Report - tagdem.com.sa/

Report Overview

Submitted URL
tagdem.com.sa/
IP
162.55.2.253
ASN
#24940 Hetzner Online GmbH
Submitted
2022-12-02 05:06:54
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	68 kB	151.101.129.229
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
tagdem.com.sa	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	24 kB	3.9 MB	162.55.2.253
w7.pngwing.com	42367	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	450 B	13 kB	172.67.186.206
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.213.121.129
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	44 kB	34.120.237.76
vsb83.tawk.to	121210	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	4.9 kB	172.67.38.66
embed.tawk.to	8650	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	3.4 kB	104.22.25.131
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	tagdem.com.sa/	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap.min.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/wow.min.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.bez.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap-select.min.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery-2.1.1.min.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/pace.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/main.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.fancybox.min.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/javascript/common.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.block.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/javascript/jquery/datetimepicker/moment.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/gsap.min.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/css/media.css?v=1	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/sweetalert2.min.js	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/owl.carousel.min.js	Malware
2022-12-02	medium	tagdem.com.sa/image/cache/catalog/75A63951-471F-4303-B71B-AD1A698DB44B-1920x1280-category_image.jpeg	Malware
2022-12-02	medium	tagdem.com.sa/image/cache/catalog/CBEBE07E-74E8-41BE-8245-796AA6AE369F-1920x1280-category_image.jpeg	Malware
2022-12-02	medium	tagdem.com.sa/image/cache/catalog/E972B965-903F-4CCD-BBFC-B5E996232B30-1920x1280-category_image.jpeg	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Regular.ttf	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-brands-400.woff2	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-solid-900.woff2	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-regular-400.woff2	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Medium.ttf	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Bold.ttf	Malware
2022-12-02	medium	tagdem.com.sa/image/cache/catalog/96D9BB98-83FC-4BE3-96EA-262D02F398E3-1920x1280-category_image.jpeg	Malware
2022-12-02	medium	tagdem.com.sa/image/cache/catalog/79526574-7975-478F-BDA2-D564D1C42068-1920x1280-category_image.jpeg	Malware
2022-12-02	medium	tagdem.com.sa/image/cache/catalog/B0CE1CC7-C069-4A62-B47C-1B6BEF71066C-1920x1280-category_image.jpeg	Malware
2022-12-02	medium	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/swiper-bundle.min.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (37)

	URL	Size	First Seen	Last Seen
	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/pace.js	28 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/theme/default/assets/js/lib/pace.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash c633f9af52b94e10e0d682a8586ed24b ff603df5c50de4ffc1c06ee9867e9ebbe1c5d05a 65016a78f5600457528d749bfcb769fb024eea777b6a8eabf63526c008e71686 Loading...

	embed.tawk.to/60e581b3649e0a0a5ccaf6b9/1fa085ar3	2.1 kB	2023-03-08	2023-03-08
Pretty URL embed.tawk.to/60e581b3649e0a0a5ccaf6b9/1fa085ar3 IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash cb850908c4791087022f10425a9b318f 2b7b4b2a5f8907f24dcc4b3ee7e497a7fafa391e c2e23ded73d309eb7b19b188e7038d4ccb78b119634002ac4d601241635346fb Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f1596d96.js	10 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f1596d96.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:54 Last Seen2023-03-12 19:40:33 Times Seen1 Hash 6ec300e0d56554b72967d1d815fe6a68 4115cb09ead1725a281d362df2a0d890def2bc02 738f90cd935b00f835ed3d25668c4c5f02e85f8d15087b94b8b6d3667d063593 Loading...

	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/owl.carousel.min.js	46 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/theme/default/assets/js/lib/owl.carousel.min.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 03512eea3b30b6cbe9fd93d9f93f28ae 7600a529181ce98b404b07971e277e8c121da35b 45e591b2e71e9b0e553371ccd435db2dd6f7e039aa148d10993b03cac59fba6e Loading...

	tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.js	3.1 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash b2c2a6eb1862f0d2e6d6f917b4b03e54 3313a5c714f2733efab1ecf7627e10069e2031c3 57a85584fb704bcb4db6964751086009cca92338af3fe0fb9311be454b45b14a Loading...

	tagdem.com.sa/	313 B	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/ IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash c7fe9e41e767d5bad1826ab67b27ffcf 4e8dc611e00fa9d26cd5501be6c1b4934fa82134 db51042f5e2c3e733cb66cc8468f7f961b0600912013a29cf5250a98bf8a3d17 Loading...

	tagdem.com.sa/	334 B	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/ IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 14fa92ccfaa7c66f7b0b7c2a85ef2fd7 4d482f5af99fd9d91b034de6cd6150060c31b183 3bce7b71ce940bf6cef0000eacc7631f0e6e024499fda07108a592bcefceb87c Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/languages/ar.js	20 kB	2023-03-07	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/languages/ar.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2023-03-26 03:19:13 Times Seen6 Hash a1038dff27b08341fe02dac73d70248f 844caa61716cf10530ae93b724f90df9efe3c3e6 f7029e80c95571c56299ca024fb699d2bbdc82a5fd9320cfba60da8d06eb33c3 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js	17 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:40:33 Times Seen1 Hash a4ee0f7f38343d301e91591fc360d3fa 0748ec2421e5495f8cd80c749a827065c4b43eb1 83bf5bc596982a4f75467e476f78e856ac970915731fb11c7115f5feaac5027b Loading...

	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap-select.min.js	35 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap-select.min.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 076e5e38cd5a59b9907b3178e2320a89 a3281c2379c6d30df507edf63bccc19285e70b40 4de481cad969a23edff461644c88666b722317915b1933b9c5132f3bea524b1d Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 12:30:04 Times Seen36959444 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/sweetalert2.min.js	23 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/theme/default/assets/js/lib/sweetalert2.min.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 93f06f5547d987349cfd08b4e7a4145d 6c771a4057aee7ac945d90c50aba145a44438714 274a8db351bd0102b07f4e2ec2d5b9243e07da82c87a4d92a586acf73f2be1c6 Loading...

	tagdem.com.sa/	195 B	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/ IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 9f620d1bcc92f8f055fa0aaa7ef2b253 342f82f597c908c8cc85eefd378577cdcd66a198 303609259c61b14e9009043d6474e34e0d4801c4fde8e187d864a8a86aca0422 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js	151 B	2023-03-07	2024-04-19
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-19 12:27:42 Times Seen46580 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/wow.min.js	10 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/theme/default/assets/js/lib/wow.min.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 8077fc59583445982fc388c73cf3fb30 bef31961592aa5277c6a789e1a3c29734a266257 b4711f1b72ff794baa2ceee602046fb34f181a3a0cca5f3afdf5caceb89a8abf Loading...

	tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.block.js	22 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.block.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 310961f1d81863713529fdf449eb2725 c6fd11207e637e77365489f986f1f24b87e24cc5 19ce592ba6d4dde75fe6958f49310d30c9b3030a3e0c991ee0f6d0bffe5a8d8d Loading...

	tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.js	40 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash b6494d9fd3e9ed26d6559eb3dacd3132 20e59166b846cc0effb677f94f0b5388e3bc664f 3b466a0714b8fbb78b42e49fe80e695b38d8aa188a5eb327229dc2535ae2cc03 Loading...

	tagdem.com.sa/catalog/view/theme/default/assets/js/main.js	16 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/theme/default/assets/js/main.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash b13dcd15859ea56c16cbaa16f4ace323 3d753a2b32434c685e7283dfb62e2e19a2ec2441 381db81974851ac2f53e06375cf5d51d46ce8bec9716fc48bb799b0b7e4b8ff4 Loading...

	tagdem.com.sa/catalog/view/javascript/common.js	16 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/javascript/common.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 167ee841ab57245a262891652d46a7e8 19f7708b215ba96a7980858b4b66f7facbec7610 8ac4a019f2642ca04478e949a85062fa1c10e3cbd939df62dcbce0c81871a280 Loading...

	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/gsap.min.js	58 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/theme/default/assets/js/lib/gsap.min.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 3de9cfd3802acfc79da81d3a7b8df90e 29814c07d3b3d5be4ada397d07ea22cc5acfec69 3a7d3e93c2d3ade023d03e40e79ad1433acad9d40a835d3f8ebf1c2fad139c2d Loading...

	tagdem.com.sa/	745 B	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/ IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 333c62faa7bcaefaa820d8bfbb0f1647 09cebe337fffb837d62bcf8fface59c6baa71964 52cc6682fcc8e8e7ddd018da91cabebf4ee3ddec7c92f3346640880759171c08 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js	121 B	2023-03-07	2024-04-19
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-19 12:27:41 Times Seen45896 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js	2.3 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2024-01-03 04:29:13 Times Seen3 Hash 9075c2f5460b2832318d3c7217cc68cb b8742c9ec6d976051538e69ae8a92e354b62638b 6d510d7d2266769c4b312b4db0fc12e180db9c5ef2d75926c5b8f23543788aba Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js	74 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:40:33 Times Seen1 Hash af764270cff49e4f88710a5824f1af0a 5101715aafd662b8ef1bae9a588ba7e8650c2b5e 8ea95ad5c8b1c5de01a4a647ba43f1d82e0e94337b17995abaa29a6dc7d5bffc Loading...

	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.bez.js	3.8 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.bez.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash cb07bcd2ce26068b4403b01e327bb4a8 c778c4b73a9f574d1ede7701e8369a10462a6e29 5e25efa2e66e49ac05d00e7c6641327f8f728be5cd3af97a6ca94276844774aa Loading...

	tagdem.com.sa/	2.7 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/ IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 03446af05d8ab7d8dcf0c39d451da5bb d0e84e8ee7293686e463a39d90a6ab6870bf9d00 86476c699b32d3f2f45a8964f57d1897483d35fc1238fc95d45878dadf992af8 Loading...

	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.fancybox.min.js	70 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.fancybox.min.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash 7daaab5a7202912c75f9018c0e853efb 0cd63b5e5fd817c1611f0d5c8e2c3ac1b1a9f359 aa028ee3e2717b2cbeba5e69c75dc059ac9a132ddc1f9c6c9bf9beeedfbf04ed Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js	211 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:02:52 Last Seen2024-01-03 04:29:13 Times Seen92 Hash 70dac54eca3bb2143032bc4db3237623 b072b86acccf5e05a52ebfbff58ec2961b200063 299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js	16 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:39:42 Times Seen1 Hash 12f6c0f6e6cec2a03629fbce091e2072 f900879b5df1ad4add9e9312ade124a70a14607c 663028e7a6e8b469483d28f1b38a593e73623ae4e95eebdef03eecc014da0316 Loading...

	tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap.min.js	39 kB	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap.min.js IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash aa1e8d3335720dae1cd87247e5e6096f 8e20c22df2f7fd41920354868b2ab934454594fe e8e31d81c5a1df452aa1638025959424937009ab61a6c8bbce058c5ead801d21 Loading...

	tagdem.com.sa/	560 B	2023-03-08	2023-03-08
Pretty URL tagdem.com.sa/ IP 162.55.2.253 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:08 Last Seen2023-03-08 14:30:08 Times Seen1 Hash b203b0e25f8b12b3cf1d296601fa085e 86f5015f126ae2bdf2ea4f7ffd2c70f434c8fdb0 569d8808c860fd24a7c31e4493584d66da22fd5cec3e5dd0c6807c9a14a74c6a Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js	196 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2024-01-03 04:29:13 Times Seen4 Hash bde99510bdf9ab7bbc9ce82519a19a36 c0d4758cbef7cb74c32021e2f6c6271ae995c919 654d5153e9271fb0cf77a967a37cb4e615a1f911a9957f747f395d824d0cca44 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

HTTP Transactions (83)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12168
Expires: Fri, 02 Dec 2022 08:29:30 GMT
Date: Fri, 02 Dec 2022 05:06:42 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3886
Cache-Control: max-age=109756
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:06:42 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:35:58 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 04:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2812
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9908
Expires: Fri, 02 Dec 2022 07:51:50 GMT
Date: Fri, 02 Dec 2022 05:06:42 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8KwTON6t6j/x6gEy3RRu0GPwbRHbwAdqdmgAyPtm+SyAltCc87kZ2LjV/A07EuALUI5J627cNps=
x-amz-request-id: 059N1NBDV9W536P0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 04:45:58 GMT
age: 1244
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

tagdem.com.sa/

162.55.2.253

200 OK

51 kB

URL HTTP/1.1
tagdem.com.sa/
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342), with CRLF, LF line terminators
Size
51 kB (51156 bytes)
Hash
33a8c92e68db289454fc4a42d245b4c6
ab188582533bf0bee873b6e7385a7be5a0c5f327
4e2c02b6c45f3909c10a72f5845841527444f632c6bce140484be3322df98d6f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; path=/; HttpOnly
default=d3220607be6dcf321b70ac0ef95e85d5; path=/; HttpOnly
language=ar; expires=Sun, 01-Jan-2023 05:06:42 GMT; Max-Age=2592000; path=/; domain=tagdem.com.sa
currency=SAR; expires=Sun, 01-Jan-2023 05:06:42 GMT; Max-Age=2592000; path=/; domain=tagdem.com.sa
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 05:06:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap.min.js

162.55.2.253

200 OK

39 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap.min.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (32033)
Size
39 kB (38841 bytes)
Hash
aa1e8d3335720dae1cd87247e5e6096f
8e20c22df2f7fd41920354868b2ab934454594fe
e8e31d81c5a1df452aa1638025959424937009ab61a6c8bbce058c5ead801d21

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/bootstrap.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 16 Feb 2021 15:40:08 GMT
Accept-Ranges: bytes
Content-Length: 38841
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/theme/default/stylesheet/quickcheckout.css

162.55.2.253

200 OK

2.5 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/stylesheet/quickcheckout.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
troff or preprocessor input text\012- assembler source, ASCII text, with CRLF line terminators
Size
2.5 kB (2505 bytes)
Hash
195e8ca589af769fd7458856d164e6ed
9e031952b4efd6a630c348aaa25355a3ab67ea9b
b4f3c5568756a0fa2eea69280d811097d5e1f584fba14e058b850c8acd985173

HTTP Headers

GET /catalog/view/theme/default/stylesheet/quickcheckout.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 08:42:24 GMT
Accept-Ranges: bytes
Content-Length: 2505
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/wow.min.js

162.55.2.253

200 OK

10 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/wow.min.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (9895)
Size
10 kB (9951 bytes)
Hash
8077fc59583445982fc388c73cf3fb30
bef31961592aa5277c6a789e1a3c29734a266257
b4711f1b72ff794baa2ceee602046fb34f181a3a0cca5f3afdf5caceb89a8abf

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/wow.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 04 Oct 2016 17:29:14 GMT
Accept-Ranges: bytes
Content-Length: 9951
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.bez.js

162.55.2.253

200 OK

3.8 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.bez.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1796)
Size
3.8 kB (3798 bytes)
Hash
cb07bcd2ce26068b4403b01e327bb4a8
c778c4b73a9f574d1ede7701e8369a10462a6e29
5e25efa2e66e49ac05d00e7c6641327f8f728be5cd3af97a6ca94276844774aa

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/jquery.bez.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 18 Feb 2021 16:38:40 GMT
Accept-Ranges: bytes
Content-Length: 3798
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap-select.min.js

162.55.2.253

200 OK

35 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap-select.min.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (32004)
Size
35 kB (35175 bytes)
Hash
076e5e38cd5a59b9907b3178e2320a89
a3281c2379c6d30df507edf63bccc19285e70b40
4de481cad969a23edff461644c88666b722317915b1933b9c5132f3bea524b1d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/bootstrap-select.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 01 Oct 2018 13:45:18 GMT
Accept-Ranges: bytes
Content-Length: 35175
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery-2.1.1.min.js

162.55.2.253

200 OK

86 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery-2.1.1.min.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (32061)
Size
86 kB (86041 bytes)
Hash
5a0ae19254cbf7205a6e4514e3e7c184
65a5263f719ceab18fd3fdda7e28283c9d56cf59
d18dcb96e0b48215b8e07290c3d110091b8ea5733e800ee73d1949a14494722f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/jquery-2.1.1.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 11 Jun 2020 21:55:06 GMT
Accept-Ranges: bytes
Content-Length: 86041
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.css

162.55.2.253

200 OK

7.8 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (7655), with CRLF line terminators
Size
7.8 kB (7775 bytes)
Hash
3fde88619222e012ff01e47e9f2b7725
fd972eb9115f52a00edcf6354ce44fcee48ce986
673f392d2ff5f8dfca21c26ccbd9b87b72c68de57fcbb555a5b94cd53fff947c

HTTP Headers

GET /catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 08:42:24 GMT
Accept-Ranges: bytes
Content-Length: 7775
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/pace.js

162.55.2.253

200 OK

28 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/pace.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1796)
Size
28 kB (28364 bytes)
Hash
c633f9af52b94e10e0d682a8586ed24b
ff603df5c50de4ffc1c06ee9867e9ebbe1c5d05a
65016a78f5600457528d749bfcb769fb024eea777b6a8eabf63526c008e71686

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/pace.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 13 Jun 2019 02:28:26 GMT
Accept-Ranges: bytes
Content-Length: 28364
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/theme/default/assets/js/main.js

162.55.2.253

200 OK

16 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/main.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1799), with CRLF line terminators
Size
16 kB (15574 bytes)
Hash
b13dcd15859ea56c16cbaa16f4ace323
3d753a2b32434c685e7283dfb62e2e19a2ec2441
381db81974851ac2f53e06375cf5d51d46ce8bec9716fc48bb799b0b7e4b8ff4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/main.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 29 Mar 2021 14:22:29 GMT
Accept-Ranges: bytes
Content-Length: 15574
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.fancybox.min.js

162.55.2.253

200 OK

70 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.fancybox.min.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (31972), with CRLF line terminators
Size
70 kB (70064 bytes)
Hash
7daaab5a7202912c75f9018c0e853efb
0cd63b5e5fd817c1611f0d5c8e2c3ac1b1a9f359
aa028ee3e2717b2cbeba5e69c75dc059ac9a132ddc1f9c6c9bf9beeedfbf04ed

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/jquery.fancybox.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 23 Mar 2021 16:04:11 GMT
Accept-Ranges: bytes
Content-Length: 70064
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/javascript/common.js

162.55.2.253

200 OK

16 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/javascript/common.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (1814), with CRLF line terminators
Size
16 kB (15938 bytes)
Hash
167ee841ab57245a262891652d46a7e8
19f7708b215ba96a7980858b4b66f7facbec7610
8ac4a019f2642ca04478e949a85062fa1c10e3cbd939df62dcbce0c81871a280

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/javascript/common.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 13 Mar 2021 06:15:56 GMT
Accept-Ranges: bytes
Content-Length: 15938
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.js

162.55.2.253

200 OK

3.1 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1797), with CRLF line terminators
Size
3.1 kB (3135 bytes)
Hash
b2c2a6eb1862f0d2e6d6f917b4b03e54
3313a5c714f2733efab1ecf7627e10069e2031c3
57a85584fb704bcb4db6964751086009cca92338af3fe0fb9311be454b45b14a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/javascript/jquery/quickcheckout/quickcheckout.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 08:42:24 GMT
Accept-Ranges: bytes
Content-Length: 3135
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

w7.pngwing.com/pngs/728/671/png-transparent-logo-mastercard-font-gif-mastercard.png

172.67.186.206

200 OK

12 kB

URL HTTP/2
w7.pngwing.com/pngs/728/671/png-transparent-logo-mastercard-font-gif-mastercard.png
IP
172.67.186.206:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 920 x 483, 4-bit colormap, non-interlaced\012- data
Size
12 kB (12469 bytes)
Hash
69ed601efab373685894e156cfdbaadf
7120ac385be6c5d63623fad6d870b1cda0cf13b9
df415399a21606a028a0559a1c7673d20d7ed6bc872a944af383a09cbaf0c9da

HTTP Headers

GET /pngs/728/671/png-transparent-logo-mastercard-font-gif-mastercard.png HTTP/1.1
Host: w7.pngwing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:42 GMT
content-type: image/png
content-length: 12469
last-modified: Sat, 06 Jun 2020 17:46:18 GMT
etag: "5edbd66a-30b5"
expires: Mon, 27 Nov 2023 05:06:42 GMT
cache-control: max-age=31104000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qY9QsXN4ZDoArq2DBFjX0fGeayuhPkF0W6wydJWvUmzIvcol95LiEqfCrokimrCA5eLx9UkA%2B4aIlbKivObFeOrpepn%2FtqrDP0QqQbBooYk35vxTYK7EBWnz88QBKwn4SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773188e8fb040b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.block.js

162.55.2.253

200 OK

22 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.block.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1801), with CRLF line terminators
Size
22 kB (22323 bytes)
Hash
310961f1d81863713529fdf449eb2725
c6fd11207e637e77365489f986f1f24b87e24cc5
19ce592ba6d4dde75fe6958f49310d30c9b3030a3e0c991ee0f6d0bffe5a8d8d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/javascript/jquery/quickcheckout/quickcheckout.block.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 08:42:24 GMT
Accept-Ranges: bytes
Content-Length: 22323
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/javascript/jquery/datetimepicker/moment.js

162.55.2.253

200 OK

97 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/javascript/jquery/datetimepicker/moment.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with CRLF line terminators
Size
97 kB (97395 bytes)
Hash
bfed500d95116bbe9164833f6d623227
ee1b77e0365efaf43a96f658bde5a985b1e83949
52a22847f7f58794fa838ecace0ea5d34832099b928539ad4ffcd7b6b7391afd

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/javascript/jquery/datetimepicker/moment.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 01 Oct 2018 13:45:46 GMT
Accept-Ranges: bytes
Content-Length: 97395
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/theme/default/assets/css/lib/all.min.css

162.55.2.253

200 OK

59 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/all.min.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (58911)
Size
59 kB (59097 bytes)
Hash
91c0743cf8cc18a5540794497bc16d7e
1ddc3c2238bed9bec9a696a30bf73918d5413e57
8eccfa6c3c81eae4210e6439680bb5bc54d1ee923d51427d5d2f9f1920ffead2

HTTP Headers

GET /catalog/view/theme/default/assets/css/lib/all.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 13 Aug 2020 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 59097
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap-rtl.min.css

162.55.2.253

200 OK

25 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap-rtl.min.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (24529)
Size
25 kB (24903 bytes)
Hash
8e59c9a11c4dbc6fe754490d7e648bca
c124c2284060a2e47d62858c82ab0146f135599a
41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9

HTTP Headers

GET /catalog/view/theme/default/assets/css/lib/bootstrap-rtl.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 16 Feb 2021 16:32:54 GMT
Accept-Ranges: bytes
Content-Length: 24903
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap.css

162.55.2.253

200 OK

146 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (540)
Size
146 kB (146010 bytes)
Hash
2a31dca112f26923b51676cb764c58d5
f597f59f955cda06e5d7a79342d9e0c22b5ec6d2
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

HTTP Headers

GET /catalog/view/theme/default/assets/css/lib/bootstrap.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 11 Jun 2020 21:55:06 GMT
Accept-Ranges: bytes
Content-Length: 146010
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/gsap.min.js

162.55.2.253

200 OK

58 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/gsap.min.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (56420)
Size
58 kB (58549 bytes)
Hash
3de9cfd3802acfc79da81d3a7b8df90e
29814c07d3b3d5be4ada397d07ea22cc5acfec69
3a7d3e93c2d3ade023d03e40e79ad1433acad9d40a835d3f8ebf1c2fad139c2d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/gsap.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Mar 2021 17:40:18 GMT
Accept-Ranges: bytes
Content-Length: 58549
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/theme/default/assets/css/lib/owl.carousel.min.css

162.55.2.253

200 OK

3.4 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/owl.carousel.min.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (3184)
Size
3.4 kB (3351 bytes)
Hash
b2752a850d44f50036628eeaef3bfcfa
fba46353cf90450ef3d362a123f1e7af3e8c561e
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

HTTP Headers

GET /catalog/view/theme/default/assets/css/lib/owl.carousel.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 20 Apr 2018 19:22:10 GMT
Accept-Ranges: bytes
Content-Length: 3351
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.js

162.55.2.253

200 OK

40 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (32010), with CRLF line terminators
Size
40 kB (39759 bytes)
Hash
b6494d9fd3e9ed26d6559eb3dacd3132
20e59166b846cc0effb677f94f0b5388e3bc664f
3b466a0714b8fbb78b42e49fe80e695b38d8aa188a5eb327229dc2535ae2cc03

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 08:42:24 GMT
Accept-Ranges: bytes
Content-Length: 39759
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/theme/default/assets/css/lib/stylesheet-a.css

162.55.2.253

200 OK

27 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/stylesheet-a.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (529), with CRLF line terminators
Size
27 kB (26855 bytes)
Hash
2d700efe9bc8efbccc0ce10b2011427f
306dc4544ff215c58697c3c8553d5ecefe4e9a7d
c55cab61fb95e2d9517fe233d90fb8bdcde56778a43512627d66718626dc1c3d

HTTP Headers

GET /catalog/view/theme/default/assets/css/lib/stylesheet-a.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 16 Dec 2020 07:49:16 GMT
Accept-Ranges: bytes
Content-Length: 26855
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/css/lib/owl.theme.default.css

162.55.2.253

200 OK

1.4 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/owl.theme.default.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
1.4 kB (1380 bytes)
Hash
6c830c91a0a08fca0fe883504abc7d2b
5193b985aa3f992ce7bad494b6ab519707c48cc1
9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3

HTTP Headers

GET /catalog/view/theme/default/assets/css/lib/owl.theme.default.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 20 Apr 2018 10:22:10 GMT
Accept-Ranges: bytes
Content-Length: 1380
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/css/lib/swiper-bundle.min.css

162.55.2.253

200 OK

14 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/swiper-bundle.min.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (13663)
Size
14 kB (13921 bytes)
Hash
4d0619d7577a990881a0079718c5c92e
02553ae8ed1026ae5e1fe6cc5883fd42379e5e68
f9a55bcc80d6d8b2815299c5501cddaa8e5f3f697cdb8f5ce1e3e924097117ba

HTTP Headers

GET /catalog/view/theme/default/assets/css/lib/swiper-bundle.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Mar 2021 19:14:10 GMT
Accept-Ranges: bytes
Content-Length: 13921
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap-select.min.css

162.55.2.253

200 OK

6.7 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap-select.min.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (6433), with CRLF line terminators
Size
6.7 kB (6655 bytes)
Hash
1dde27fd625567362692b22765e51596
8534be7ac8920f1dff0f084256e812c2fd8db919
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

HTTP Headers

GET /catalog/view/theme/default/assets/css/lib/bootstrap-select.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 01 Oct 2018 13:45:44 GMT
Accept-Ranges: bytes
Content-Length: 6655
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/css/lib/sweetalert2.min.css

162.55.2.253

200 OK

16 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/sweetalert2.min.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
16 kB (15692 bytes)
Hash
5305b7af8ef42b37be7e2caa9182f393
9f9f8d2ab49bbf537c33cd0b6c3ecea164bfef9f
fd1607ffbcaa2458a02136e611ef9f2e7c1fec78d118696f08ccf8cf79e3bd32

HTTP Headers

GET /catalog/view/theme/default/assets/css/lib/sweetalert2.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 12 Mar 2021 06:32:36 GMT
Accept-Ranges: bytes
Content-Length: 15692
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/css/media.css?v=1

162.55.2.253

200 OK

2.9 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/media.css?v=1
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with CRLF line terminators
Size
2.9 kB (2867 bytes)
Hash
291476ffbff9132361afd1b01f1ef204
6e8efb832faa27751d7b10ae405104ab11bb218f
5674c32a3d9d1b2b686379366e4e722970fee3c28f164ad86f011f273856a4a8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/css/media.css?v=1 HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 07:57:58 GMT
Accept-Ranges: bytes
Content-Length: 2867
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/css/lib/jquery.fancybox.min.css

162.55.2.253

200 OK

13 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/jquery.fancybox.min.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (12795), with no line terminators
Size
13 kB (12795 bytes)
Hash
a2d42584292f64c5827e8b67b1b38726
1be9b79be02a1cfc5d96c4a5e0feb8f472babd95
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

HTTP Headers

GET /catalog/view/theme/default/assets/css/lib/jquery.fancybox.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 23 Mar 2021 16:03:27 GMT
Accept-Ranges: bytes
Content-Length: 12795
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/sweetalert2.min.js

162.55.2.253

200 OK

23 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/sweetalert2.min.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (22984), with no line terminators
Size
23 kB (22984 bytes)
Hash
93f06f5547d987349cfd08b4e7a4145d
6c771a4057aee7ac945d90c50aba145a44438714
274a8db351bd0102b07f4e2ec2d5b9243e07da82c87a4d92a586acf73f2be1c6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/sweetalert2.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 01 Oct 2018 13:45:18 GMT
Accept-Ranges: bytes
Content-Length: 22984
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/catalog/view/theme/default/assets/css/style.css

162.55.2.253

200 OK

104 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
104 kB (103953 bytes)
Hash
9d40cea6cb3392f6347e0aff5c3afbd6
f4ece9fce2d001027900475974a9c4ced5838326
be21ef104f3e85cef605627f0ea786973a70b535def3c93b7866ed2fff26a1da

HTTP Headers

GET /catalog/view/theme/default/assets/css/style.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 31 Mar 2021 13:57:03 GMT
Accept-Ranges: bytes
Content-Length: 103953
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 04:08:57 GMT
cache-control: public,max-age=3600
age: 3466
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/owl.carousel.min.js

162.55.2.253

200 OK

46 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/owl.carousel.min.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (31997)
Size
46 kB (46138 bytes)
Hash
03512eea3b30b6cbe9fd93d9f93f28ae
7600a529181ce98b404b07971e277e8c121da35b
45e591b2e71e9b0e553371ccd435db2dd6f7e039aa148d10993b03cac59fba6e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/owl.carousel.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 20 Apr 2018 19:22:10 GMT
Accept-Ranges: bytes
Content-Length: 46138
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

tagdem.com.sa/image/catalog/black_kian.png

162.55.2.253

200 OK

59 kB

URL HTTP/1.1
tagdem.com.sa/image/catalog/black_kian.png
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 1199 x 610, 8-bit/color RGBA, non-interlaced\012- data
Size
59 kB (58609 bytes)
Hash
9d98ee2b0e83bcff28f514ad68ed6f03
573a8f2e39b8d4450a97401f9591be6e39d80fd0
60f8c1e30c96fb5473e7e2da219fac8165c2bacc745cec7d8635dd2fca98f6b7

HTTP Headers

GET /image/catalog/black_kian.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 04 Jan 2021 19:34:08 GMT
Accept-Ranges: bytes
Content-Length: 58609
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

tagdem.com.sa/image/catalog/footer_logo.png

162.55.2.253

200 OK

11 kB

URL HTTP/1.1
tagdem.com.sa/image/catalog/footer_logo.png
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 129 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11033 bytes)
Hash
e2407c1c6f7ab3ccbcb19dbcd35a423d
25052e1f03373224855ed93598c95ad2a9eeaa00
447d67440ca288be454163a297e83e6817f78cd998ee66bf1a9c3f91c8ffea5b

HTTP Headers

GET /image/catalog/footer_logo.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Mar 2021 23:06:14 GMT
Accept-Ranges: bytes
Content-Length: 11033
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

tagdem.com.sa/image/cache/catalog/75A63951-471F-4303-B71B-AD1A698DB44B-1920x1280-category_image.jpeg

162.55.2.253

200 OK

230 kB

URL HTTP/1.1
tagdem.com.sa/image/cache/catalog/75A63951-471F-4303-B71B-AD1A698DB44B-1920x1280-category_image.jpeg
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size
230 kB (229512 bytes)
Hash
90e6c2c0422ab4b13c73a51a8ffc646b
b608907e884f2fadedfd0e23348da2d4031e398a
2420b4846bb315f714a91391a3aa7a36abf406026c6b09911120ed64c1640798

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/75A63951-471F-4303-B71B-AD1A698DB44B-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 229512
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

tagdem.com.sa/image/cache/catalog/CBEBE07E-74E8-41BE-8245-796AA6AE369F-1920x1280-category_image.jpeg

162.55.2.253

200 OK

158 kB

URL HTTP/1.1
tagdem.com.sa/image/cache/catalog/CBEBE07E-74E8-41BE-8245-796AA6AE369F-1920x1280-category_image.jpeg
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size
158 kB (157598 bytes)
Hash
b4a347d3b5079db13003cee21c7a2160
6b9e0b3fe6b0bd109ee0655fa957e9aebb4c43a5
ac3c1a94ab6dcde9f232caa27521c88527adc5007e83af7ccb12a11d4ad82092

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/CBEBE07E-74E8-41BE-8245-796AA6AE369F-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 157598
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

tagdem.com.sa/image/catalog/logo.png

162.55.2.253

200 OK

20 kB

URL HTTP/1.1
tagdem.com.sa/image/catalog/logo.png
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 425 x 660, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19676 bytes)
Hash
b983961280604030ab9374b95000c592
960991a9c40be32cd7c8fc2690831ab6dfbae90a
faeb5e4abd30ceef2612677bcb459d2a7045a51812013117ddd30a26ae701bd0

HTTP Headers

GET /image/catalog/logo.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sun, 28 Feb 2021 17:05:14 GMT
Accept-Ranges: bytes
Content-Length: 19676
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

tagdem.com.sa/image/cache/catalog/E972B965-903F-4CCD-BBFC-B5E996232B30-1920x1280-category_image.jpeg

162.55.2.253

200 OK

357 kB

URL HTTP/1.1
tagdem.com.sa/image/cache/catalog/E972B965-903F-4CCD-BBFC-B5E996232B30-1920x1280-category_image.jpeg
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size
357 kB (356755 bytes)
Hash
a3c780e9fd9ef8953c7f9a67d2d82926
b0853fd84cdc9edad321f26ff9f80c7a8df24051
9eccb4d91ca3a37fac6ac3178d6884d5e77c6368d9fb6e7391c2c85ab52ca500

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/E972B965-903F-4CCD-BBFC-B5E996232B30-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 356755
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

tagdem.com.sa/catalog/view/theme/default/assets/images/icon.png

162.55.2.253

200 OK

678 B

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/images/icon.png
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 42 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
678 B (678 bytes)
Hash
3635e97693f2f68be66332f1a53e9aad
8038ab64f667ed3fad63a93bade7aab44f2d55ee
3f384a4db2f4675fef338cb080e0a87202c787ae4a8a977aa6ea6bc11f1926f6

HTTP Headers

GET /catalog/view/theme/default/assets/images/icon.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 03 Mar 2021 20:03:12 GMT
Accept-Ranges: bytes
Content-Length: 678
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

tagdem.com.sa/catalog/view/theme/default/assets/images/white_icon.png

162.55.2.253

200 OK

721 B

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/images/white_icon.png
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 42 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
721 B (721 bytes)
Hash
614d6f5a731c3f4716d3b2e27beba1e2
9147617d668242b4350fb40f1de562f623e43c54
c92e50ed59ea5d9258f50fb7ae3efca86e5f3803e1f4e6e0c2b20227a1bb8a5e

HTTP Headers

GET /catalog/view/theme/default/assets/images/white_icon.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Mar 2021 20:46:40 GMT
Accept-Ranges: bytes
Content-Length: 721
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

tagdem.com.sa/image/catalog/exclusive.png

162.55.2.253

200 OK

498 kB

URL HTTP/1.1
tagdem.com.sa/image/catalog/exclusive.png
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 1920 x 925, 8-bit/color RGBA, non-interlaced\012- data
Size
498 kB (497829 bytes)
Hash
f23054452d13dc38d63cb281b79c7125
263612185120979e3a5c23e8554b225f53783ede
38b0218e5eeca0ae2a005542927f9e0b536cc1aaa3743523bc26e5ed3d2be481

HTTP Headers

GET /image/catalog/exclusive.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 03 Mar 2021 20:03:34 GMT
Accept-Ranges: bytes
Content-Length: 497829
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Regular.ttf

162.55.2.253

200 OK

55 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Regular.ttf
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
TrueType Font data, 15 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.TajawalRegular1.000;1bou;Tajawal-RegularV\012- data
Size
55 kB (55072 bytes)
Hash
d8304accb48d86d9361ad30569823a0d
f3c4f85dad20e30f20878022d0a26568555b7f97
497f243d6ef4f4360d55d4ebd474d5c9dc4d0891426e162f34fa37e7c37d90b5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Regular.ttf HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 22 Sep 2020 15:39:10 GMT
Accept-Ranges: bytes
Content-Length: 55072
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/ttf

tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-brands-400.woff2

162.55.2.253

200 OK

77 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-brands-400.woff2
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format (Version 2), TrueType, length 77400, version 331.17301\012- data
Size
77 kB (77400 bytes)
Hash
cac68c831145804808381a7032fdc7c2
62584b9868428fd75af3fc5ee2f9918dda428be5
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/fonts/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/lib/all.min.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 15 Jul 2020 20:59:48 GMT
Accept-Ranges: bytes
Content-Length: 77400
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3878
Cache-Control: max-age=104684
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:06:43 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:11:27 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

tagdem.com.sa/catalog/view/theme/default/assets/images/footer.png

162.55.2.253

200 OK

31 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/images/footer.png
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 886 x 551, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (30892 bytes)
Hash
ed0fb694f605e9fd82bffcc15ae6a4e1
cccaba7294cd3ab2e9108990c48dad8b787ef483
0958e231b0a861327dc8fb4ec3e3771821985623f8eca96d23fa2ab565e72906

HTTP Headers

GET /catalog/view/theme/default/assets/images/footer.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 03 Mar 2021 20:04:10 GMT
Accept-Ranges: bytes
Content-Length: 30892
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-solid-900.woff2

162.55.2.253

200 OK

80 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-solid-900.woff2
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Size
80 kB (80148 bytes)
Hash
c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/fonts/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/lib/all.min.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 15 Jul 2020 20:59:48 GMT
Accept-Ranges: bytes
Content-Length: 80148
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/woff2

tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-regular-400.woff2

162.55.2.253

200 OK

14 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-regular-400.woff2
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format (Version 2), TrueType, length 13600, version 331.17301\012- data
Size
14 kB (13600 bytes)
Hash
3a3398a6ef60fc64eacf45665958342e
5e4d45052f43e55aaad7f14d13280215e39aa45b
245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/fonts/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/lib/all.min.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 15 Jul 2020 20:59:48 GMT
Accept-Ranges: bytes
Content-Length: 13600
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: font/woff2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3f373bff74d65397a353587fea05e82f
f76493c055af0b08e83dff16c4252c581c165bcd
417bbf8a2b8cc3ee58d9fa4db4b14d1849a4787a606df3c6d1f2376d96558b92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5609
Cache-Control: max-age=129099
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:06:43 GMT
Etag: "6388c745-117"
Expires: Sat, 03 Dec 2022 16:58:22 GMT
Last-Modified: Thu, 01 Dec 2022 15:24:53 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279

tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Medium.ttf

162.55.2.253

200 OK

56 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Medium.ttf
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
TrueType Font data, 15 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.Tajawal MediumRegular1.000;1BOU;Tajawal-M\012- data
Size
56 kB (56284 bytes)
Hash
1472d65abf09fa765956fd3d32dadf48
18fecab4a7d562e918df5991bcdd1cdcaf27688e
26848fce2e7dfe2ccf87caff391c1173457cd2191f7e077a083d97d42eb6af2e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Medium.ttf HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 22 Sep 2020 15:39:38 GMT
Accept-Ranges: bytes
Content-Length: 56284
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/ttf

tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Bold.ttf

162.55.2.253

200 OK

56 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Bold.ttf
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
TrueType Font data, 15 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.TajawalBold1.000;1BOU;Tajawal-BoldTajawal\012- data
Size
56 kB (55520 bytes)
Hash
73222b42f57d11db8ed71c1752e121c0
b8b9548ff8e7cdd05b4817cbe02d1e16038dc1fb
abd4d0fc11d60ccdd5eb7c569fcd212885e1a463c0913aae33a0c3a45b07fb41

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Bold.ttf HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 22 Sep 2020 15:40:04 GMT
Accept-Ranges: bytes
Content-Length: 55520
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/ttf

tagdem.com.sa/image/cache/catalog/96D9BB98-83FC-4BE3-96EA-262D02F398E3-1920x1280-category_image.jpeg

162.55.2.253

200 OK

310 kB

URL HTTP/1.1
tagdem.com.sa/image/cache/catalog/96D9BB98-83FC-4BE3-96EA-262D02F398E3-1920x1280-category_image.jpeg
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size
310 kB (310077 bytes)
Hash
e21037307cc40a890c924b4e9cf01cfc
e570f22d153c4a3667086795a03e80969ef46817
dc544c3e2e0175cb38358e5d1045a67faefcba8f6477720230f1a30c15be89f8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/96D9BB98-83FC-4BE3-96EA-262D02F398E3-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 310077
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

tagdem.com.sa/image/cache/catalog/79526574-7975-478F-BDA2-D564D1C42068-1920x1280-category_image.jpeg

162.55.2.253

200 OK

370 kB

URL HTTP/1.1
tagdem.com.sa/image/cache/catalog/79526574-7975-478F-BDA2-D564D1C42068-1920x1280-category_image.jpeg
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size
370 kB (369562 bytes)
Hash
58c783b8818b23618bfd3228e8a59a60
84ea6042041acbaf0ca7ce34d6f2b59f1003b718
c12edcd3aa2b249e0021268e303b5914421a8c977f7d594557b495516ee31849

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/79526574-7975-478F-BDA2-D564D1C42068-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 369562
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

tagdem.com.sa/image/cache/catalog/B0CE1CC7-C069-4A62-B47C-1B6BEF71066C-1920x1280-category_image.jpeg

162.55.2.253

200 OK

375 kB

URL HTTP/1.1
tagdem.com.sa/image/cache/catalog/B0CE1CC7-C069-4A62-B47C-1B6BEF71066C-1920x1280-category_image.jpeg
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size
375 kB (375436 bytes)
Hash
ac0611885ecb95af2e548e2a73e3492b
4759b99edcdf9f38ee25e6764fb60ddb7ded42d8
0aa5f1ddb921cd183886a820af614203112770dfa8d44fd4550d779fa4f85149

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/B0CE1CC7-C069-4A62-B47C-1B6BEF71066C-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 375436
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

tagdem.com.sa/catalog/view/theme/default/assets/images/qoute.png

162.55.2.253

200 OK

5.0 kB

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/images/qoute.png
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 296 x 297, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (5004 bytes)
Hash
523ee05476e54708519da6202350de31
41107d421de0555618788c4443ea88bebe4c531e
722baee8daa6d32942613d352653d0d1703fd1f8fa0430e75cd264cd5fa28e62

HTTP Headers

GET /catalog/view/theme/default/assets/images/qoute.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 03 Mar 2021 20:04:30 GMT
Accept-Ranges: bytes
Content-Length: 5004
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png

push.services.mozilla.com/

34.213.121.129

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.121.129:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FdRe4AStDLQTMO5yO6pvOw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C2YP0Vox5kKLEfB3KzelAjNs6BY=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3f373bff74d65397a353587fea05e82f
f76493c055af0b08e83dff16c4252c581c165bcd
417bbf8a2b8cc3ee58d9fa4db4b14d1849a4787a606df3c6d1f2376d96558b92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5609
Cache-Control: max-age=129099
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:06:43 GMT
Etag: "6388c745-117"
Expires: Sat, 03 Dec 2022 16:58:22 GMT
Last-Modified: Thu, 01 Dec 2022 15:24:53 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:06:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:06:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:06:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:06:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:06:44 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 27117
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7722 bytes)
Hash
cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 26193
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 78662
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6752 bytes)
Hash
f0fc684e61682c4078a82ee3d901ae52
ea65ad98933ec58afa3fa5c7642491d77db7e6c2
5e953012dba2b85cfda5befe2448ab87fbc2432a071e11a33b44be4f5148a4a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6752
x-amzn-requestid: f398ce98-353e-4783-aa42-dbf1ad036ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepE6roAMF4zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0753d209291e197e7c6422a6;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JZAFwGz7kAWplsA1qeraQTjirrZb29JTnUPii5BcPg5tzxcBLtt0WA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:24:25 GMT
etag: "ea65ad98933ec58afa3fa5c7642491d77db7e6c2"
content-type: image/jpeg
age: 24139
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9719 bytes)
Hash
6e65083422468e512aa73eb68f20b2ec
73884daab5e71e4917637b3679c0bb5a1f0447de
f0d97bb9e3f01bbdbe91ba1f9b6ea0f649c66192383c51fe5c7ca9ac2a38ebdb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9719
x-amzn-requestid: c4ba3502-e191-40fa-8ae0-71dc6f733db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPjhHE8woAMFyKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382e606-70ab0e5523c91e5420efec78;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:22:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBn917CDV6DjSs9TAL2iBU0Rn8_f8ny1rAVXrbI9KML2P7pxusbdjA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:43:01 GMT
age: 5023
etag: "73884daab5e71e4917637b3679c0bb5a1f0447de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4834 bytes)
Hash
cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bBj-TXtavCuORZ9qBoZeVj-GXeRljAeW-98HY7lTk5_VRSKF4_07VQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 04:22:38 GMT
age: 2646
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

151.101.129.229

200 OK

67 kB

URL HTTP/2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
data
Size
67 kB (66826 bytes)
Hash
8fcf4b887a890ab7d836de2b1c85461f
11390f63782b97f3dd7911b0b31a223db9a4f660
400dcf769f3712271a53031e178dbc79f147271e7f6536583d67efe3c650e024

HTTP Headers

GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 05:06:45 GMT
age: 22103961
x-served-by: cache-fra19156-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2

vsb83.tawk.to/s/?k=638987e50b1cb1cc369fdc47&cver=0&pop=false&asver=10&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjkiLCJ2aWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjktUG5iNUUwWVg2OHZ2QzNrR1AxS1ZYIiwic2lkIjoiNjM4OTg3ZTUwYjFjYjFjYzM2OWZkYzQ3IiwiaWF0IjoxNjY5OTU3NjA1LCJleHAiOjE2Njk5NTk0MDUsImp0aSI6IlBtN3JHeFE2d2pUcVRUNmh6aWVGbSJ9.oPKWVcYkHLq9yvtCRKs9CA2n3aJ5U-6BdtLrDyjPKX_-lpQ5dBA3elrckUKAJkvs1htEk3XJy9VXAnCcXtVwHQ&EIO=3&transport=websocket&__t=OJHEj5A

172.67.38.66

101 Switching Protocols

4.5 kB

URL HTTP/1.1
vsb83.tawk.to/s/?k=638987e50b1cb1cc369fdc47&cver=0&pop=false&asver=10&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjkiLCJ2aWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjktUG5iNUUwWVg2OHZ2QzNrR1AxS1ZYIiwic2lkIjoiNjM4OTg3ZTUwYjFjYjFjYzM2OWZkYzQ3IiwiaWF0IjoxNjY5OTU3NjA1LCJleHAiOjE2Njk5NTk0MDUsImp0aSI6IlBtN3JHeFE2d2pUcVRUNmh6aWVGbSJ9.oPKWVcYkHLq9yvtCRKs9CA2n3aJ5U-6BdtLrDyjPKX_-lpQ5dBA3elrckUKAJkvs1htEk3XJy9VXAnCcXtVwHQ&EIO=3&transport=websocket&__t=OJHEj5A
IP
172.67.38.66:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.5 kB (4478 bytes)
Hash
4d6951f2abe146a74c3d52917ad53ac2
d33741751a816b64d3860c64d9aa8b66e2ce7d69
89f515ea82eceacf6b76adc3e584983413099ebe1d1a421bb6f5e4932781fec3

HTTP Headers

GET /s/?k=638987e50b1cb1cc369fdc47&cver=0&pop=false&asver=10&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjkiLCJ2aWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjktUG5iNUUwWVg2OHZ2QzNrR1AxS1ZYIiwic2lkIjoiNjM4OTg3ZTUwYjFjYjFjYzM2OWZkYzQ3IiwiaWF0IjoxNjY5OTU3NjA1LCJleHAiOjE2Njk5NTk0MDUsImp0aSI6IlBtN3JHeFE2d2pUcVRUNmh6aWVGbSJ9.oPKWVcYkHLq9yvtCRKs9CA2n3aJ5U-6BdtLrDyjPKX_-lpQ5dBA3elrckUKAJkvs1htEk3XJy9VXAnCcXtVwHQ&EIO=3&transport=websocket&__t=OJHEj5A HTTP/1.1
Host: vsb83.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://tagdem.com.sa
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lwEpn1uc8kM/lth3p/zBzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Fri, 02 Dec 2022 05:06:45 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: FNjlRFUqBTZkxBivH9QnPH7pgd4=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 773188f9bf320b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"9075c2f5460b2832318d3c7217cc68cb"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188f0d92db515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tagdem.com.sa/catalog/view/theme/default/assets/js/lib/swiper-bundle.min.js

162.55.2.253

200 OK

0 B

URL HTTP/1.1
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/swiper-bundle.min.js
IP
162.55.2.253:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/default/assets/js/lib/swiper-bundle.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Mar 2021 19:14:28 GMT
Accept-Ranges: bytes
Content-Length: 141757
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188f0d92eb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188f0c921b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"bde99510bdf9ab7bbc9ce82519a19a36"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188f0d92cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188f0c926b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/60e581b3649e0a0a5ccaf6b9/1fa085ar3

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/60e581b3649e0a0a5ccaf6b9/1fa085ar3
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /60e581b3649e0a0a5ccaf6b9/1fa085ar3 HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:43 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-637ddf31c8f"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188ed1e75b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (37)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations