r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9720
Expires: Sun, 05 Feb 2023 15:00:54 GMT
Date: Sun, 05 Feb 2023 12:18:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6504
Expires: Sun, 05 Feb 2023 14:07:18 GMT
Date: Sun, 05 Feb 2023 12:18:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17247
Expires: Sun, 05 Feb 2023 17:06:21 GMT
Date: Sun, 05 Feb 2023 12:18:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 11:36:17 GMT
content-type: application/json
age: 2557
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CqHMF9f5nioDYv6SYWIyHG4AK7WEyLFU6908FmHMNNVDPKy8p9syJSqJvQ6K38NJ3EWcbvX2EHs=
x-amz-request-id: FNK5NKZ0WK48CCDM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 11:53:15 GMT
age: 1539
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 12:18:55 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
216.58.207.200302 Found 253 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
IP 216.58.207.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 68bdd82de0620e0f2ae5f2728b4a3ac6
8e6426bc586031e43cb0a17a917e3d225d3aee1e
4e913112163e1abb8c2a9e485ae0acf4456e36c598e52f8d53bc63aeb2d6e7a9
GET /gtag/js?id=G-MNTK4YVF83 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 05 Feb 2023 12:18:55 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 253
X-XSS-Protection: 0
www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
104.21.77.237200 OK 26 kB URL HTTP/1.1 www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
IP 104.21.77.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9747)
Hash b0845a75f3dde6a37db085618fddc0a7
c7d895ca993704f253ef31d3dc80808e41cd31fc
5045370b8843759b7a7c4ded9854ec04fb38924b4b38a98b524f3bb920a8ed92
Analyzer Verdict Alert fortinet Phishing
GET /personal-finance-ratio-al-rajhi-bank/ HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://www.saha-banks.com/wp-json/>; rel="https://api.w.org/", <https://www.saha-banks.com/wp-json/wp/v2/posts/5817>; rel="alternate"; type="application/json", <https://www.saha-banks.com/?p=5817>; rel=shortlink
Cache-Control: max-age=7200
Expires: Sun, 05 Feb 2023 14:18:55 GMT
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mn%2BsyKR4NAJu4JfVUgswphTAVmvpaJim9RXBrO8q0pdFnKOlOS5V68bhwqfi%2BgJasi8FyTg3rm8RkuqGalGm1AmvjJsZvjIK52Sj3FNVgPYuaMVDgIflBwmwjSsOKwr4f%2FFPFnw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b97645ac1b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
216.58.207.200200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
IP 216.58.207.200:0
File type ASCII text, with very long lines (21849)
Hash d7ffc01be4482f1b561c655a1628ea2a
d23bbb12be3d0eb2d17019e92422c550ce99b7f9
dd0911174f07507af2a27868fb0f4ae909013079e03ac76d166398d5674de3df
GET /gtag/js?id=G-MNTK4YVF83 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.saha-banks.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 12:18:55 GMT
expires: Sun, 05 Feb 2023 12:18:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77570
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 12:07:20 GMT
age: 695
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a2bfabc815ba56120ade4bfc0fe007e
b177ba4638d18807f951d65726c7f3c9ce4948d4
70143b8abd4a80d2619ce5af7a71123d14add5a1b08f3b47f3f47b946a3bea14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=119905
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:55 GMT
Etag: "63ded010-118"
Expires: Mon, 06 Feb 2023 21:37:20 GMT
Last-Modified: Sat, 04 Feb 2023 21:37:20 GMT
Server: nginx
Content-Length: 280
www.saha-banks.com/wp-content/uploads/2023/02/%D8%A3%D9%82%D9%84-%D9%86%D8%B3%D8%A8%D8%A9-%D8%AA%D9%85%D9%88%D9%8A%D9%84-%D8%B4%D8%AE%D8%B5%D9%8A-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9-390x220.jpg
104.21.77.237200 OK 16 kB URL HTTP/2 www.saha-banks.com/wp-content/uploads/2023/02/%D8%A3%D9%82%D9%84-%D9%86%D8%B3%D8%A8%D8%A9-%D8%AA%D9%85%D9%88%D9%8A%D9%84-%D8%B4%D8%AE%D8%B5%D9%8A-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9-390x220.jpg
IP 104.21.77.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 390x220, components 3\012- data
Hash 006462e358d4770a135abbfec4790a60
3b52580a3ec38c3fcce8070980d44bfa9db5de1d
4337338e282873496e81607aab82bcf6ca49ca5b5e4a660791acd4fe5c26e028
GET /wp-content/uploads/2023/02/%D8%A3%D9%82%D9%84-%D9%86%D8%B3%D8%A8%D8%A9-%D8%AA%D9%85%D9%88%D9%8A%D9%84-%D8%B4%D8%AE%D8%B5%D9%8A-%D9%81%D9%8A-%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9-390x220.jpg HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:18:55 GMT
content-type: image/jpeg
content-length: 15858
last-modified: Sun, 05 Feb 2023 10:44:54 GMT
cache-control: max-age=86400
expires: Mon, 06 Feb 2023 10:57:15 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 4900
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=777t3kdyc9d9NAbv99ambD29qQHjaQCmuIScyYYOID37dVhpgnPcapnfyvsd3NH0teIjK95bqF9Vve4tQRgA7jI0%2BUtDvsQBdL56%2FQFt9LcqAs3VZVf4UQz3Go8EZdrZ7A0qMz8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794b9769fed8b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.saha-banks.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212
104.21.77.237200 OK 458 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212
IP 104.21.77.237:0
File type ASCII text, with very long lines (1156), with no line terminators
Hash 0700905b705f44f6bef08b2726874c21
99ad11afd1a04122f39a2a05aea5b60ff9dbb812
af2c2830705f77b6784a2635b3cadb5772c025de8f878ad14abab0feb1e81925
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:55 GMT
Content-Type: text/css
Content-Length: 458
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:26:49 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AL42VnhxtlHHr%2BfrDbJ5zDUpTzIz6e5fu8ihu17UfFGy%2BRE3RlkFszbE5uFtBiofNcu%2FxtOeBOZLbmYEz4tPz%2FLMk2yx8OEhQUwP07ES6wpnkp72C%2Bf33QTSpff6i%2FOnrsGmExI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b9767ebe9b4ff-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-includes/css/classic-themes.min.css?ver=1
104.21.77.237200 OK 189 B URL HTTP/1.1 www.saha-banks.com/wp-includes/css/classic-themes.min.css?ver=1
IP 104.21.77.237:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:55 GMT
Content-Type: text/css
Content-Length: 189
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:13 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bqb8gwF7N8sehc4J1IBdeEgZwfSR1EV4eShlaCkxyx6OrIjvOXje2iDWU5lCNKrM%2FdLGDkcYR2uliC2U6N1iB9MV5Jl0zf7JhuLSNkMozAKlDXHtFKmdeNV4klVHOOdPONzKVB0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b9767ef43b4ed-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a2bfabc815ba56120ade4bfc0fe007e
b177ba4638d18807f951d65726c7f3c9ce4948d4
70143b8abd4a80d2619ce5af7a71123d14add5a1b08f3b47f3f47b946a3bea14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=119905
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:55 GMT
Etag: "63ded010-118"
Expires: Mon, 06 Feb 2023 21:37:20 GMT
Last-Modified: Sat, 04 Feb 2023 21:37:20 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6625
Expires: Sun, 05 Feb 2023 14:09:20 GMT
Date: Sun, 05 Feb 2023 12:18:55 GMT
Connection: keep-alive
www.saha-banks.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1
104.21.77.237200 OK 12 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (42000)
Hash 5c15986a7f6f7c940ea94de8a0b79fae
32a30e717b4aaba9d4d0325d00c0cad154cb8639
20a931a1c53300760bc2cacfcaea3b877b08053a72998b45f216061c27617e40
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:55 GMT
Content-Type: text/css
Content-Length: 12209
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeMe7MjMf%2FAgAu16peXqvq4MBN6xzfDC9q11IblwSwkP5XKU5LnDY2xyVsDbs%2FOiUpBWCFr2S9hc90ZnCo1W4AnPBB65xiZYXyXSGMqwOeH8kqZwnutHfzUUA63s0%2FwGz%2FW8CAY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b97684fa1b4ee-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.3
104.21.77.237409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.3
IP 104.21.77.237:0
File type HTML document, ASCII text, with no line terminators
Hash e829932e22695ee36f418b1727ce20b5
78ca46a8720d70016a310664806b46fe0ab0540e
ee5fdc8477652217ccfbe1e39f14d4c4d74f291c1c1fa42045e1a4f87c2cc18a
GET /wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.3 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 409 Conflict
Date: Sun, 05 Feb 2023 12:18:55 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3XRlHgvu1EdCiaefJu5x%2BEvn0hEhgzUHxOAtepXatklUMWb%2BYM2%2B45f8W7xLFe6jIQKn3fPv3SDn8%2FKOdkXSdUniRrcfVMZyHtFqtlzgJVB5ssTTWVNoPmIvOeMHkKug3kh%2F%2BY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b9767e842b4f9-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
104.21.77.237409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
IP 104.21.77.237:0
File type HTML document, ASCII text, with no line terminators
Hash bb530cdbf6dc9a79902bf7096185acd1
80c744e4c7fed2059a6fe3ea09968442f2f990cc
6c67e326683e75dabf955edd521bfee6fabaefe06a455421b5d6dd7bc97b8aeb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 409 Conflict
Date: Sun, 05 Feb 2023 12:18:55 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUX37vgxXJHDmWi%2Bqq8kh%2B%2Brfx5Ru125b62gsHOSZDVFNpLVtVZXXtuG1TbzivftHIkiwTnUbKeefNfuFnUFQCCSb70c%2Bjvnck7UwWIfzbvNhVcaMC0JpG3YJwo%2Bjb2nVPIfqPo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b9767ec290afa-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1
104.21.77.237200 OK 18 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 28f05939dea4edca059c244cc702bfda
7e40e0235f2f7bc4d9f95dfa3f1773de320c3b28
369b0dca347d53e862ff6a7971f1a7d175648b13027e56c1d397d5e8266481a6
GET /wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 20:34:09 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FrFJZ0NTs92ofOG%2BMvas6xPOK8ISGyuTihrYaDRYO7fISSQzCpBfs7Da3id9ICBKMKlLNFPQ1Yj4n%2FjAtqlGpXGXQyYVPakkOwyD%2Fcx9d5EVlgSMfIOWQjc5HoyL7%2FEMIGa1KA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b9767e9cbb4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1
104.21.77.237200 OK 12 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (47525)
Hash 1a49f64a9824ac7858e559a933e9eccf
caa8b49e61974a81da01a9032393216a05995810
175a7a8805e51048305f212a6f54319606a725044a229190262511468e569a81
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: text/css
Content-Length: 12354
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJOTNNjlkJ3T%2FI5p0kmqblESwPP78FXS5EVJInEVIzaQVgEd%2FXngar9Bfg6vblvjIDrBi76O%2FE37fDPRY%2B9g3YOiCY%2B%2FJxU8DuOXrDWpX9Sww5WFyQTKqOnz%2BKsHt52E0LdnsyE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976a2a22b4ed-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
52.35.3.113101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.3.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: moYX+84ubCwX1HLOiTtfXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1JEu15Zkd7wpqLC6HPBYhJysWFs=
www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
104.21.77.237200 OK 10 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (40185)
Hash 638ef4cc88b27674ebd9a1355c29c61f
8f532be7574576baa2c56ad1c6c2652296bf0c42
993f335862fede763c118e404999ce60f88e9b870ee07de9e6e1579f7e556df5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: text/css
Content-Length: 10255
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPrQKaS50Si%2BnQB9HC%2FKM5Ny4mkC1%2BzI3UC6PHbwGXnLsaKAbUEPwWvzkpIyICxe4oxCZBz%2FaKzbHQZWd0SykQo0NNYzDOLwye2Llup5mqf3k3O4CjGTljJ8km9P36nU%2F5KPNfs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976a7ad9b4ee-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.77.237200 OK 655 B URL HTTP/1.1 www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.77.237:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 16:56:26 GMT
ETag: W/"63dd3cba-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6QA%2FeiP10JwCMbY00KoaHYpGmQpEdGCiQ1dYuWof5wv3%2Bv493JgC56LByuFLIFQwME9zQvEqxacC%2FDllVJn69SEt3tc0DYro0Gl62EJPu%2FpJJDZOBw%2FvDzZNKWGzx9O5LgICjk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b976cbd3cb4ee-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 07 Feb 2023 12:18:56 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.21.77.237200 OK 3.9 kB URL HTTP/1.1 www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.21.77.237:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 16:56:26 GMT
ETag: W/"63dd3cba-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Oy%2BM1Qgd6xj2tmw5XL8x13wmfDjZFYgyzMO2E9dUr%2FxoTVCGT9cycaD2%2B7AV38HwyNjcoYPT9yyvcAn6hOSreItRKUTtOyGPBxtH9DJ%2F%2Fx%2F565IuV622mHIx626xpR7Uj3aOi8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b976ccd4eb4ee-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 07 Feb 2023 12:18:56 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1
104.21.77.237200 OK 2.9 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (4936), with CRLF line terminators
Hash 11ef5282e4e1793227bcc1aff992219e
11990fef6eb1dcffffc40fb12f770a7aee21251c
c419b80ac34071cc030d0e26427de827a30f1d58b03e51f72d13126a7c11bb4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: text/css
Content-Length: 2928
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5ZnKcggDqcXpBBh8%2FRhlvLHixEgwoE%2FSCwXY0XLXdBwSSWhBN1Bm3yBI9siU3OSc3GRHxJA9sDFEdOg2%2FBKbuVvSqRTkZ0yID9R%2Ft8azBDQCWoEu0mjnLAwXd3Xbx8aQLAd6po%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976afef10afa-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1
104.21.77.237200 OK 12 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (58661)
Hash 0913411c20bb983546f234d4685b40be
52b1104571de6fe046f0b76fece038bb06f7dcd4
1342814f0b2a66024a055e2037caab0bac8bdefe26a194d4a2605f13ab4cdc5f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: text/css
Content-Length: 12516
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfGKEC7HKcBxKmdcR9Xpy3hkyAp%2BiSYCE3NgoBE2m5TkcM05Dg3ptVysfVvfnKN57p6gVXuYWCDkWh0Auv1IfywdlAugM6%2Bj4h7ruRgHmt7VY%2FxJrGY%2Bwz8fsZhXIe4GFbIVnYI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976afcc3b4f9-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1
104.21.77.237200 OK 40 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fd0cfb25ff8ba12d3d717f5a1cdd0b75
9f0509a79961728b5554633b4ead59392919002e
3720e4aa3059e4a23d21ab677d701392fdff1cb43ad037521daa8a1be5bccdc6
GET /wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Jxkuz72Xc0xBhZBKDd9KFNMRZmKuEhYOSSrcUlt%2BfpG01axvJTmibe4qD758NC%2BT6vpSz8qtxrk8QP2hirpxcDvugo12%2FguuYzeWIsdcAeQLhBVos1cexmzlAmyEh2qQ3z0zBY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976a2eb8b4ff-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1
104.21.77.237200 OK 13 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (46574)
Hash 54c898701c208d545bcba86cda4f31f6
bce6775632f3f76fbefa139b20ca6a563c242e03
24a761a2ec326cd6ac52be7e2b9fc11618a4db76eb28ad132cc331f1e9c58e6b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: text/css
Content-Length: 13233
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPguLLyTVb62obgKSu9YXszWLRx8G1BYa8MWdEk%2FWXeadMDqnjieB90LtubWaLjwNqa9OS8brDHhUL9pEC43uGxkpRAN6bphm0L4x7U17Ro2I%2BEdWK3g42ztSr%2FKIRr8CeIWuVg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976b3e6ab4eb-OSL
alt-svc: h2=":443"; ma=60
region1.google-analytics.com/g/collect?v=2&tid=G-MNTK4YVF83>m=45je3210&_p=515572487&gdid=dZGIzZG&cid=981826564.1675599576&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675599575&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fpersonal-finance-ratio-al-rajhi-bank%2F&dt=%D9%86%D8%B3%D8%A8%D8%A9%20%D8%A7%D9%84%D8%AA%D9%85%D9%88%D9%8A%D9%84%20%D8%A7%D9%84%D8%B4%D8%AE%D8%B5%D9%8A%20%D8%A8%D9%86%D9%83%20%D8%A7%D9%84%D8%B1%D8%A7%D8%AC%D8%AD%D9%8A%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-MNTK4YVF83>m=45je3210&_p=515572487&gdid=dZGIzZG&cid=981826564.1675599576&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675599575&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fpersonal-finance-ratio-al-rajhi-bank%2F&dt=%D9%86%D8%B3%D8%A8%D8%A9%20%D8%A7%D9%84%D8%AA%D9%85%D9%88%D9%8A%D9%84%20%D8%A7%D9%84%D8%B4%D8%AE%D8%B5%D9%8A%20%D8%A8%D9%86%D9%83%20%D8%A7%D9%84%D8%B1%D8%A7%D8%AC%D8%AD%D9%8A%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-MNTK4YVF83>m=45je3210&_p=515572487&gdid=dZGIzZG&cid=981826564.1675599576&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675599575&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fpersonal-finance-ratio-al-rajhi-bank%2F&dt=%D9%86%D8%B3%D8%A8%D8%A9%20%D8%A7%D9%84%D8%AA%D9%85%D9%88%D9%8A%D9%84%20%D8%A7%D9%84%D8%B4%D8%AE%D8%B5%D9%8A%20%D8%A8%D9%86%D9%83%20%D8%A7%D9%84%D8%B1%D8%A7%D8%AC%D8%AD%D9%8A%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.saha-banks.com
date: Sun, 05 Feb 2023 12:18:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.saha-banks.com/wp-content/themes/jannah/rtl.css
104.21.77.237200 OK 10 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/rtl.css
IP 104.21.77.237:0
Hash c8916d805e401072c3e814c0b4893f9e
7245a0f7dcfdaca731de648bb9ebbf34942a3177
1ab7417c5db7f6730a2633765151f158893ac8c134a08d796a8930c5781a30bf
GET /wp-content/themes/jannah/rtl.css HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: text/css
Content-Length: 10111
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LTsPpWQQcEZw583au2wKlI5UZi1V7L593kzAC9zB6FJg2uCTf9EIpzve1yehCdhRHLN50rm5Ay19GZH4GAPTcTYoiHDNWB4Cs1YpZHQ8GeT%2FfF9B7QhtUg5YGE18ggU2vgWeJA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976c5cdab4ed-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5430686658500835
142.250.74.66200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5430686658500835
IP 142.250.74.66:0
File type ASCII text, with very long lines (3649)
Hash b3de1268cda4dc00728a0c43220fae70
166d1bd05a4c1f2ffb1b7571ca5f455629403456
706633e86fe8987f20067ffbaf43116e742c16e811982f59a1f32396956eed51
GET /pagead/js/adsbygoogle.js?client=ca-pub-5430686658500835 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Feb 2023 12:18:56 GMT
expires: Sun, 05 Feb 2023 12:18:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12886448283693063937
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50193
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415
142.250.74.66200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415
IP 142.250.74.66:0
File type ASCII text, with very long lines (4879)
Hash cb581c9f2217880ead859ffd75ddcaa9
1290d8826282aaa30fa920cf0a80c3c98afdb9ae
11c0f22b3a580e6288f0dddc24f5232265ccf27e3f19173e4c50acac3bbcaf28
GET /pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Feb 2023 12:18:56 GMT
expires: Sun, 05 Feb 2023 12:18:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10599566546277406232
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50036
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saha-banks.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1
104.21.77.237200 OK 5.8 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (13532)
Hash 9bf567f02589ecd685ea926901d1c3ae
ca48792eabbc9cd167bab26dc52728711ba5b3e0
6ba8506c5aac579499e3eb9022d0972ccd31199774b8e8a7e0e8629f46a13f64
GET /wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: application/javascript
Content-Length: 5752
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiKNUrIQFUotqCCE6EzqGNlJKJHCZsK8WvyxP7wgx%2F9F23GbE6dkp9pQ6pgvaxERNypUQcaQe1dxU0ebyJiLs8m42Xz%2FCUNDg7CCDFDWkf3mKZXGfq0GIk127xnOU%2BllMD9YXHs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976eb818b4ed-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1
104.21.77.237200 OK 6.8 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (18002)
Hash 08f3564fe02643f632af8db483079dec
fd5897658a57986b46a3dc88e2c6f129412f0e7b
f21a0152825b0609135e73a0077a3742c2add8eea66a6ba1167fbcdb5e0e0421
GET /wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: application/javascript
Content-Length: 6771
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1Rt6HR9WOMq%2F5rVewOBZVpFw%2FtXk6ZE23D4YgCsQ%2BtHl958WPXUq5zzYWBgDvLyLlagwu6ojBjEcsHC5tyMCK319GRGn8EkUh4glwA4CIMjZ4n3qZSUUv6S%2FcRZWbMD1eQi5fs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976eba470afa-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/css/print.css?ver=6.0.1
104.21.77.237200 OK 702 B URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/css/print.css?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (1760)
Hash 8ea40413b0999dedb6605ebeb8bb610b
2a6428bdb0a9e53bab87ed5f8d2d1e5c015de9de
2ce6e8aeb208877c5e6c046177a7a739600417b7da2e747eea36d22ce722e8bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/css/print.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: text/css
Content-Length: 702
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BaOswd1Hxbzuhd9LUtGMsjJ3qHvM5VJsT2Nan4kxA3a4UTnBI9IWHNkyA5n7iVoQxJuY3klfupd%2Fo5cTIktcjL16msXQIZoyqdKBufAVGnxHkG%2BFOyF37tic0jMJBLXQV9qdIU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976e9b05b4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
104.21.77.237200 OK 41 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP 104.21.77.237:0
File type Web Open Font Format, TrueType, length 40812, version 2.0\012- data
Hash b5b7e935f421e6ca7967b036fb08afd5
38a99c496548c5d2ee22c6df3b9dfd5081a73332
f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: font/woff
Content-Length: 40812
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaBPMk6f9h6oJbnxxPtx74xyJ6kfhrsuNnP48x6BrOhM42wDYJ4fLKBoG0o7FEx4QbGX2P1cdiIlbxhb2qntWUEWn8r9mHE0q0mns70yoRz5GC2pNvLaThWzfLMp02IhWjuV5Og%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b976e8d03b4ff-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1
104.21.77.237200 OK 2.2 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1
IP 104.21.77.237:0
File type HTML document, ASCII text, with very long lines (5548)
Hash 54ee2458031284f8ff653682b1afcdd8
fec4e94be86f5fdb938f0048cbb977a84bd8f3dd
d65f2e5c8b694987dbfc42359cc5ea3092b7e878b67cec45ed5c353d5dc06771
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: application/javascript
Content-Length: 2194
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BqElYpQJ2sJZkLP7pbrQxwPWOBkfm4BZkslRHEgJ5k5Od%2F%2BVUJQ1JOSeKZ7et%2B6Ix0hWzhHjk%2F9310ZLU267ZRzmT4tQvaQtM0x8yq9i1p4exbjDj%2Ba7r8qlUbINh6aHthHML8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976eb966b4f9-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1
104.21.77.237200 OK 32 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (2026)
Hash 04c34bd00edeca5e9f0067d8de727263
8303c1c817ef8f2719dd26ff9ea7ab3fe878163d
a7ba5f9c7bb2a1eacaaf3d91ac38ed27ab66548379884936e7cc890834e351c9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obXs8p2EsWJ9zzidVXOeIlxmLJ1cysEdNV900yOGP8HarieAajjam5Bgbdqr12NrjEHmNfLde7MnPl5eJfZNIWndwPAX1rbqzMdjPJlZTxJcGOmoEdEXi8Naqv7%2BIAukJgv3jyA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976ecfbfb4ee-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
104.21.77.237200 OK 4.6 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 104.21.77.237:0
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: application/javascript
Content-Length: 4618
Connection: keep-alive
Last-Modified: Wed, 18 Nov 2020 21:36:06 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FzZddr3eSasAdlkUZLcfXn5h9NnkTUii91SmtpBvrqmAEB8K07Q8A0cdDA%2FpBVCg1bnersi7%2BTUSr%2Fu95B%2BtrvB5BTvoLXoDI41ktxQATqSXcTCBBhPk8K%2FQpFejzkWcA9i3Y8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b9770eca0b4f9-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1
104.21.77.237200 OK 9.3 kB URL HTTP/1.1 www.saha-banks.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1
IP 104.21.77.237:0
File type HTML document, ASCII text, with very long lines (23452)
Hash c71948baa7efc749b427fa84f76a17b9
906d046ea213beb93d6c02eb68bfb3cfa10edb48
3bbe2e1e4b4982f5e17d8fb150f0f45f2362122f5a845c3090cbb4153e5aa5d0
GET /wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: application/javascript
Content-Length: 9292
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPJCMvDJXXsvU5LXrNukiZvJbF3n471CFI8R8WM6KMjEwFCTw4t0cFOp9Jel8bccbhL3scSKYzpQqMajpS8OuMnhJM9V2f83qn3pJdrTpb4Jdesu%2FjNwr%2BRWsSL%2BMslJsuhmgvw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976fe9a3b4ed-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212
104.21.77.237200 OK 2.6 kB URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212
IP 104.21.77.237:0
File type ASCII text, with very long lines (6091), with no line terminators
Hash 04707e026d958b0930058e62e149a320
5add6ddce69863946c147d32b8b17ebf8d996270
25ba9835e3b974f8f386b819df9e9458775f30cb4d5411f4264f754be09659ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: application/javascript
Content-Length: 2574
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:26:49 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ocaDbM6ggJH2kvTXpYFHYCLizMb4NdHSecaFklt8lSZpypSkVqlMq3pXTS00NjboXOLsz%2FRoMwoCoMdndXJr8o2eaVtIMY2aOMECYaycgBKqerHflWI27yk6D0Jm246%2BH7KdYM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b976feb620afa-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675598400
104.21.77.237200 OK 15 kB URL HTTP/1.1 www.saha-banks.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675598400
IP 104.21.77.237:0
File type ASCII text, with very long lines (32018), with no line terminators
Hash e157140d157856e7dbc8416143fa07b6
ffbb7168eca882c7460e8c68894432d4ce4621a4
2920d3425f4d2bac4761b3aa29df63d0d2b9d0238a6af36d0b28a7c03f22328f
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675598400 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQBVSRExqUjxNNkfIf2%2FkTcOFHk%2F4qmfiWSpLrg%2BxVVUUkQg3jNeXzVtDQvmVmbA5t84rHDRc0UbePVjlRVDYOTy3%2FLmC%2FjZzycejXUSvPslRIaeqdp8a9HOGBcw4CQUQY3s4RE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b97721cb5b4ed-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
104.21.77.237409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
IP 104.21.77.237:0
File type HTML document, ASCII text, with no line terminators
Hash 28a34dc88f7fe8f2037f8486bce09a2c
ca078e5ef29fa15cf0f1fb37673ac8565510d280
c9873e8581eb4925a698052b2e6ac6f00f549cb25bd7cd4307914f328cf8c297
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 409 Conflict
Date: Sun, 05 Feb 2023 12:18:57 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69qnRC76q2cXbocoTQoixfsQ7lX3ikYUt2NNd%2B9poPfZtlITZNJ605rtsReN5DpWMxWs4NnsOi2pQhuoF1%2Fxfobv7grPY0uyiP7MQoUeaaFvm8XWi5LfMuNB3z1K0R4CmHe4S6g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b9770ce0bb4eb-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
104.21.77.237409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
IP 104.21.77.237:0
File type HTML document, ASCII text, with no line terminators
Hash 7811c9281e32db92d420717b25eb0aa2
66e1fdcc7526aa435daf4215b3ef9bfbcd7db9d8
047a2615ad9a023959ff948bc7d6ad4a9e30fa9661b6625197a1003e03ba1426
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 409 Conflict
Date: Sun, 05 Feb 2023 12:18:57 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ce3zVIMOaxhcyBLNSHswMZmvBoo6gKFkuqsiw%2FDw2na%2Bqu8KSvlw8YYzCLAgJY1YecUleBUTPnRxYkddHg45qdp5avK43fdpagLeZMVMbeXz5rvwpbqvhTaLCQoXpKIVKP5YMe4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b9770dfcab4ff-OSL
alt-svc: h2=":443"; ma=60
www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
104.21.77.237200 OK 3.9 kB URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (1577)
Hash 0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:57 GMT
Content-Type: application/javascript
Content-Length: 3861
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 20:34:15 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXdmnefctMTLo1zTCyfZmO1hSSbGXD4%2BsyXIlFflRcVMpp2EEQP%2BaxbFKGYbKgk5J%2B%2B7QMxorrNTRcUoXfTVzn4Fv5TwWsH2QoFKrnZv4xc45EBUKHv3RWQBhY9zXl33lmJ4kL0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b97720ecab4f9-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20541
Expires: Sun, 05 Feb 2023 18:01:18 GMT
Date: Sun, 05 Feb 2023 12:18:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20541
Expires: Sun, 05 Feb 2023 18:01:18 GMT
Date: Sun, 05 Feb 2023 12:18:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:09:58 GMT
age: 50939
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:30:31 GMT
age: 2906
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 30958
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:24:01 GMT
age: 3296
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IxfTibTq6T_wq9a5YCIBZLBb70BI7AOLEAYMYYuMZPhvVKjDbFfrvA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:52:08 GMT
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
age: 52009
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1f3df5bbad5048923e29c0767d703d3
48c408d37a7bd7f96653174359178eed46ddf298
c8bae041c3d64334964b2aa771a07bc2709ced4c497e1795f864d9416fed728f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5801
x-amzn-requestid: 441284a8-923a-4b22-b39f-95dec713c292
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fjj9jHu_IAMFZ-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d7b389-788174a773fcd695540cc95e;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 12:09:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DgvqiQwdytO2caPNzg2OhGcv8ly9N_YeQTzpuf6iwAVt8AQZEXRLqw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:44:03 GMT
age: 52494
etag: "48c408d37a7bd7f96653174359178eed46ddf298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
104.21.77.237200 OK 5.3 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:57 GMT
Content-Type: application/javascript
Content-Length: 5321
Connection: keep-alive
Last-Modified: Tue, 12 Apr 2022 17:26:24 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqLGZO2Y9ZnZSXtfIj9xz8i4cieFsl%2B%2FnoAXpTU7KEGhK9e6JnbKj1NckQrJUZkKdoN1Ni3zpKxQTwjPzew2%2BPcCUA3ahTJsMRn51SM9AKfmSjF3Fu9saIqCz1V9X4Lk%2Fb45%2BGE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b97723ce2b4ed-OSL
alt-svc: h2=":443"; ma=60
2.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g
192.0.73.2200 OK 8.1 kB URL HTTP/2 2.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 140x140, components 3\012- data
Hash c25cbc4a9a13cad4cd9d4763afa94359
d9fbab0918619a9094338198020ed46792fd801e
e2ac7c902c15f2367a7de997362ec45490b4a4b72a7282cb13ea896c78d607a5
GET /avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g HTTP/1.1
Host: 2.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 12:18:57 GMT
content-type: image/jpeg
content-length: 8076
last-modified: Thu, 09 Mar 2017 15:27:12 GMT
link: <https://www.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g>; rel="canonical"
content-disposition: inline; filename="e683bd3c16c93896774f76c132ffb44f.jpeg"
access-control-allow-origin: *
expires: Sun, 05 Feb 2023 12:23:57 GMT
cache-control: max-age=300
x-nc: HIT arn 3
accept-ranges: bytes
X-Firefox-Spdy: h2
www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
104.21.77.237200 OK 39 kB URL HTTP/1.1 www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 104.21.77.237:0
File type ASCII text, with very long lines (65447)
Hash 32f58a61f7c5a7e10f8b2dcf8e9a8e34
865c25589283ab1debd45bdfa6c4d8c6ecf15ad3
481cb2216fbdb0797af8c61b69c0bda2c10d025f7b11f2cdfac382d35dc45d63
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:13 GMT
Cache-Control: max-age=86400
Expires: Mon, 06 Feb 2023 12:18:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wi8Pxjs5Q4Pb5XivULiS2m3EAoboWs8MYQKuF9zIo5GrZMTeOXfahlCT6nwFZeSqDDp71e%2FtuFTubRxwe7o6NtaZmWZjaT%2FH45e%2B3gK25kkLfl71p%2FaY0lgoKdjyYGmbUN1vdtY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b9771fb70b4ee-OSL
alt-svc: h2=":443"; ma=60
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230201/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 04 Feb 2023 15:45:14 GMT
expires: Sat, 18 Feb 2023 15:45:14 GMT
cache-control: public, max-age=1209600
age: 74023
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
104.21.77.237409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
IP 104.21.77.237:0
File type HTML document, ASCII text, with no line terminators
Hash 2ae8f1005589d2246f7c548a5771ad92
e4bef2158ce3bb0e6cfaee91c30373a0d3a04d62
2c74753daeff6226d61097e46e86c5748417c8ac1538d329d7b0be7943c4f1f7
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 409 Conflict
Date: Sun, 05 Feb 2023 12:18:57 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSrdZ9n3kuaiQmjcSB%2F1HURAPtk%2BthwjoK4lgOke1LmCsRrtgYdgwy6lUSXv1OnO2YETQAOcTdUoU33Rfz2AqTlgzwa6FGhSKUkykO2ToMt3odsZkliu%2FoG%2BkOfA2CfAQUNAyr4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b97757d98b4ff-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.saha-banks.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.saha-banks.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 12:18:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 12:18:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dfcdbf455580029a0c665fe5215ac927
e5fa1eb26e208c7599a07f327dd46356b7c5e806
b118c64c81b215c1379a81a9e64aa28eb647893870c0aaae293bf6adfa311f7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
104.21.77.237409 Conflict 276 B URL HTTP/1.1 www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
IP 104.21.77.237:0
File type HTML document, ASCII text, with no line terminators
Hash 5a559896bff51fa274a37d4e598aff25
c5ac60387ecf07779bcef665666c070d920ba3c3
04b406cddb1a6b19c533abf5dd00264b86590d252413e00bf0f4bfb4a8046704
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576
HTTP/1.1 409 Conflict
Date: Sun, 05 Feb 2023 12:18:58 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8EnOK5llpp9Fk7QCT%2FZUoCP2A%2F0nJbszGUBtDemmEBvRSzyFtZdK1jSxwm8deUQt4vQA3JSWn8VqefQWmC95m8Th9kE4UPQaQTDc8QXoV%2Bkbu6lzid26iaJQrk9%2FEu1HAwY06c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b9777a803b4ff-OSL
alt-svc: h2=":443"; ma=60
partner.googleadservices.com/gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415
216.58.207.226200 OK 255 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415
IP 216.58.207.226:0
File type ASCII text, with very long lines (395), with no line terminators
Hash fd5a6f3576b69354807eb4da35cd1478
76a23b95d82f883624b2974ee46b61aa9e746d23
f94e33649589e3de7f6d26151174c8d6fa82efe1b81654b2748e981f5802ea81
GET /gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 12:18:58 GMT
server: cafe
cache-control: private
content-length: 255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dfcdbf455580029a0c665fe5215ac927
e5fa1eb26e208c7599a07f327dd46356b7c5e806
b118c64c81b215c1379a81a9e64aa28eb647893870c0aaae293bf6adfa311f7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.170200 OK 5.4 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 5437
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 02:22:07 GMT
Expires: Fri, 02 Feb 2024 02:22:07 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 295011
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
fonts.googleapis.com/css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap
142.250.74.138200 OK 609 B URL HTTP/1.1 fonts.googleapis.com/css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap
IP 142.250.74.138:0
Hash 361fdf2276076cc33d6b512e7f8591d8
3b940dacd9f1207eab2bcb6fc47c2524fa853815
76f15d81c8faa3d4a27f851e06a63488846c47d7c64fc856627ee96b292870f0
GET /css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 05 Feb 2023 12:18:58 GMT
Date: Sun, 05 Feb 2023 12:18:58 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7d70322f4f6af3289d4d7f4c22a4c179
f2abd2a7c1575ab0b362920699143dce3ff60d75
0e5b166c8e8d91421e0122ab3863a9cdd88ca4dffa1d9beb9cdf61aca0ac95f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 05 Feb 2023 12:18:58 GMT
expires: Sun, 05 Feb 2023 12:18:58 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.saha-banks.com/cdn-cgi/challenge-platform/h/b/cv/result/794b97645ac1b4ee
104.21.77.237200 OK 28 B URL HTTP/1.1 www.saha-banks.com/cdn-cgi/challenge-platform/h/b/cv/result/794b97645ac1b4ee
IP 104.21.77.237:0
File type ASCII text, with no line terminators
Hash 86de097d54457ad4fbf85150ea2dc2fb
194863f4b15ecf7eb4f38bf7ed46b688289be8a4
6301b31e8f84ba8a7465199ebf1c2341253198f21763ad7e7cf6fdebe3d832ec
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/cv/result/794b97645ac1b4ee HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Content-Length: 11851
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/personal-finance-ratio-al-rajhi-bank/
Cookie: _ga_MNTK4YVF83=GS1.1.1675599575.1.0.1675599575.0.0.0; _ga=GA1.1.981826564.1675599576; __gads=ID=a1eace6dc349094a-22824a1ce5da00d8:T=1675599538:RT=1675599538:S=ALNI_MZWZlTG-LUOS4gkG4lZ_GzY44NgKw; __gpi=UID=000009a35f262202:T=1675599538:RT=1675599538:S=ALNI_MYk0QbaB6gMznGGAgi64FUdGtmyhA
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 12:18:58 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=FXQ3N1bhsGDTT72WMQ8k14gZcOjiXJp0ImOwR50nWX4-1675599538-0-AX1lya4QOflP5ukTYQvHdaVFJpv7U8aKSpG3bHeS1QRcPURhS59a3z+n8UBF+RTdo7htTA/1Xd33nvVwunFxgtP3Pzsg8VmtYo9O2k0Msn3K1w/i7JHiokOyWLK/ZEyBm6JMP+1tIDNqP5DGz/AUyb8=; path=/; expires=Sun, 05-Feb-23 12:48:58 GMT; domain=.saha-banks.com; HttpOnly; SameSite=None
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOLZ3ZuylO4a9afIrbRX69s2dcA8Idqh1UaRqqUB6zCk2jLd5ptPALHn9j2LnOSAtFoBU9Cqe22nAJE%2FC3qPD6liCvaNtLeKcmiI08pxeHdhT3u7olwqtkr0KVtuI7E%2BFcFzC1w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794b977ccd05b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 511 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash e2e37f50b1b8558909d98b3a86ab33ef
e4a2b70baec415e4ecaddd908b8365f241855d6e
7208d90ba2b6dab99fe2cc98b6b2d4a901d297a022ebb08fb1d43a2dfcdd5bea
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 05 Feb 2023 12:18:58 GMT
date: Sun, 05 Feb 2023 12:18:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-fZm0cdFspg2nOkdad6B2eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2
142.250.74.35200 OK 9.1 kB URL HTTP/1.1 fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 9120, version 1.0\012- data
Hash 18ad880aaa4e28b6cd1ef0d30ac95573
da6a33a1ecc296aa481432e2727b273140b78543
f2c5710634752d1a156adf5ac961c8400e3a577c90f97a6a293a07f4a28957fd
GET /s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9120
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 04 Feb 2023 03:28:49 GMT
Expires: Sun, 04 Feb 2024 03:28:49 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 24 Jun 2022 18:40:48 GMT
Content-Type: font/woff2
Age: 118209
fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
142.250.74.35200 OK 14 kB URL HTTP/1.1 fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14316, version 1.0\012- data
Hash 9383ff090e200fc692eb9d0f91df0e6a
eae567c614d06c697ab908310bbf3af6fa331db3
91fa743b90662d1247ff2a9e452e5cfa525e0d4a4caa1a29ed9820a74bb0f80c
GET /s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14316
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 30 Jan 2023 06:23:41 GMT
Expires: Tue, 30 Jan 2024 06:23:41 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Nov 2022 19:56:04 GMT
Content-Type: font/woff2
Age: 539717
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
142.250.74.35200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 07:18:53 GMT
Expires: Thu, 01 Feb 2024 07:18:53 GMT
Cache-Control: public, max-age=31536000
Age: 363605
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2
142.250.74.35200 OK 8.7 kB URL HTTP/1.1 fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8708, version 1.0\012- data
Hash cd316e4c96f15e4f5ee9b4cad904f4c7
c9d4a1c25311b932f4707d1315cfa037bff2687c
4e1343e3fad2721d8db43b01c81295a45afd6f82d519f0376290715426abbacc
GET /s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8708
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 05:36:39 GMT
Expires: Sat, 03 Feb 2024 05:36:39 GMT
Cache-Control: public, max-age=31536000
Age: 196940
Last-Modified: Fri, 24 Jun 2022 18:40:47 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
142.250.74.35200 OK 12 kB URL HTTP/1.1 fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11760, version 1.0\012- data
Hash dc696827ea29c67ac521ff0b36f50562
5fad76118dc2cf6d27666856a085693f0569db9a
157025606cebc118ce7bb7a62122058604fb39cbae9ae6bf2e7ad57bf4eb8087
GET /s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11760
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 08:19:07 GMT
Expires: Sat, 03 Feb 2024 08:19:07 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Nov 2022 19:55:08 GMT
Content-Type: font/woff2
Age: 187192