15b80a15017c739
6138674cec17da8b7bb02bf0686bf3e7aefa2bce6a5f844ebd80e10b665818b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 19:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 214ddda40ad668faf3f7ebb54f715c4d
a636f4b43bb9dfbd87e1a32806fd7565b607d352
8833af5abab89516a7c843257b30151ecde0d9196319934d1fe7bec402a66432
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 28 Jan 2023 19:56:35 GMT
date: Sat, 28 Jan 2023 19:56:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-aMd-naEejLAL3wSdvRK74A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2
216.58.207.227200 OK 9.1 kB URL HTTP/1.1 fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9120, version 1.0\012- data
Hash 18ad880aaa4e28b6cd1ef0d30ac95573
da6a33a1ecc296aa481432e2727b273140b78543
f2c5710634752d1a156adf5ac961c8400e3a577c90f97a6a293a07f4a28957fd
GET /s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9120
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 28 Jan 2023 08:10:26 GMT
Expires: Sun, 28 Jan 2024 08:10:26 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 24 Jun 2022 18:40:48 GMT
Content-Type: font/woff2
Age: 42369
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
216.58.207.227200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 25 Jan 2023 06:51:59 GMT
Expires: Thu, 25 Jan 2024 06:51:59 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
Age: 306276
fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
216.58.207.227200 OK 14 kB URL HTTP/1.1 fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14316, version 1.0\012- data
Hash 9383ff090e200fc692eb9d0f91df0e6a
eae567c614d06c697ab908310bbf3af6fa331db3
91fa743b90662d1247ff2a9e452e5cfa525e0d4a4caa1a29ed9820a74bb0f80c
GET /s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14316
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 28 Jan 2023 19:56:35 GMT
Expires: Sun, 28 Jan 2024 19:56:35 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Nov 2022 19:56:04 GMT
Content-Type: font/woff2
Age: 0
adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 28 Jan 2023 19:56:35 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2
216.58.207.227200 OK 8.7 kB URL HTTP/1.1 fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8708, version 1.0\012- data
Hash cd316e4c96f15e4f5ee9b4cad904f4c7
c9d4a1c25311b932f4707d1315cfa037bff2687c
4e1343e3fad2721d8db43b01c81295a45afd6f82d519f0376290715426abbacc
GET /s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8708
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 26 Jan 2023 23:45:48 GMT
Expires: Fri, 26 Jan 2024 23:45:48 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 24 Jun 2022 18:40:47 GMT
Content-Type: font/woff2
Age: 159047
fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
216.58.207.227200 OK 12 kB URL HTTP/1.1 fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11760, version 1.0\012- data
Hash dc696827ea29c67ac521ff0b36f50562
5fad76118dc2cf6d27666856a085693f0569db9a
157025606cebc118ce7bb7a62122058604fb39cbae9ae6bf2e7ad57bf4eb8087
GET /s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11760
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 23 Jan 2023 07:37:02 GMT
Expires: Tue, 23 Jan 2024 07:37:02 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Nov 2022 19:55:08 GMT
Content-Type: font/woff2
Age: 476373