Report - www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

Report Overview

Submitted URL
www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
IP
172.67.213.3
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-08 13:00:52
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
50

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.34.49.10
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	908 B	101 kB	142.250.74.66
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	77 kB	34.120.237.76
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	5.5 kB	142.250.74.34
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	779 B	172.217.21.162
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
www.saha-banks.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	386 kB	104.21.77.237
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	9.1 kB	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	466 B	1.1 kB	216.58.207.202
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.8 kB	93.184.220.29
2.gravatar.com	8108	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	8.6 kB	192.0.73.2
tpc.googlesyndication.com	126	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	7.2 kB	216.58.211.1
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	67 kB	142.250.74.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	689 B	80 kB	142.250.74.40
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	564 B	216.239.32.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	306 B	6.3 kB	142.250.74.74
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	1.4 kB	142.250.74.132

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-08	medium	www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212	Phishing
2023-01-08	medium	www.saha-banks.com/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1	Phishing
2023-01-08	medium	www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing
2023-01-08	medium	www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-includes/js/comment-reply.min.js?ver=6.1.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/themes/jannah/assets/css/print.css?ver=6.0.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212	Phishing
2023-01-08	medium	www.saha-banks.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673179200	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0	Phishing
2023-01-08	medium	www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing
2023-01-08	medium	www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2	Phishing
2023-01-08	medium	www.saha-banks.com/cdn-cgi/challenge-platform/h/b/cv/result/78651e141e19fac8	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (154)

	URL	Size	First Seen	Last Seen
	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399	8.4 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 6aa91ea75f09f5e352ba720dc7bf4328 fee3029e5b6ef7c3fa86475a867631034bf4a2de 0e65d552e39bcdf2646bf8ac2aed12da726b3af08af5f3a03a84ad743a7f233a Loading...

	www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0	12 kB	2023-03-07	2024-04-25
Pretty URL www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:48 Last Seen2024-04-25 08:07:38 Times Seen5599 Hash a76f61318af036823b08d73536486be6 31ff9b215dcef9151b9f4fc50ea91a9df1962102 abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415&gpid_exp=1	395 B	2023-03-12	2023-03-12
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=www.saha-banks.com&callback=_gfp_s_&client=ca-pub-4557499569195415&gpid_exp=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:44 Last Seen2023-03-12 18:02:44 Times Seen1 Hash 8dd056f1cfeea1c88e0c0db25d9e8ae5 f16b604fcc7ce0d71428d8fbb7facaabe1c3ac00 d319a4367fdbf3b33e33725e8d1813bd202236317f97c1c1a5fc7682dca4a166 Loading...

	www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/	132 B	2023-03-11	2023-03-14
Pretty URL www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/ IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:42:18 Last Seen2023-03-14 11:12:06 Times Seen1 Hash 90df61ff50978e32572cd8e6c66e5548 603cb94cafc408056c50e2dba4c2c41da965d083 da5f74b96bfa6b31bd723411a475a0ff2e084c0fdad27ab12791a087897776a6 Loading...

	www.saha-banks.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1	18 kB	2023-03-09	2023-10-16
Pretty URL www.saha-banks.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:33:03 Last Seen2023-10-16 04:56:40 Times Seen93 Hash 5b0ad1b4e07282e137b1d8e4e46ab756 050768426f28c135562636cb7dd9974b7d126377 41d8ff4a522ab6f4acc093e26490c7b6ede175cde4953e6c3fe30ba3351cb831 Loading...

	www.google.com/recaptcha/api2/aframe	614 B	2023-03-07	2023-04-05
Pretty URL www.google.com/recaptcha/api2/aframe IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-04-05 02:12:11 Times Seen4624 Hash e9e28069c47a530a55f8c7e015a1b38b 2eced601ebdbe39ca274f61c71376ea4bcb8dfff 5fc84aaac11d3157f560666107a0551c67974bbd141130882f9579a5a92e0c52 Loading...

	www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83	225 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash b34c62bd66ba83da994d6cc1dd9a7acc e40d5a03537121f7bf0333be1d69a58fb025ec38 a75209b63e5439e79c42840a93dbe9bf05f0803c44b8a1f865f770e7a35c1fa4 Loading...

	www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-25
Pretty URL www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 18:37:13 Times Seen38049 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com	107 B	2023-03-07	2024-02-03
Pretty URL adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-02-03 18:43:04 Times Seen27539 Hash d9c47f48660b656705d0ff86fc850de8 bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769 a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Loading...

	www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/	64 B	2023-03-07	2024-01-30
Pretty URL www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/ IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:19 Last Seen2024-01-30 13:14:56 Times Seen87 Hash fa95fc07cba129553c8ab63f5426f6ce e4efe1953230f6f1fa51d6afa367195c2122c0bb 9634fda70d402b3c666910a2da3dfce92fed4c754ce2d4f6c3f73ca709e13e87 Loading...

	www.saha-banks.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1	15 kB	2023-03-07	2024-04-10
Pretty URL www.saha-banks.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:20 Last Seen2024-04-10 17:51:42 Times Seen738 Hash c5317c4553371f290394cb5a030b6a13 c4c0b9106e7bcaeb9ad71fc935152e6f3ece8eb5 f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635 Loading...

	www.saha-banks.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673179200	34 kB	2023-03-12	2023-03-12
Pretty URL www.saha-banks.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673179200 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 11b634c7b99c51def64cf69996315b8f c551b7873b869db442ed85d17987d497d56dac20 8ed937b916e5ce38f497d96c140974cc353dd2301ad18315636c8262e1e1db2c Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=1148270814&adf=558547054&pi=t.aa~a.333622701~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673182831&rafmt=1&to=qs&pwprc=8444468949&format=1200x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1673182831596&bpp=5&bdt=2314&idt=317&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=34&ady=140&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=S8QmSbGzd5&p=http%3A//www.saha-banks.com&dtd=403	199 B	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=1148270814&adf=558547054&pi=t.aa~a.333622701~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673182831&rafmt=1&to=qs&pwprc=8444468949&format=1200x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1673182831596&bpp=5&bdt=2314&idt=317&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=34&ady=140&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=S8QmSbGzd5&p=http%3A//www.saha-banks.com&dtd=403 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 5d9035c5b3e3ef59d092f6dace9e67e6 930ca65158f9c51275b354c33e912176e050f2ab 1215836fb53e8dcf9a071705b1fad53930f34ef5452d56ca194ed22443273dbb Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=459832876&adf=1239389326&pi=t.aa~a.391918926~i.15~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1108x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1108&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832852&bpp=5&bdt=3570&idt=-M&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=1864&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MispMp6PN7&p=http%3A//www.saha-banks.com&dtd=159	199 B	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=459832876&adf=1239389326&pi=t.aa~a.391918926~i.15~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1108x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1108&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832852&bpp=5&bdt=3570&idt=-M&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=1864&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=MispMp6PN7&p=http%3A//www.saha-banks.com&dtd=159 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 2ad639f6c7cd936fc009ec795978d51e 1c7b80b11a8ecea9555b61f58b56f8f608bec1d8 240a9aabcc5afad2b15a24734f0479bb698990e1aae6164d16b16959aac10b98 Loading...

	www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/	370 B	2023-03-11	2023-03-14
Pretty URL www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/ IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:42:18 Last Seen2023-03-14 11:12:06 Times Seen1 Hash ca6c290502bc1b04214b8e73d9eade16 3767c77a379d2075578da082879474a719a18f80 fc27642e42f6203d7c3b92dbb35b98ed5c18d0551311539084fa6f3b39f1ae2d Loading...

	www.saha-banks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL www.saha-banks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 18:37:13 Times Seen68630 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=3643290555&adf=3882267750&pi=t.aa~a.3225027491~i.7~rp.4&w=1073&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1073x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1073&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832852&bpp=4&bdt=3569&idt=-M&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280&nras=4&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=2738&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tdEx58pYOz&p=http%3A//www.saha-banks.com&dtd=174	199 B	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=3643290555&adf=3882267750&pi=t.aa~a.3225027491~i.7~rp.4&w=1073&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1073x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1073&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832852&bpp=4&bdt=3569&idt=-M&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280&nras=4&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=2738&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tdEx58pYOz&p=http%3A//www.saha-banks.com&dtd=174 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 9a45f2db77b35ac9bb0c80da5e0eb24a 1d5f4f96643a96e4aff992df64c33d015d12498d 5e974c89f33802b8b8b4d2bb4fb27798d243b54f1b8a17a99ad0ccf327d10b9c Loading...

	www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/	1.1 kB	2023-03-12	2023-03-14
Pretty URL www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/ IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-14 11:12:06 Times Seen1 Hash 4377985a9ad97ef408c1d26b17aa675d c0e604f4db2475eb0c1633c81065eb4a183597df 1b5de814512430dbbfefc1a94785df7f2586ddd471c5ac7f1c1b6a3b258a0546 Loading...

	www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/	1.5 kB	2023-03-12	2023-03-12
Pretty URL www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/ IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 63ca547cc24a68eedb67e7d083b9ba9d 768e4a519bbffc7f672d61ba39db56d8a803bb10 e6b0dd67ec44c0199344defa15df60824d28c73e8c2135a958e3705d15749301 Loading...

	googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html	9.7 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 5ba05061c66d3e3a39f0573557899b0d f31c916b0c5ba50856c2d505c6a07ac2e3703dea 821afaa0abe5e4fb2292f52492b24ad0e290f7c43766602293856e911b5d1499 Loading...

	www.saha-banks.com/wp-includes/js/comment-reply.min.js?ver=6.1.1	3.0 kB	2023-03-07	2024-04-25
Pretty URL www.saha-banks.com/wp-includes/js/comment-reply.min.js?ver=6.1.1 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 18:41:52 Times Seen29295 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=1148270814&adf=558547054&pi=t.aa~a.333622701~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673182831&rafmt=1&to=qs&pwprc=8444468949&format=1200x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1673182831596&bpp=5&bdt=2314&idt=317&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=34&ady=140&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=S8QmSbGzd5&p=http%3A//www.saha-banks.com&dtd=403	162 B	2023-03-08	2023-03-14
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=1148270814&adf=558547054&pi=t.aa~a.333622701~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673182831&rafmt=1&to=qs&pwprc=8444468949&format=1200x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1673182831596&bpp=5&bdt=2314&idt=317&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=34&ady=140&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=S8QmSbGzd5&p=http%3A//www.saha-banks.com&dtd=403 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:41:38 Last Seen2023-03-14 11:06:21 Times Seen1 Hash 8b71abf6a52f8b757c6827f94a9a8c6f 26185b8235560b21a23d9cedaf5f60c02232abf8 a676fd4a8ac8eacada740fd7bb5647dfca01a94108ddf983ec910ec4e7e8d025 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399	29 B	2023-03-07	2024-04-15
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-15 15:27:24 Times Seen1575 Hash ffdeabb8ddc079ab75fc11771e82d609 eec3c2fe235719cef576ac181912ce2e832f4b88 593ec3939c38f7d9154231957277279ed105cc7fba028a610644cb510bbbf749 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399	46 B	2023-03-07	2024-04-15
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-15 15:27:25 Times Seen1584 Hash 4f0abc3ba95c84ebf5cc9987135b4168 cc7819e635f40040efef3ed36f44e35243c092fa 556cf7831e8acf0289fe5045796235dba49cf88c1b9cf908f8291dbd9a86786d Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=459832876&adf=1333799009&pi=t.aa~a.391918926~i.35~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1108x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1108&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832864&bpp=4&bdt=3582&idt=4&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280%2C1073x280%2C1073x280%2C1073x280&nras=7&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=3228&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=jV96cEipUA&p=http%3A//www.saha-banks.com&dtd=634	199 B	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=459832876&adf=1333799009&pi=t.aa~a.391918926~i.35~rp.4&w=1108&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1108x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1108&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832864&bpp=4&bdt=3582&idt=4&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280%2C1073x280%2C1073x280%2C1073x280&nras=7&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=3228&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=jV96cEipUA&p=http%3A//www.saha-banks.com&dtd=634 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 43785567090311f53db0df071be73456 9791df04c84fedd339e71ca1fa175127ca34652d 0f1238b855ecb387cee53d11fcda5885e3ca9c9ff849fdfbafd51f5c6ed78678 Loading...

	www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/	6.0 kB	2023-03-12	2023-03-12
Pretty URL www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/ IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 17c1b117dc2e13d30b4df1844a3be57c ab23f5a42c10d62c0469b786839e93890eaf65c4 2b01c68fa4d4af4ab25376b7f2a85bbd0fcd7a17d47df8d5216cf1aad24de23c Loading...

	www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212	6.1 kB	2023-03-07	2024-04-18
Pretty URL www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:56 Last Seen2024-04-18 11:14:36 Times Seen1100 Hash db6afe5fc3125bfbb7631cdc894f95f7 cec78215c216e4bc1c03c1393f459fe1c972ee84 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19 Loading...

	www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1	82 kB	2023-03-09	2024-04-14
Pretty URL www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:15:37 Last Seen2024-04-14 16:45:59 Times Seen433 Hash 0aad6ea4c36a9be1a344f4c666ad8dd2 10a11da088f2ba67524c52070c54306bdf0bb47c f0df5bac42e20b19dafbdf42b5480133ffdf8885bf9d4fd9a8fa3043e3efd2ae Loading...

	www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1	5.5 kB	2023-03-09	2024-02-23
Pretty URL www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:08:07 Last Seen2024-02-23 11:54:42 Times Seen184 Hash 4a756adcfcbc3f6826d511a6ef9441f0 142856ab40259f8437f09676666165755b5bb6cd e60d8e5aa1e9414a1312403dc47e1f0e93aab527dcbff70cc861bf4e89c23c11 Loading...

	tpc.googlesyndication.com/sodar/sodar2.js	17 kB	2023-03-07	2024-04-25
Pretty URL tpc.googlesyndication.com/sodar/sodar2.js IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 18:36:39 Times Seen17678 Hash 2cc87e9764aebcbbf36ff2061e6a2793 b4f2ffdf4c695aa79f0e63651c18a88729c2407b 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399	267 B	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 766064a1222f1e5c1abcc223ad7ea0ce 7c3c9f39d44bb8fdd037ca7d023c17f4f9dc2a8d 0cbe5e48a646d59ad9e4ddbe08195b9e7ee5312344674520856fe75f6bb038ee Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399	19 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 501c20989de8fe7e544e1fb06ccc2e6b 82ee2d85bbebfe9e17f62841faa33d1377dbb729 a62eb34ae6cdf887b5ba4d2f194e238a9469cd3261ac9311f64041f6d1464f0a Loading...

	tpc.googlesyndication.com/sodar/sodar2/225/runner.html	13 kB	2023-03-07	2024-02-23
Pretty URL tpc.googlesyndication.com/sodar/sodar2/225/runner.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-02-23 22:40:33 Times Seen4633 Hash 04889347291e33491547245846d18c4f fa0e1917fb2630c86eab067505751a72ba001c6a f4a5d6b45c241fa0ce6ba4ae8b035ad725d67c4091ce8a99bc9c2364295b8fd8 Loading...

	http:blank	644 B	2023-03-12	2023-03-12
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash b73c4a34f1feb21bc5084ad9c466908c f997d477e153d22fae8bb76d3a8112a541c84817 3ec817a25ac0c3ed0cb53140e4f49cb3bed30ebf0814e656d920849b75eea37d Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415	151 kB	2023-03-12	2023-03-12
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash e5d1d9bd2b62cf4b96e6feab0a831483 85b980f49a40aaf27cec10a02995d6b999f00798 b60b9c77047b94726477fe083ef004357f0ee71712cd159748d84f3bbec76f0a Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=3643290555&adf=3021661527&pi=t.aa~a.4008934170~i.3~rp.4&w=1073&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1073x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1073&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832876&bpp=3&bdt=3594&idt=3&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280%2C1073x280%2C1073x280%2C1073x280%2C1108x280&nras=8&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=3604&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=7x7ULgeslH&p=http%3A//www.saha-banks.com&dtd=1051	199 B	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=3643290555&adf=3021661527&pi=t.aa~a.4008934170~i.3~rp.4&w=1073&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1073x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1073&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832876&bpp=3&bdt=3594&idt=3&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280%2C1073x280%2C1073x280%2C1073x280%2C1108x280&nras=8&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=3604&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=7x7ULgeslH&p=http%3A//www.saha-banks.com&dtd=1051 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 27a75e4161f6395d66d41e63b7795d8b 65ca32b455cd529e615c7a5c01b32d5e9c46229c 4808c34d8f57b250eb80a8f8821380ead3ed6dd7c6ba57cab4a9788e8d135498 Loading...

	www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-25
Pretty URL www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-25 17:24:34 Times Seen31811 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4557499569195415&plah=www.saha-banks.com&bust=31071277	364 kB	2023-03-12	2023-03-12
Pretty URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4557499569195415&plah=www.saha-banks.com&bust=31071277 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:10:40 Last Seen2023-03-12 19:18:51 Times Seen1 Hash d38fe4a1ef5389f3a5afe8d6227273df 2f7f28f2657f563ac531606fc06cbce9718df279 818df53f8e0642a939e4ad61ad2b654dbdacdec352d31b62864c0cc1e64ff717 Loading...

	ajax.googleapis.com/ajax/libs/webfont/1/webfont.js	13 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1/webfont.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-25 16:38:15 Times Seen22402 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399	633 B	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&adk=2969136045&adf=3689892565&lmt=1673182831&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&ea=0&pra=5&wgl=1&dt=1673182831596&bpp=8&bdt=2313&idt=288&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7935328474024&frm=20&pv=2&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=399 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash e84abf46d4d2925e860d913f9f884d94 56dbf80f3fa87565327711e221cc70adc44fa701 1cbc9013377e68eb3811b811aa0a4ca3bebe3e403f11fd580117480556276e1f Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=3643290555&adf=1421701263&pi=t.aa~a.3225027491~i.9~rp.4&w=1073&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1073x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1073&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832852&bpp=4&bdt=3570&idt=-M&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280%2C1073x280&nras=5&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=3063&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=olnbJAPaie&p=http%3A//www.saha-banks.com&dtd=184	199 B	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=3643290555&adf=1421701263&pi=t.aa~a.3225027491~i.9~rp.4&w=1073&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1073x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1073&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832852&bpp=4&bdt=3570&idt=-M&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280%2C1073x280&nras=5&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=3063&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=olnbJAPaie&p=http%3A//www.saha-banks.com&dtd=184 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash c6f4d09c63e9b45b4a88ee576ebd563c 4a40dbe096f1c4ad9fc89a6bf3bf56aeb0005d82 724f2f3ac74d986aee7f695973c6735eba44016332df4bd0f6b09793bbd19be7 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=3643290555&adf=3200988299&pi=t.aa~a.4008934170~i.5~rp.4&w=1073&fwrn=4&fwrnh=100&lmt=1673182834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1073x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1073&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832888&bpp=3&bdt=3607&idt=4&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280%2C1073x280%2C1073x280%2C1073x280%2C1108x280%2C1073x280&nras=9&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=3649&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=7&fsb=1&xpc=oD4PAw0EDN&p=http%3A//www.saha-banks.com&dtd=1287	199 B	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=3643290555&adf=3200988299&pi=t.aa~a.4008934170~i.5~rp.4&w=1073&fwrn=4&fwrnh=100&lmt=1673182834&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1073x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1073&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832888&bpp=3&bdt=3607&idt=4&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280%2C1073x280%2C1073x280%2C1073x280%2C1108x280%2C1073x280&nras=9&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=3649&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=7&fsb=1&xpc=oD4PAw0EDN&p=http%3A//www.saha-banks.com&dtd=1287 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 8a9559b1e319de2d0e903826c5c60002 f0c943f19ccb3b88e39941a4cd07a8c7fdb417cc 29ddf7adadd1c3d36ef9968e4466f2cad3226b86b385725c14df0d5cf4bc1211 Loading...

	www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-25
Pretty URL www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 18:41:21 Times Seen54950 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/	2.2 kB	2023-03-12	2023-03-14
Pretty URL www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/ IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:37:23 Last Seen2023-03-14 11:06:21 Times Seen1 Hash 45d2a96243a7c7f8e39382c6ed48029f 88fcf6e0a485e22ee9504b93b20d8f426781fd95 8a8a012581dd401030d16a49517a7a24e943426b515f4fb0f8a87b264317bb83 Loading...

	www.saha-banks.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1	24 kB	2023-03-09	2023-10-16
Pretty URL www.saha-banks.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1 IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:49:24 Last Seen2023-10-16 04:56:40 Times Seen134 Hash b11f72f9e502d19128dd1f08ee232475 5d685291dd2ff1baebff0e206c9355d4b4805776 77427fa30b2e040935768430ebe77dafa03bce2f7a045c4fff5230f99841d799 Loading...

	www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/	541 B	2023-03-11	2023-03-14
Pretty URL www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/ IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:42:18 Last Seen2023-03-14 11:12:05 Times Seen1 Hash aa71fda3bcb4a0e8a0bc122b57abfe98 afed570aca17d7f62db6ace2da629e331514e678 979d57e2f0e8e5e93e114c01f8cfd6bfe12c4e543c67f87a3c5fcd18790d33a4 Loading...

	pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js	37 kB	2023-03-12	2023-03-13
Pretty URL pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:21 Times Seen1 Hash 942ee0abe3317c403d7b224efca882ea 7bd221fce3009fb96a0285a0b48e435a784b9d2e 424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=3643290555&adf=225894602&pi=t.aa~a.1431655869~i.3~rp.4&w=1073&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1073x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1073&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832852&bpp=3&bdt=3570&idt=4&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280%2C1073x280%2C1073x280&nras=6&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=3714&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=EFoGIXM0aa&p=http%3A//www.saha-banks.com&dtd=190	199 B	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4557499569195415&output=html&h=280&adk=3643290555&adf=225894602&pi=t.aa~a.1431655869~i.3~rp.4&w=1073&fwrn=4&fwrnh=100&lmt=1673182833&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8444468949&ad_type=text_image&format=1073x280&url=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&fwr=0&pra=3&rh=200&rw=1073&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1673182832852&bpp=3&bdt=3570&idt=4&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3983deef905ccff2-22b7d9da35db00f9%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw&gpic=UID%3D00000b9fad2c7ba6%3AT%3D1673182844%3ART%3D1673182844%3AS%3DALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg&prev_fmts=0x0%2C1200x280%2C1108x280%2C1073x280%2C1073x280&nras=6&correlator=7935328474024&frm=20&pv=1&ga_vid=1103795036.1673182830&ga_sid=1673182832&ga_hid=1298793366&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=80&ady=3714&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44768832%2C31071277%2C31071364&oid=2&pvsid=2395527330459487&tmod=1731384687&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=EFoGIXM0aa&p=http%3A//www.saha-banks.com&dtd=190 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash 099c1d830311a16330d7bef29bd8c5b7 db36bf8a2b27baaf72b4f1729ceeba5408fdf08c e3cd7f14581dfa1f1327e6a15c8df62154ead228dfa7db46d4639349856090ae Loading...

	www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-25
Pretty URL www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.21.77.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 18:06:14 Times Seen43094 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474	146 kB	2023-03-12	2023-03-12
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:02:45 Times Seen1 Hash c4d2fb1f799bdc25137990edc91473a5 1c9cc9b916054eda75667e17bbca97d02f2ff55b 8e21b7034f60a1f6edf8352ad120566b50d39e2531a764f2a9251b51bcb435a0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - c59289974b3e2d2f86110457f6c34ed5	210 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash c59289974b3e2d2f86110457f6c34ed5 66168e54d1eb15c51f32d4d3ba06fa8c2e912b07 a20263b3af2979a1a72277953ac14ba6868ed0e1a7d727e542bdb8a8dad3327b Loading...

	#2 Eval - 6db66e74e537cb679e82fa41b247f843	55 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 6db66e74e537cb679e82fa41b247f843 338a6c0830391979289d0d0e6b6065af10d1d69f a9b802d0d34cd8cc0313f9f43a08f7ac07f978afcec52069a4e1849b711abaab Loading...

	#3 Eval - bae3f90cb000352645e35fad60da411c	35 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 18:36:38 Times Seen53256 Hash bae3f90cb000352645e35fad60da411c 00023f94c170125b979cb1914925d06ab1abfbce 1e3606d95ce27d593157594820335681a9380f51a96147303cd8000e60a95e12 Loading...

	#4 Eval - 05b8c74cbd96fbf2de4c1a352702fbf4	6 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 18:42:43 Times Seen54618 Hash 05b8c74cbd96fbf2de4c1a352702fbf4 320ad267d8d969f285eda5c184f5455bd29c8c95 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba Loading...

	#5 Eval - 24cc3dc813f384fde380df619f1525cb	19 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 18:36:37 Times Seen48820 Hash 24cc3dc813f384fde380df619f1525cb 56399e3ce57ff98d68c7de98a563e572230dff6b 5421715bbdaf2550e31d10fc28d444310a8fe7147bbddecf0abb490358a1553b Loading...

	#6 Eval - 673a875cd33f946c7fb234078db0d89f	2 B	2023-03-08	2024-04-06
Pretty Observations First Seen2023-03-08 06:14:19 Last Seen2024-04-06 19:08:00 Times Seen65 Hash 673a875cd33f946c7fb234078db0d89f f1cecf9e970522a619b72e66a124dbf89737b06f e4d6fedd18866f7aa5469a8b90a348fec071f4b82598152a7aac6419edc3ac3b Loading...

	#7 Eval - 7aa30e1f5626ba91e0a08cac4ff35151	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 7aa30e1f5626ba91e0a08cac4ff35151 24e78633fd19ffc56c94ca950771da2a63a26d5b df45b35b6172cde9caff6291726b3e925d1a7569ef6ca2bc456c1998f30803a1 Loading...

	#8 Eval - 62529946f7b1eae2e6fa4eae80eb46fe	29 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 62529946f7b1eae2e6fa4eae80eb46fe ae875ff3227cea5256d3b04bca4f53fc9a128764 ff58b5a69c3af218eca6c24e6c750f4c381d43e88c596d5f2b2649078fe99781 Loading...

	#9 Eval - 97e50458441705c973c5928032c35ffa	161 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 97e50458441705c973c5928032c35ffa 8f8912d12d2e8f1077ec16c764c7d0c33cdf0aeb e5b47787de827cad189a6993e402dafdffc4f0d6b28e85232c5b8582ac1956cb Loading...

	#10 Eval - 2b3dd1badbbceb4b6468dbd721ebfd7e	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 2b3dd1badbbceb4b6468dbd721ebfd7e 7bb0cadec863df9f870afbff8715f7233ebd338f 76ef22c191397c2207e7cb2df3000f5487b628575336378e65266d3e8a5235a8 Loading...

	#11 Eval - 9878b4654c31eda1e350f9c95773af6a	53 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 9878b4654c31eda1e350f9c95773af6a 1b4d43fe08496adc417ccd79876bbb8f1532eabe 6cc92c71d34789e2111f1823659c69e8abb707088959a6b75524a6031395e7cd Loading...

	#12 Eval - dd20881ed21e6a0b7944b311ebb8f7e0	143 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash dd20881ed21e6a0b7944b311ebb8f7e0 8bd42ace7f97ef3e7fc7a896f419d610e87e4c5c f96d206b0342fa605e64311f344459a95036b3e7888b820f627470bec4525473 Loading...

	#13 Eval - afb6c404b4eb5142b4b2b643f7b3b465	253 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash afb6c404b4eb5142b4b2b643f7b3b465 757a825b5d0da00bbc6767896efa2f9f1db8df88 c0eb05da454a8cc362fc6bf401f943ee51d0dbb58a86dcd735414d9d9d6f16a1 Loading...

	#14 Eval - e6f95f4743f47a31bd44598a20f51957	438 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash e6f95f4743f47a31bd44598a20f51957 239ff832d76a9b9cc64739480a045cf2ac747087 aa43362651270db959fb457de9a7c32641cefc559098105f7202569ad64d3bff Loading...

	#15 Eval - c1b6ad961450fb91b3a1870851f07fbc	96 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash c1b6ad961450fb91b3a1870851f07fbc 5240a746f2698f34561ef181fe753b2876d6246d ff6ffa6fc8686d0f9a2cf8ca1f890553084ad4e04784bac5acff8b1b02b20596 Loading...

	#16 Eval - 094c0583526aad43ab2ff77d8c08ea33	78 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 094c0583526aad43ab2ff77d8c08ea33 64770ab2708bf7f2883a05ea503bff386c4c25de 438482dd6e3a88710a810f023d63496f6839408473241fbe05a8fe7b8cf70702 Loading...

	#17 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

	#18 Eval - 229cc7b2dc4a77e1dfa583086813afa4	2 B	2023-03-08	2023-10-18
Pretty Observations First Seen2023-03-08 08:11:36 Last Seen2023-10-18 08:33:27 Times Seen301 Hash 229cc7b2dc4a77e1dfa583086813afa4 f3a9bba29d790833b9b8fbfe78361e8e6397d844 981734335729812497f25e310d2f4bb61faab85323a02fbe39e2bbeb20941592 Loading...

	#19 Eval - f593584f050c0f9f70edd392e83ba79c	118 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash f593584f050c0f9f70edd392e83ba79c ceab5679b61478d93cb73004fd90e39af72e7d25 4f9b00e9fa93ecbff706f03afdb8ec64f5e494dafb39ceb5099b5682208d4e53 Loading...

	#20 Eval - d48a24ae9672ee573050e4d3aeeebe4d	29 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 18:36:38 Times Seen53219 Hash d48a24ae9672ee573050e4d3aeeebe4d 8f8c4d27852980a1ec5a8b1aba30769001314ec8 53e5b7d706a350fe98d52499058624e15cddc1541f17370f94a899a386c50255 Loading...

	#21 Eval - 7b8c600c0ebc34e712ee3e45396ec794	255 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 7b8c600c0ebc34e712ee3e45396ec794 80114ca079c6cc48cb828855592b7497a871a138 3d3ff528a9f3b09863f816ab39589120afa370992c8dbf9230bdca8a9fa24938 Loading...

	#22 Eval - e452d15edf8247251820221bc655aa13	253 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash e452d15edf8247251820221bc655aa13 6feefd1dd7cc1f9068fef352173513b1289db887 c0fcc3573ad98316ce502afb5fc1a813b8ffcb64539e1702d564df6b98a49987 Loading...

	#23 Eval - f2ef2d9d3381d19de3f5e19d727b259b	66 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash f2ef2d9d3381d19de3f5e19d727b259b b1fe867a3a97d3675602622ba9a33c489e2dc33a 3480ceab91dc734740eaaa92947147d1363d00e3f1b8655f2e65eef046fe8d08 Loading...

	#24 Eval - c86ee0d9d7ed3e7b4fdbf486fa6c0ebb	2 B	2023-03-12	2023-08-30
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-08-30 15:03:54 Times Seen54 Hash c86ee0d9d7ed3e7b4fdbf486fa6c0ebb 6fca55ca3c828a46bfe96a10e69f572b61ce540c fed1d872f6d540f4118582ec694270274e987b12f5dfe2057dddf1e12df2761a Loading...

	#25 Eval - 2aee4c63ae030fa7e434d04cf1370682	494 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 2aee4c63ae030fa7e434d04cf1370682 646cd9c4618b13283caeebe69c724c12de1d9ef4 9f3caa23bc90664afb6153a01d56902e85f781bc41ad352c20416ef260ed1614 Loading...

	#26 Eval - 622fe30472314556e15e2d6d37212909	355 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 622fe30472314556e15e2d6d37212909 80c02306096015d16ff4362ad2f893d5098cdccb 72e71a2cc50762ee6b49220cc039283d6627512c42114630ae0012718d45e11a Loading...

	#27 Eval - 8af6f51fdfd0e668d014d4ed7b16991e	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 8af6f51fdfd0e668d014d4ed7b16991e 0dcaa02a4102063fd864a37fa87c2e58ca6e858e 75a9ec2baf8f995f0d2fdd36566410656dd5cbf7a092d19b5958892ebf2a9bcc Loading...

	#28 Eval - 8b832281ce98917fa3c1a514427943c2	144 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 8b832281ce98917fa3c1a514427943c2 89b1f784533b2eabb89dbdfd65308b63676d4b59 0c68d2db009c2bb515a1304d189374cc2b0f04c42c74bb409a5d22d385859afe Loading...

	#29 Eval - b2f5ff47436671b6e533d8dc3614845d	1 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:15:11 Last Seen2024-04-24 08:15:41 Times Seen7114 Hash b2f5ff47436671b6e533d8dc3614845d 54fd1711209fb1c0781092374132c66e79e2241b cd0aa9856147b6c5b4ff2b7dfee5da20aa38253099ef1b4a64aced233c9afe29 Loading...

	#30 Eval - 7832b40887f9eae13db7026094add642	353 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 7832b40887f9eae13db7026094add642 d7c12f48ede625c229e7a69f9b3d6d46cd81f33f f1f7294449b79c01f3e32200b58e7e48e636f11adfd9cff605b100e8f87e1d29 Loading...

	#31 Eval - 71edd748eb838b4c21bf96eebef97623	79 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 71edd748eb838b4c21bf96eebef97623 b91bc0b28d0067ff047742eb8f03e7b2dc574fc2 ebff336e571bada8f0d0cb593a0226bb733a308b5131932b0815b17ec594d50b Loading...

	#32 Eval - 744867d4771da04edafe3d41b89f2d81	387 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 744867d4771da04edafe3d41b89f2d81 f8421fca1335dbdc61609d2583fe12ee15fca029 94144c9fa12d1aa45e5e80b83f39f4a8aeff2aebc0a44cc73fd063d45a7fba70 Loading...

	#33 Eval - d1ab8ee476f7d1330967e09796e8022f	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash d1ab8ee476f7d1330967e09796e8022f da10a19663532b6c1909ac2ec5e0ab4a0305dd1a 5f78e37f7807189fb48f0f828d54c21fdae2b56734bb67906aeca680dbabbe96 Loading...

	#34 Eval - 9d027e3003d993cc011ca31cc1efc643	120 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 9d027e3003d993cc011ca31cc1efc643 3ce81342b0ef9df22ad03e1a7d77c7b7845842ef ed6bfb506d1ee3290a18de140f44b670637a1bee7228f2c0021c9eb9c6ce4636 Loading...

	#35 Eval - 640f3dfdd274b4f767e056444d9e09e3	97 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 640f3dfdd274b4f767e056444d9e09e3 6c60549019a17287be67e3c7b5267a589f6bb60b 66e7ccc972064aae2b3caa5f311ed2cdc63f06bd5ec32abe1f61206d5ae6b012 Loading...

	#36 Eval - 178d9189975a186ba2a98280acba9639	29 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 178d9189975a186ba2a98280acba9639 29b140772597067de07e888feecd101ea17eb5be cf68f869a914689186c7f9e92dba30c4911f45c981b3fac07eb751d71258c79a Loading...

	#37 Eval - cf9313d2cbfdc1e60bd6f303e5f30ea9	136 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash cf9313d2cbfdc1e60bd6f303e5f30ea9 d8ca49d9390cf00f8d91c47132d23777f4162a55 096d519d5efc3783be0c3971b3419c2e81256c2cf420eb8cae8c3c7b6e47dfdb Loading...

	#38 Eval - a5f3c6a11b03839d46af9fb43c97c188	1 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-25 17:01:55 Times Seen8370 Hash a5f3c6a11b03839d46af9fb43c97c188 a7ee38bb7be4fc44198cb2685d9601dcf2b9f569 86be9a55762d316a3026c2836d044f5fc76e34da10e1b45feee5f18be7edb177 Loading...

	#39 Eval - 7a2ed7932c964993fdf55c9aa2ba5667	251 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 7a2ed7932c964993fdf55c9aa2ba5667 2c83fd8b6e402ee0f2095bca411c0c78cc20b790 8486e209ef4c522b0dcb0879a7fd586a4e29060cec7ca0c76a81a45c0bd799c1 Loading...

	#40 Eval - d20caec3b48a1eef164cb4ca81ba2587	1 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-25 13:12:51 Times Seen12147 Hash d20caec3b48a1eef164cb4ca81ba2587 d160e0986aca4714714a16f29ec605af90be704d 72dfcfb0c470ac255cde83fb8fe38de8a128188e03ea5ba5b2a93adbea1062fa Loading...

	#41 Eval - b00311caa351b6d36cbbbc39930c8298	79 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash b00311caa351b6d36cbbbc39930c8298 db6c8977bce593f5cd6550db40da495effbf9c0a b699653d92ddc1356c41d890e53747ca11903d48d2a716e10cd22b8a5782dd65 Loading...

	#42 Eval - 567c996739edfa1cdbad4c55a80580df	2 B	2023-03-12	2024-01-22
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2024-01-22 10:07:29 Times Seen57 Hash 567c996739edfa1cdbad4c55a80580df 73bc8c219b84b29e82d4338ec2e55b540c845bc6 2da68e03534ea7262d113fb10ad9d38403d809fd1bedfbbfe691db45b6cc0861 Loading...

	#43 Eval - ffb1d8a8cc7544b052794b2c91552267	289 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash ffb1d8a8cc7544b052794b2c91552267 e9680d8ec025440a409539ab01c3599a76bb90e0 f3939f24707a6cfb8aa6dcbfefd2e35c11beec2260fbbc81371f7fac9576c189 Loading...

	#44 Eval - 2cbcbd1720538222a9bdbd98d2c94a81	531 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 2cbcbd1720538222a9bdbd98d2c94a81 d92c51c7249af7743238ea1a75b1069f444a4a45 e5c29629ba1aecaf2f2d2b767d30283781337d0f7e5d6fb1338ffd3206012a43 Loading...

	#45 Eval - 04dbdff77eaf4cba5b3599a802b220f3	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 04dbdff77eaf4cba5b3599a802b220f3 19b1d51e95a5e26b8c0d7461f86a2f069a24ac49 515854f51628fc22dd5d3d799f0c2584d3264428c2477ad0a4592253d87ed573 Loading...

	#46 Eval - 92eb5ffee6ae2fec3ad71c777531578f	1 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:11:47 Last Seen2024-04-25 18:36:37 Times Seen10496 Hash 92eb5ffee6ae2fec3ad71c777531578f e9d71f5ee7c92d6dc9e92ffdad17b8bd49418f98 3e23e8160039594a33894f6564e1b1348bbd7a0088d42c4acb73eeaed59c009d Loading...

	#47 Eval - 75a23e713d48022334a00bfc67af967b	106 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 75a23e713d48022334a00bfc67af967b ef0758dc112fe68a1cb250edcd28a857c331ca2f 965383568984850699da8b3a21680d86681f4bffb5362aea200f29d6aa46c1ed Loading...

	#48 Eval - 5c10a7164a629985fd6163db9b271976	2 B	2023-03-07	2024-03-14
Pretty Observations First Seen2023-03-07 12:23:19 Last Seen2024-03-14 04:39:16 Times Seen658 Hash 5c10a7164a629985fd6163db9b271976 6dcbaaafcdd45f45a07eeea32d760bb6298cd7ea d70bdf9097e42dcde8e2d104447555eb25c8a51703f1fab50f284eccc60e4c89 Loading...

	#49 Eval - 61e9c06ea9a85a5088a499df6458d276	1 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:14 Last Seen2024-04-25 15:45:16 Times Seen6635 Hash 61e9c06ea9a85a5088a499df6458d276 e2415cb7f63df0c9de23362326ad3c37a9adfc96 fcb5f40df9be6bae66c1d77a6c15968866a9e6cbd7314ca432b019d17392f6f4 Loading...

	#50 Eval - eee277cb735770f82cfe3f19c84a59d6	78 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash eee277cb735770f82cfe3f19c84a59d6 f312b7467e4b9e9ee80e46449d9d2cada196e9a4 0a46a7ce3778a118bc3dad0dd2af0a77fcc2d50e7816b38bb0ea043eec820ace Loading...

	#51 Eval - 11db4891e8d29ba6805f0c8fce51772f	458 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 11db4891e8d29ba6805f0c8fce51772f e6a70291a688314163df903bcbea11421b226418 f84b0e2c899eb0ebcd60c20d24f9ea1684bc320c529c70ff94909205608728e8 Loading...

	#52 Eval - 03bc3d21f56e854b7fc3bcd3de2b7eb9	59 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 03bc3d21f56e854b7fc3bcd3de2b7eb9 2459b4619aec1f907afebfad1e17d1a904d8a229 997d9c15e6be03b76a77b0f595d4eb84d8e36716b184b24f3297ab0a9ac9c5b4 Loading...

	#53 Eval - 6cdeb073c84c07cf1eae79bed7d5eb6d	41 kB	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 18:02:45 Last Seen2023-03-12 18:46:16 Times Seen1 Hash 6cdeb073c84c07cf1eae79bed7d5eb6d 3f8083e85b78eeb2b7f316831e5d510797820379 1c470e3d8cbd78c31f7c422007f48097a3d86b33895de4f5a9c5a58a4b9e03e9 Loading...

	#54 Eval - 8e8c3fbcf8669ad9e7719b7af696b408	2 B	2023-03-12	2023-08-18
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-08-18 06:57:04 Times Seen138 Hash 8e8c3fbcf8669ad9e7719b7af696b408 67e1b6534c995b94f02bfafe9e8fec13f4a310df f75ac4266d9adf9fa859b00f58377553f44f2b07ff89f9c2f28f1442d03a61d4 Loading...

	#55 Eval - 7889b6d2826a6aac3231776d4e8792dd	218 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 7889b6d2826a6aac3231776d4e8792dd 12ce4d022ec94efcb3eb3d23b64702ffb9832165 83325b326d872797eb90d3f98aab7d3fccae6d7fbe1ee2967b2f5481e6055ebf Loading...

	#56 Eval - dbcc284cabbfe956a6380166ca12d0cd	216 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash dbcc284cabbfe956a6380166ca12d0cd 4f91cecb1b153e37ba37e950c0e667355a5cc8d0 d57c2587faa5d70dbc68027558f6539380940c460ece8970aed7bf2e6e18d0c7 Loading...

	#57 Eval - 2b6391668b36f0ba0624f2ae164905a4	92 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 2b6391668b36f0ba0624f2ae164905a4 9485fcf0b944e311c6e872c5643bda833a83103b 2b736cc5a3b1cc915beb4cabeb59b736dbc8f3d30711cfdcbdacda963c6bfab2 Loading...

	#58 Eval - edabcf3bdcc23a8f41265b1971796fcf	997 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash edabcf3bdcc23a8f41265b1971796fcf e5d404e548a3d5e202a5d643729ac6fab2c8bbf8 b1f2d234c8b3d89cd5829e800c34a3fca07663286a692c3db2ac6c95624b962f Loading...

	#59 Eval - f3bbbb4ad3601d4dd032804155d9b2f6	79 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash f3bbbb4ad3601d4dd032804155d9b2f6 572b7dcedc682e314d363557791feb0331d9badd 256b60be9f1acfcb0295402ae15645f8acadd5b3fa37b3e3d29829fd6e34d9e2 Loading...

	#60 Eval - 1f96bcb6a244aed9aab41c56ed890a56	208 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 1f96bcb6a244aed9aab41c56ed890a56 c25642f86c3b831c9df3189270176aaa2000d33a b49c5d16e6501e3decc3a7118f128d102ab64d44fbb1789f8d3e986d1a48bc24 Loading...

	#61 Eval - acdce060b640985ab91c8a2503ed1a17	70 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash acdce060b640985ab91c8a2503ed1a17 893e904eb198aef27bbc61815f97150107bddced 5ca44282dde2206b04d56dab6510d9414685eb8e28e9c60a26b1d98a433759d7 Loading...

	#62 Eval - a10a5f744c59ada1627fcf4c12e57f62	2 B	2023-03-12	2024-04-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2024-04-13 05:52:44 Times Seen57 Hash a10a5f744c59ada1627fcf4c12e57f62 27bb56adcaf5f46c5bd9810a5d07cd8585d9531b 2d7832dbab25091b94e11371bd6df3928e928163f3fcd51c72d3a1fdd4921442 Loading...

	#63 Eval - f95a9095e6e0cd6196bdb5768fac6981	320 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash f95a9095e6e0cd6196bdb5768fac6981 27abc266a7b5f41491e295496e8c78cac9329cdd fa43b623fe41656913647574ae181d5ea3bb688e8b6577c2a5b27ed4bf6b307a Loading...

	#64 Eval - e9187c20dc7fdfd56bfa109ac173ea45	29 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash e9187c20dc7fdfd56bfa109ac173ea45 90335b72e640c22d3eca27e188ba7d45c6ce0450 89da12b47f816a89e44b709ba2cff5f23d8240bf3593e05546cc461111ac7e67 Loading...

	#65 Eval - 34a2d7ead981d3d4567a736ffaac9f12	132 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 34a2d7ead981d3d4567a736ffaac9f12 507b486bca63521f8c19a107ba6409f5d5934be6 373cb934f93e6b9fccf46e1e41b01b3ee0460ff2ea34f318331c3d7725241ef2 Loading...

	#66 Eval - c983d071bd4bda32ff24c2234d4fc9a4	2 B	2023-03-12	2024-03-16
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2024-03-16 05:37:26 Times Seen1139 Hash c983d071bd4bda32ff24c2234d4fc9a4 223b7f0fa34cb01a774d1d81d388f8c5f831b7fc 7d373d3809c88b4ca0cfe2fbf5a5f935e0d564cf98ae3b3039d66b928716158a Loading...

	#67 Eval - 1ad335ae96aa754cbd254a4374b4c87a	71 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 1ad335ae96aa754cbd254a4374b4c87a 34e763eefb5576720432744f4e04ef8c66e2ca8f 1f49d961c64429f3e6c055ece8a9f0f6d98474b727692db5b8ad5b62e93d6293 Loading...

	#68 Eval - f52ba22baf75438bb1b02f476954c023	2 B	2023-03-12	2023-11-30
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-11-30 07:49:01 Times Seen965 Hash f52ba22baf75438bb1b02f476954c023 498306ab9bc8d549692c799e13762e3296f3b77b af6324a357e772660d76326577f0bb8a35d4e07ed5f26f1d3993dbbddc6a377f Loading...

	#69 Eval - b93d603db167a7c04afac000b49963ff	115 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash b93d603db167a7c04afac000b49963ff f70283b7d343480891fedea0ff65e5d558af068c 495f5846ca3305e2d50337fa098de9707d929405639cfe7c10085b3fae781fde Loading...

	#70 Eval - 2b55b26241dc81c4b6dedd9bc4524b6b	94 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 2b55b26241dc81c4b6dedd9bc4524b6b 27be88d79936c5f2eb43604f577c9fd8960a880b ebf46647f2892007dad3d83229f996e3e898a1c17045676bcae48c79d269b936 Loading...

	#71 Eval - c2479db22c493f743ddcb0eb39eae7ac	98 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash c2479db22c493f743ddcb0eb39eae7ac db83804cd9a90b3205b2a891b7966ddc731e4b36 87b267d431e648bcbcdc6fb4f2fe42354a581fb26c921f2a7fc3aac3f424adb7 Loading...

	#72 Eval - 9ec01bbe95d055e5700e8f42334cbf25	79 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 9ec01bbe95d055e5700e8f42334cbf25 cc4b05f16bdee71d523c010d81f46d5ce9f82e89 4a3d700b4856d69f8e6aabe44bb74867311de579c752fdf55886a472a0e51305 Loading...

	#73 Eval - d1b74c01295f6b4674c9e4887c7ca7aa	130 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash d1b74c01295f6b4674c9e4887c7ca7aa 3d0091f364e942d66e3736057bcbdde8ed2e9597 13e0eb52bfede6328de70434e41b471d8c0b4ff0a93bba931c22e59e6121adba Loading...

	#74 Eval - b32c1f154b808d67f087a055c03f8e1d	77 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash b32c1f154b808d67f087a055c03f8e1d 8dee23348c7319e296a3f264df230762d0983e54 4b0a28d4dec3f8a8708ec004c528fe0a5753635f6829362e3926ff115d5e7e49 Loading...

	#75 Eval - 878184c1c9d5f296b52dccff41bafec7	271 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 878184c1c9d5f296b52dccff41bafec7 439a6be3c73f6ee2255be0c94b43e8eba5039b4b c5a235b8ffee2e332b0f11f505a38c9d5178403450c11e301f724f65e084b426 Loading...

	#76 Eval - 3eb7e419f218562f7ad18f88be97be72	269 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 3eb7e419f218562f7ad18f88be97be72 bfbc482fc383dd569737187962c75b4d2c6448ef 8482db18033081a0632de5b9b6ccac992ff69e73dc9cdb81cd0238efc7b33ac0 Loading...

	#77 Eval - 3655c5d7d438cf9132dc46f6e8b4879d	47 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 3655c5d7d438cf9132dc46f6e8b4879d 9dbfb27c94565f37452a375945548668ac675707 52bb91f3de200f033811bb4279d11c901ca70ec326a3cb39e8578f757d7b565c Loading...

	#78 Eval - f73c8dab93aa91dc559f2a9cf89c0ab0	132 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash f73c8dab93aa91dc559f2a9cf89c0ab0 fe54a58df533fe1462dc8cd0e7c93022bb55cb00 279d9ca225588da2128357e7876e995cebfccdb5d4b9219e63ee221e06b9217c Loading...

	#79 Eval - 162460fec8c32fe139b554076af8e53f	144 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 162460fec8c32fe139b554076af8e53f 181888577919c115a1164f77708c7994cf460b48 a37f4ad677eddd81c0571e314e27143de84d061f899b77edb81c4121e3d33e87 Loading...

	#80 Eval - a7fdd466029dd73e0212f4c9cd7b737c	495 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash a7fdd466029dd73e0212f4c9cd7b737c 37f7173e8c38678a94fe81a6bc437bc797258772 0b72249155e9ec696c75a5295e95f47e14cd39ce0c6db97cf049cb385e2e98d7 Loading...

	#81 Eval - b4f9b2930439907046666215bd7c5376	140 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash b4f9b2930439907046666215bd7c5376 9e6564408036aebf645e19514140ac4e320a2248 3215f9c109b6eb89503a077617ca00a09077f31211c17ffdc6bcf5f64274c983 Loading...

	#82 Eval - 69891bd0677689fe83d348404110b01e	159 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 69891bd0677689fe83d348404110b01e e12423492f8918258cf8bd8b6ea3fe078ac0775d 32460c8cab35e0ae82edcf584f3d5ccf5ff67794acb1920d4dc3c2be0562be18 Loading...

	#83 Eval - 8fcaf203cb7debe035ac9511c548b720	166 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 8fcaf203cb7debe035ac9511c548b720 da19d46058cc80e3e0ab96baab71ad261e196f0e 027abfd91b06856ceccf155e34e6cd9caa8e5235e1333f46133224f5cdbe731c Loading...

	#84 Eval - 377c56ddfc5c1ccaaa8f6e9e9b7238ed	79 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 377c56ddfc5c1ccaaa8f6e9e9b7238ed 518cf6b71218cf32da4f32f7e08a1a2686b66b7d 26f06e92b805f5f8ce6ddd3b98bace3e40538c4d983e704a8059a170ec85e10c Loading...

	#85 Eval - 1c2903397d8833382673bab22aa8b937	2 B	2023-03-07	2024-04-10
Pretty Observations First Seen2023-03-07 12:03:39 Last Seen2024-04-10 22:26:54 Times Seen106 Hash 1c2903397d8833382673bab22aa8b937 5065f3689a7d7b6866f33c8d8dd8eac774b3eddc 9fc4508238942e7cf40354d962db0c18c5ceec7320e0a3b9f69a0a7836efa50c Loading...

	#86 Eval - 0d61f8370cad1d412f80b84d143e1257	1 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 12:12:28 Last Seen2024-04-25 18:27:31 Times Seen9072 Hash 0d61f8370cad1d412f80b84d143e1257 32096c2e0eff33d844ee6d675407ace18289357d 6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d Loading...

	#87 Eval - b317631725d4e8e44bb045f41d4fa9c1	69 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash b317631725d4e8e44bb045f41d4fa9c1 0a309e7e757ba63c5ecf79423af43b9d3e15e6ba 93fbf2d512c6cf6ec6f2e7221548983b34b2d6a99a3a7d987fefdf1bd15a72dd Loading...

	#88 Eval - 20c4c6104a283ee7383776e722439342	2 B	2023-03-12	2024-02-25
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2024-02-25 23:39:30 Times Seen9 Hash 20c4c6104a283ee7383776e722439342 5673719e82d0cea7e5290d4cb5db9831ea891646 621a2aa80895fc40d743977e74a778e864098e0e7aa78d9317a8c28491489962 Loading...

	#89 Eval - 6e1b0555f028c89024e3407a21e66136	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 6e1b0555f028c89024e3407a21e66136 a43d0ceb5dd813ec31fc6417ca2c2e45e9ca52ab 7da79eb8dcb079d4254d5bd6a23251343f41ad736f635953a60032addd9ab43e Loading...

	#90 Eval - 0d80d99d7f209071a284c9ab6d14accf	83 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 18:36:37 Times Seen53513 Hash 0d80d99d7f209071a284c9ab6d14accf c91e7389c28a7b35eeb114484808a20cddb8c20e 0cb21d1de060008bab472c15c63e6f15828de601f85deff00d701d26c0f6819a Loading...

	#91 Eval - 1c65599cb46ab38b1372584d73c5b855	440 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 1c65599cb46ab38b1372584d73c5b855 e99f5c7a131a05e6887a908aa009fa79f81edf09 ba687998d0a8cbb8265de43faa51b28c01e6586af3e96c456774a0f2b16879d0 Loading...

	#92 Eval - c6e948a309a8b3a48ddb59e23b28973e	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash c6e948a309a8b3a48ddb59e23b28973e 2e2d914036b9ec5f4f2433313c3a52d8bf6d9dd7 6b5e022e3ad6516558501ba348a4c65fccebf8e75041e5354e9242437f38c223 Loading...

	#93 Eval - e0394c9bcdb655a873154a051809e726	2 B	2023-03-07	2024-02-25
Pretty Observations First Seen2023-03-07 17:30:42 Last Seen2024-02-25 14:52:56 Times Seen10 Hash e0394c9bcdb655a873154a051809e726 43c494479cef115883f94b03dca27fa61e6b852d 3dc967f1499513cd618524f0c05198b50512f775cbb6fd54488c0d130b40b326 Loading...

	#94 Eval - 89124fc63620d83761110bc7e1ba5df9	2 B	2023-03-10	2024-04-06
Pretty Observations First Seen2023-03-10 23:00:59 Last Seen2024-04-06 19:08:00 Times Seen729 Hash 89124fc63620d83761110bc7e1ba5df9 7caa348e5a262dfbebc80293ec34cc3d7e03216b 8e1dbf14ae83c99040ff15a1b7c612b72e5847b9d3ef4948fa2a29ddace9971d Loading...

	#95 Eval - 9830e1f81f623b33106acc186b93374e	2 B	2023-03-12	2023-11-10
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-11-10 12:23:13 Times Seen2116 Hash 9830e1f81f623b33106acc186b93374e b331fc67af2f8f62216dc7677e33fa9ad545b96d 5d58d41913d9fea4e42cecd7a5d1b692aa6d0d792977ad7c6d6bb1507e8f3dbd Loading...

	#96 Eval - 3da770cc56ed4407b6aaf10ad4e72b4d	2 B	2023-03-12	2024-04-05
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2024-04-05 19:39:34 Times Seen102 Hash 3da770cc56ed4407b6aaf10ad4e72b4d 112f489f6b265cdf4e4892f7b952cd36fc0ecd5f 9edc391f9b3e2cde722b0ee2fe0daab004191dac3fbf48c5cfb487b28d09c70e Loading...

	#97 Eval - 8d668cbdef580ebc1a8ede2d734bbeae	77 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 8d668cbdef580ebc1a8ede2d734bbeae 9d41477852ba20e982c478e50cf4d2a00614e5e7 235072fb7a13137cd24c93de23bda54ddc1d5fdcc9546bcd885ab85979d9f6be Loading...

	#98 Eval - 9dd4e461268c8034f5c8564e155c67a6	1 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-24 08:15:42 Times Seen11988 Hash 9dd4e461268c8034f5c8564e155c67a6 11f6ad8ec52a2984abaafd7c3b516503785c2072 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881 Loading...

	#99 Eval - 3cf4046014cbdfaa7ea8e6904ab04608	2 B	2023-03-10	2024-02-21
Pretty Observations First Seen2023-03-10 09:28:47 Last Seen2024-02-21 08:49:59 Times Seen164 Hash 3cf4046014cbdfaa7ea8e6904ab04608 fd0aa93434507bb33ff096a66a4891c2bc4fa12d 70a0d5198ebb88f97a2cc83a236a8afcc28c7d9e6abf40c173dd54c9f45ad7f6 Loading...

	#100 Eval - 0d7c7b95def96e749f312e41b7d107f1	83 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 0d7c7b95def96e749f312e41b7d107f1 a92c97243b1eee62749ff7a0cf8f38b999e9b251 1aa19b5ec195ab7151b6c38d81ed3d1fb401950b24ad006cf9ac306e74daf156 Loading...

	#101 Eval - b50b2f0e5a41c84798a0939676bf75e8	96 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash b50b2f0e5a41c84798a0939676bf75e8 3200fe827b3f9c955cae53e048068df71460c6bc 844993f26f128bbcbf32f265e8ff8ff43ae373b51437f579595672d8fe226a6b Loading...

	#102 Eval - f5717bc98a602da4db78ad929220e172	130 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:45 Last Seen2023-03-13 06:38:22 Times Seen1 Hash f5717bc98a602da4db78ad929220e172 8f52d608291d3a4e42f2e93714c8c0050a385f72 4635ecb927ca43728c383ca74804e806883933e96da1c9b7d36b1e9080f409d2 Loading...

	#103 Eval - 5580caa7adc73a6af73b454e09a4f807	995 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:00:46 Last Seen2023-03-13 06:38:22 Times Seen1 Hash 5580caa7adc73a6af73b454e09a4f807 98fdc3283fa392e9d23995bc20ee5fbdf09a6aa7 5643f878fa5599472fb153d9c0b8d7cfd21777f346397eaa45641e2fb5111b02 Loading...

	#104 Eval - a5ae5f54f9f94d646eae495ad5acd5f7	2 B	2023-03-07	2023-08-28
Pretty Observations First Seen2023-03-07 13:19:40 Last Seen2023-08-28 03:35:21 Times Seen58 Hash a5ae5f54f9f94d646eae495ad5acd5f7 e9dc7550db788903ed588ea08cf505f6e7a23ad1 945c3ae79df0223cdd905b96690f4eb98cf85abc29eb8a1a3e7a1590b5442afc Loading...

HTTP Transactions (91)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12315
Expires: Sun, 08 Jan 2023 16:25:56 GMT
Date: Sun, 08 Jan 2023 13:00:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9374
Expires: Sun, 08 Jan 2023 15:36:55 GMT
Date: Sun, 08 Jan 2023 13:00:41 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 08 Jan 2023 12:48:17 GMT
content-type: application/json
age: 744
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3450
Expires: Sun, 08 Jan 2023 13:58:11 GMT
Date: Sun, 08 Jan 2023 13:00:41 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: eYGFjvMD0TdGEQdYN1bBMhf4g5c4cKC7x7LtQBbpHBHZnOmNWiYwqp7C6AmTBzEasAp6O3UWkRhAkpqZWU0FgA==
x-amz-request-id: KKSCXQQXK8EZ5TTR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 08 Jan 2023 12:15:46 GMT
age: 2695
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 13:00:41 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83

142.250.74.40

302 Found

253 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
253 B (253 bytes)
Hash
68bdd82de0620e0f2ae5f2728b4a3ac6
8e6426bc586031e43cb0a17a917e3d225d3aee1e
4e913112163e1abb8c2a9e485ae0acf4456e36c598e52f8d53bc63aeb2d6e7a9

HTTP Headers

GET /gtag/js?id=G-MNTK4YVF83 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 08 Jan 2023 13:00:41 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 253
X-XSS-Protection: 0

www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

104.21.77.237

200 OK

25 kB

URL HTTP/1.1
www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10246)
Size
25 kB (25393 bytes)
Hash
664277077ba4f623c0880435554afafb
a30c76f9fc86bace0a582af6b6a9d42ba2a8bc0f
b2b00a37232226be5adbe2fea89a1edf5c256a7dacdc2639923ec09d8778e6a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/ HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Pingback: http://www.saha-banks.com/xmlrpc.php
Link: <https://www.saha-banks.com/wp-json/>; rel="https://api.w.org/", <https://www.saha-banks.com/wp-json/wp/v2/posts/1444>; rel="alternate"; type="application/json", <https://www.saha-banks.com/?p=1444>; rel=shortlink
Cache-Control: max-age=7200
Expires: Sun, 08 Jan 2023 15:00:41 GMT
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAa5JZ8Q3C0r5cXAPx564Dc8FaXclKMZe6s1ZvyqNVF9MS9Y40oZ5GmvdiLdUUEqDgusfnPAEodbT2qGC%2F%2FZvsITVtZ0WplURte%2BYPD4KdMrsIHKdfTeAqYbB%2B1xjGqPOiS1bTQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e141e19fac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
315edeafe1715f46de7d38be371473a8
25e357166d0ddfff3e60f9042d56f37c1ab7163a
9869582721de4f610dca5030b9a703863d2eae2667061b2f722aebdaf60468e4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83

142.250.74.40

200 OK

79 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-MNTK4YVF83
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (22462)
Size
79 kB (78776 bytes)
Hash
45cbfcb3468dbe23764caa8444e9442f
e58e40890aa77487d8e66044a711458a8dff8293
b6ae9b00bf00de12891b3a2a3896248f3e44db56451e23f2cefd65437114ac06

HTTP Headers

GET /gtag/js?id=G-MNTK4YVF83 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.saha-banks.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 08 Jan 2023 13:00:41 GMT
expires: Sun, 08 Jan 2023 13:00:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78776
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
315edeafe1715f46de7d38be371473a8
25e357166d0ddfff3e60f9042d56f37c1ab7163a
9869582721de4f610dca5030b9a703863d2eae2667061b2f722aebdaf60468e4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 08 Jan 2023 12:33:43 GMT
age: 1618
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
790c7880f94940ab24a5eeb9c36af00a
60d5f1b867ba31ee367c5723821db3616676c367
6e8ec17af9d81e1ab63464f223dde8e0f0dd506295f7e852130e3d5800b0f4c2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:41 GMT
Server: ECS (amb/6B85)
Content-Length: 280

www.saha-banks.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212

104.21.77.237

200 OK

458 B

URL HTTP/1.1
www.saha-banks.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1156), with no line terminators
Size
458 B (458 bytes)
Hash
0700905b705f44f6bef08b2726874c21
99ad11afd1a04122f39a2a05aea5b60ff9dbb812
af2c2830705f77b6784a2635b3cadb5772c025de8f878ad14abab0feb1e81925

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Content-Length: 458
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:26:49 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lnxEEBpxF8XAaCYvO74763u0bnJWoysXr4tMDhya4zILvx%2BYvlU3mXqN%2FMRvnM5%2BtVfRqwj2Ro%2F2OJkk8W9i7v1sOthYgqvr2esj2FV%2By5gLBTMPhKOSw%2F2fY%2FhNEPsztMxUM0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e187ee5b50f-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-includes/css/classic-themes.min.css?ver=1

104.21.77.237

200 OK

189 B

URL HTTP/1.1
www.saha-banks.com/wp-includes/css/classic-themes.min.css?ver=1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Content-Length: 189
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:13 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAKwv9mHzjFb9tt2Ny6P00FTPe35nY905ukLvrK2Px9EYxQ4IF55gF3supEWU2B5YIHF6ATKjAQdYIHE6frZBbRjIhOAspEqJyHnV6nX1pVX4B%2FRpbe6EMvC5KsuTzPvSYsbvXc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e186c9c0b65-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1597
Cache-Control: max-age=160365
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:42 GMT
Etag: "63ba87aa-1d7"
Expires: Tue, 10 Jan 2023 09:33:27 GMT
Last-Modified: Sun, 08 Jan 2023 09:06:50 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

www.saha-banks.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1

104.21.77.237

200 OK

12 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (42000)
Size
12 kB (12209 bytes)
Hash
5c15986a7f6f7c940ea94de8a0b79fae
32a30e717b4aaba9d4d0325d00c0cad154cb8639
20a931a1c53300760bc2cacfcaea3b877b08053a72998b45f216061c27617e40

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/base.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Content-Length: 12209
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pxms8ScGvyUnR7vmiSyMne%2FsW5FOzNLtV1rAPB9IbrIMUvVzGtExX4AJEZVf7f01A%2FLq7CjpE%2F45HyC6AYD0Bnk%2BN8TTQSwaQQ%2BnYaXY2byoTaxOuZNXSawXIMduRGnvqAUx8aE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e18db39fac8-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2

104.21.77.237

409 Conflict

276 B

URL HTTP/1.1
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with no line terminators
Size
276 B (276 bytes)
Hash
eb87734026c78562c46ffe59d817268a
6a2acea1da3edd46651b244845606cbefec11e72
d7b3507dfa4761ba2a4286b64296a614ede5529a557a56f3919411422431e574

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 409 Conflict
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln2zm6SgWFMQsdjT5u%2FMxtIh6xxnzT54%2F4tZ%2BCi0ZHeMJ69jsMWmM2BZLJyt5mp8Kh28h0rBIjD9Ryr9fkzzKK656GqeETockwPOwh6C%2BRRsOfyOI2U6yWz4DEsaPHXFumWBNks%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651e187d81b512-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2

104.21.77.237

409 Conflict

276 B

URL HTTP/1.1
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with no line terminators
Size
276 B (276 bytes)
Hash
4d28ebf56850e07bed2081114aa1e069
501cd3747e8b40a189a78b888a5abf2fbf89d415
ccde6673139c30aa0204f9afbdb2c7415fcb35a35fc011e49fefbac050b07783

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 409 Conflict
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLtq2%2FDHH8akw%2FS4RIYb0%2BNNfTO9utT340%2F5WxbPeIIhhejW%2F1qeJPLDHnxx0QFHc%2Fiwy2kmycrPCGqPxNVuLgGQIOx%2FaL9shjVJhy0gCSb%2Fpd41xG56xgHWFKjvsPWcZ%2FkdBJc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651e187eab0b49-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1

104.21.77.237

200 OK

18 kB

URL HTTP/1.1
www.saha-banks.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
18 kB (17623 bytes)
Hash
28f05939dea4edca059c244cc702bfda
7e40e0235f2f7bc4d9f95dfa3f1773de320c3b28
369b0dca347d53e862ff6a7971f1a7d175648b13027e56c1d397d5e8266481a6

HTTP Headers

GET /wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 20:34:09 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:41 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaKJjJsizzP8e20wFmvPpExS0W0g7%2F%2B3n5Z6aBeSzS%2Bx6zJoBiJkyXuCIB%2BmzTnCIUaaQxi7pgbwShQR2x3rkCHifh%2BRliWzOda%2BtMGy%2BpFznCXzLVB8KEFPW8I1qE%2BMPFXZcrg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e186bbdb515-OSL
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

52.34.49.10

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.34.49.10:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R6ktAgyoAVyChPvjsGj2pg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /Dz8w1/qqNoNb6GsB3QNpWg0WtQ=

www.saha-banks.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1

104.21.77.237

200 OK

12 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (47525)
Size
12 kB (12354 bytes)
Hash
1a49f64a9824ac7858e559a933e9eccf
caa8b49e61974a81da01a9032393216a05995810
175a7a8805e51048305f212a6f54319606a725044a229190262511468e569a81

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Content-Length: 12354
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGrmJXrbliQWn17JL1PIgJ7QNNAwcf92RZaCbILKeyCzz7iFBLFAHwSMNUoJTZxU4wlXWrhihfx4jUWfK6Z8oCkLQLp5R17e9fxBuk1HbsHCTG45HMimc%2F3O3OP60PSZp70cz8A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1acf880b65-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1

104.21.77.237

200 OK

10 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (40185)
Size
10 kB (10255 bytes)
Hash
638ef4cc88b27674ebd9a1355c29c61f
8f532be7574576baa2c56ad1c6c2652296bf0c42
993f335862fede763c118e404999ce60f88e9b870ee07de9e6e1579f7e556df5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Content-Length: 10255
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXDIpJVtv1VqWfg2PY0F1VEH2%2B%2BjvCcI0tg8T26zt2u1NTlM15mlPTWcJRHRkflpjCx4ZeQmOjPuKL5Cx8X2GhDbvbv6VWmuCtYVIq1h4pnTfw48wU7bPuwjaiaj1rMLGvKmCpk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1b1db5fac8-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.77.237

200 OK

655 B

URL HTTP/1.1
www.saha-banks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1238)
Size
655 B (655 bytes)
Hash
bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 11:26:13 GMT
ETag: W/"63b6b3d5-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5FGvBggQNEjJudXWOeJyzzMX6VQqYT3hYBZXGsEyG5hyzr86a%2Fat36A%2FHqh8dffck%2BmaFGZ4v%2F0wijWp9RoX7MQTosbRhccl0C3gJBu9Tk5JCCka3BBgblSOyTxzNkJNXOQx%2Fw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651e1d5f46fac8-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 10 Jan 2023 13:00:42 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip

www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.77.237

200 OK

3.9 kB

URL HTTP/1.1
www.saha-banks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12331)
Size
3.9 kB (3886 bytes)
Hash
54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 11:26:13 GMT
ETag: W/"63b6b3d5-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTqPdnM%2FC7eHE1gLlxJ%2FuYMdM1rqodRq0AzegsA%2FkNLcyG%2FBcN5cbTVSuBYgWJFkwSoSrU0v0GHWUhRwWwZbUtzMzYRJMKeD8jlf1tSbnFoRzs3SFbZCBwkKO6st0LXlhhUpixY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651e1d5f48fac8-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 10 Jan 2023 13:00:42 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip

www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1

104.21.77.237

200 OK

2.9 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4936), with CRLF line terminators
Size
2.9 kB (2928 bytes)
Hash
11ef5282e4e1793227bcc1aff992219e
11990fef6eb1dcffffc40fb12f770a7aee21251c
c419b80ac34071cc030d0e26427de827a30f1d58b03e51f72d13126a7c11bb4c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Content-Length: 2928
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMSjxVHztYuICUQ4BbjA%2FPTq9se6cOQNCkARYl0FZaW%2BrrtQoW4Ow0mW6cUPxMeAL807GLjwRJZnX%2BC2BD4ob4tphNA9qt0CDV9EYaVQEMeVmV7fyCPFJ8g14TNWKG%2Fsz9iZ85k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1b99890b49-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1

104.21.77.237

200 OK

12 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58661)
Size
12 kB (12516 bytes)
Hash
0913411c20bb983546f234d4685b40be
52b1104571de6fe046f0b76fece038bb06f7dcd4
1342814f0b2a66024a055e2037caab0bac8bdefe26a194d4a2605f13ab4cdc5f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Content-Length: 12516
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJeeJHDBJuiu4otW07j6yHmGWdU%2B4iwCLFcsyblBxCyNA9MtbSNK8EZCHzTw%2BTrg8KQC9i1Srt1h8IlXYwbZ8vqQKAfjqs%2Ba59%2FzghoiIc%2BFz2Ui44xWzS2zC4G8ETOw3Lp8V0M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1b99e1b512-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1

104.21.77.237

200 OK

40 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
40 kB (40455 bytes)
Hash
fd0cfb25ff8ba12d3d717f5a1cdd0b75
9f0509a79961728b5554633b4ead59392919002e
3720e4aa3059e4a23d21ab677d701392fdff1cb43ad037521daa8a1be5bccdc6

HTTP Headers

GET /wp-content/themes/jannah/assets/css/style.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UII2q9CcJBv0dOMXAvs5WO%2FMpxYkcj3UkkQRyZAxfv7vzU0OzJfWtZDiUQfbqj2IBn3fFqbccT1nWA2flWg8XOdWElwOsAOhu64JuXnyo3TDjLPNOPzSJRXFueOpXyn0GUKZjsk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1aca10b50f-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1

104.21.77.237

200 OK

13 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (46574)
Size
13 kB (13233 bytes)
Hash
54c898701c208d545bcba86cda4f31f6
bce6775632f3f76fbefa139b20ca6a563c242e03
24a761a2ec326cd6ac52be7e2b9fc11618a4db76eb28ad132cc331f1e9c58e6b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/single.min.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Content-Length: 13233
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3RrsfB7okcNzpEv5Z4TK6KWZ8vh89WIB3uTH8nEbIRMTvgomwQ8%2FCnr4Prg%2BWsLDCdp58%2B%2BADU8MGU0eqllkEES8NOkHGCrmZd7FaxHPDUJnx6DzPFaKgkDzdR8wuhi9dT1EMw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1bd8a3b515-OSL
alt-svc: h2=":443"; ma=60

region1.google-analytics.com/g/collect?v=2&tid=G-MNTK4YVF83&gtm=2oe120&_p=1298793366&gdid=dZGIzZG&cid=1103795036.1673182830&ul=en-us&sr=1280x1024&_s=1&sid=1673182829&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&dt=%D8%A7%D8%B3%D8%AA%D8%AE%D8%B1%D8%A7%D8%AC%20%D8%A8%D8%B7%D8%A7%D9%82%D8%A9%20%D8%B5%D8%B1%D8%A7%D9%81%20%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A%20%D8%A8%D8%AF%D9%84%20%D9%81%D8%A7%D9%82%D8%AF%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AE%D8%AF%D9%85%D8%A9%20%D8%A7%D9%84%D8%B0%D8%A7%D8%AA%D9%8A%D8%A9%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-MNTK4YVF83&gtm=2oe120&_p=1298793366&gdid=dZGIzZG&cid=1103795036.1673182830&ul=en-us&sr=1280x1024&_s=1&sid=1673182829&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&dt=%D8%A7%D8%B3%D8%AA%D8%AE%D8%B1%D8%A7%D8%AC%20%D8%A8%D8%B7%D8%A7%D9%82%D8%A9%20%D8%B5%D8%B1%D8%A7%D9%81%20%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A%20%D8%A8%D8%AF%D9%84%20%D9%81%D8%A7%D9%82%D8%AF%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AE%D8%AF%D9%85%D8%A9%20%D8%A7%D9%84%D8%B0%D8%A7%D8%AA%D9%8A%D8%A9%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-MNTK4YVF83&gtm=2oe120&_p=1298793366&gdid=dZGIzZG&cid=1103795036.1673182830&ul=en-us&sr=1280x1024&_s=1&sid=1673182829&sct=1&seg=0&dl=http%3A%2F%2Fwww.saha-banks.com%2Fissuing-al-ahly-atm-card-instead-of-a-lost-self-service-card%2F&dt=%D8%A7%D8%B3%D8%AA%D8%AE%D8%B1%D8%A7%D8%AC%20%D8%A8%D8%B7%D8%A7%D9%82%D8%A9%20%D8%B5%D8%B1%D8%A7%D9%81%20%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A%20%D8%A8%D8%AF%D9%84%20%D9%81%D8%A7%D9%82%D8%AF%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AE%D8%AF%D9%85%D8%A9%20%D8%A7%D9%84%D8%B0%D8%A7%D8%AA%D9%8A%D8%A9%20-%20%D8%B3%D8%A7%D8%AD%D8%A9%20%D8%A7%D9%84%D8%A8%D9%86%D9%88%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://www.saha-banks.com
date: Sun, 08 Jan 2023 13:00:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.saha-banks.com/wp-content/uploads/2023/01/%D8%AA%D9%86%D8%B4%D9%8A%D8%B7-%D8%AD%D8%B3%D8%A7%D8%A8-%D9%85%D8%B3%D8%AA%D9%81%D9%8A%D8%AF-%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A-%D8%B9%D9%86-%D8%B7%D8%B1%D9%8A%D9%82-%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81-390x220.jpg

104.21.77.237

200 OK

21 kB

URL HTTP/2
www.saha-banks.com/wp-content/uploads/2023/01/%D8%AA%D9%86%D8%B4%D9%8A%D8%B7-%D8%AD%D8%B3%D8%A7%D8%A8-%D9%85%D8%B3%D8%AA%D9%81%D9%8A%D8%AF-%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A-%D8%B9%D9%86-%D8%B7%D8%B1%D9%8A%D9%82-%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81-390x220.jpg
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 390x220, components 3\012- data
Size
21 kB (21234 bytes)
Hash
0aed5cdead16b93d08728bc0d4935a5f
b2f2a15e4660ecfad35de075ce232e54df30f74d
1b92ea94a5c3122c1d377fb74365b59ba3fb2c6065003d02f6ddabf6263e982c

HTTP Headers

GET /wp-content/uploads/2023/01/%D8%AA%D9%86%D8%B4%D9%8A%D8%B7-%D8%AD%D8%B3%D8%A7%D8%A8-%D9%85%D8%B3%D8%AA%D9%81%D9%8A%D8%AF-%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A-%D8%B9%D9%86-%D8%B7%D8%B1%D9%8A%D9%82-%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81-390x220.jpg HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 08 Jan 2023 13:00:42 GMT
content-type: image/jpeg
content-length: 21234
last-modified: Sun, 01 Jan 2023 21:06:06 GMT
cache-control: max-age=86400
expires: Mon, 09 Jan 2023 13:00:42 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3UtqLDyf07kOvwnKD1P1yUnSHbFilxTKHQuzIMuvRboFyK64GiqrbEWKibrlq4bhD2jQlB6auEJgoFtnS3u2irjhCAXpWTKoMJtMleeXc5xwE0qKVCw3mIBv%2FFAbQEplNmiZwE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78651e1a7e1ab50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
790c7880f94940ab24a5eeb9c36af00a
60d5f1b867ba31ee367c5723821db3616676c367
6e8ec17af9d81e1ab63464f223dde8e0f0dd506295f7e852130e3d5800b0f4c2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:42 GMT
Last-Modified: Sun, 08 Jan 2023 13:00:41 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280

www.saha-banks.com/wp-content/themes/jannah/rtl.css

104.21.77.237

200 OK

10 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/rtl.css
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
10 kB (10111 bytes)
Hash
c8916d805e401072c3e814c0b4893f9e
7245a0f7dcfdaca731de648bb9ebbf34942a3177
1ab7417c5db7f6730a2633765151f158893ac8c134a08d796a8930c5781a30bf

HTTP Headers

GET /wp-content/themes/jannah/rtl.css HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:42 GMT
Content-Type: text/css
Content-Length: 10111
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sj812ZHaQ0diZugHEiM70JP8dPgmxXsKmhEXCc0PmCFzcD1WNkfLHK%2FpfrzOxjTltNfS3TWAcqu%2BnfU5RiANr1%2BYtkGeb4LwtJyHcn4SeRgL2XLNkJ4hszJqu0HsIT80S0VS5Ns%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1d19ea0b65-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474

142.250.74.66

200 OK

49 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4885)
Size
49 kB (49343 bytes)
Hash
efcfb56d6a9f44ca8caf8a328e6cd435
8f720b70b831cb94790d8ec42201515fe7854122
621bfc9c78dcd5247911dd5e2391d72b259a829468f0da2ab95d9da2335e9bea

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-3222560371730474 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 08 Jan 2023 13:00:42 GMT
expires: Sun, 08 Jan 2023 13:00:42 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11808788649621943094
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415

142.250.74.66

200 OK

50 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4885)
Size
50 kB (49729 bytes)
Hash
9b527ecb5223f11859285c5ba92f1d99
bc77ae2a332b50b8afa4f3b14df83efbc9ac4ec8
9b3fffffa14365999af17c4a1f5adedcb585f7a62c49187673330585ef762b17

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-4557499569195415 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 08 Jan 2023 13:00:42 GMT
expires: Sun, 08 Jan 2023 13:00:42 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7300947849932655872
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.saha-banks.com/wp-includes/js/comment-reply.min.js?ver=6.1.1

104.21.77.237

200 OK

1.5 kB

URL HTTP/1.1
www.saha-banks.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2946)
Size
1.5 kB (1477 bytes)
Hash
92712acce6ce836d0a929b1800b4f9d6
8157d1380bb1d6dadfd85565dd464bb5b0ed06bd
2f82d181a2cadadf7d898d7f5ea2eb527106fb6413044b55fbfa4fb0081a2e09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Content-Length: 1477
Connection: keep-alive
Last-Modified: Sat, 09 Apr 2022 07:37:18 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJsHlwFwG1%2FmzaXDMSQL90QOFQlnyUwHFiD53Of5UznVIOis9tHvTfZIg%2FH3pcLGdCs8PFrMnR77iH8QokUWJwtfP3knPGgVyfAtitN7Fgxef79eu8PDJ9074Tu06cb71OkRT3g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1fcf8ab512-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1

104.21.77.237

200 OK

6.8 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18002)
Size
6.8 kB (6771 bytes)
Hash
08f3564fe02643f632af8db483079dec
fd5897658a57986b46a3dc88e2c6f129412f0e7b
f21a0152825b0609135e73a0077a3742c2add8eea66a6ba1167fbcdb5e0e0421

HTTP Headers

GET /wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Content-Length: 6771
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xPxXT%2B18j7ciRjyYVRVS3PQJLMVYdlXaWnZpVzmoZ9lfYXi9Ssk6vK2i4vsDEWjAnlXOakGu6%2BafWmBK8GUpIR1qLglrXx917rJiZP37CX%2BaG0jlrQHlokWx33%2FsJ4Vxsal3FU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1fd995fac8-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1

104.21.77.237

200 OK

5.8 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (13532)
Size
5.8 kB (5752 bytes)
Hash
9bf567f02589ecd685ea926901d1c3ae
ca48792eabbc9cd167bab26dc52728711ba5b3e0
6ba8506c5aac579499e3eb9022d0972ccd31199774b8e8a7e0e8629f46a13f64

HTTP Headers

GET /wp-content/themes/jannah/assets/js/live-search.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Content-Length: 5752
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuSMJ1CKrNxXYWRKhw9X%2F0j7ApI0RKHz1TLm02rwEcGVbE9g4FqpNexjk0BSoUGjiJDznbaCsCV7T4AHeIjFpvxGJX6c73HO8NnFN3O9aUv4JeHaprtKPUUdSrri4kRypUz4peQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1fcdd30b49-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff

104.21.77.237

200 OK

41 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 40812, version 2.0\012- data
Size
41 kB (40812 bytes)
Hash
b5b7e935f421e6ca7967b036fb08afd5
38a99c496548c5d2ee22c6df3b9dfd5081a73332
f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.saha-banks.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.0.1
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: font/woff
Content-Length: 40812
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:42 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3l4sZwYY8%2By6VLT2h6bvjSZk9m97YEx1ODGAEXfm3vVTjQ8lxKyIc0mP5sIn9YxajHEVmedRVW4M1n5Kf3gE7sVPrhWOdmYouZROdPK4vLdqKzHcHa%2FWboekaYW7ai89sn%2BoQyY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651e1f6fe9b50f-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/css/print.css?ver=6.0.1

104.21.77.237

200 OK

702 B

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/css/print.css?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1760)
Size
702 B (702 bytes)
Hash
8ea40413b0999dedb6605ebeb8bb610b
2a6428bdb0a9e53bab87ed5f8d2d1e5c015de9de
2ce6e8aeb208877c5e6c046177a7a739600417b7da2e747eea36d22ce722e8bf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/print.css?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: text/css
Content-Length: 702
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iI0luOInVXAwZ8qWVvFw4VE3TOQiyMtbtpNj4nBtDjaMVBxnmSuZq3ikFvCwZKPN%2BPXYOBntXXEzxGIO7viA8fNZK35wN8yHlB%2BU89QzfIPooTSg0bUBomu6Lrlxb%2FL0wbBlS%2Bs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1fae33b515-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1

104.21.77.237

200 OK

2.2 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (5548)
Size
2.2 kB (2194 bytes)
Hash
54ee2458031284f8ff653682b1afcdd8
fec4e94be86f5fdb938f0048cbb977a84bd8f3dd
d65f2e5c8b694987dbfc42359cc5ea3092b7e878b67cec45ed5c353d5dc06771

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/js/single.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Content-Length: 2194
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngTABq8SPx3Mg01gZfqgPg87%2BXetgpahxDKPDW8Qq5SBlH6rRY68oCfDXHCl%2Ff19GoZPHs1XzxjvYXmn%2BXQrK37hXn9c5et7Qss8nAs9I7PGF2MJ75x1t125KBnmgCb84SgsL7c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e1fcd500b65-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1

104.21.77.237

200 OK

32 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2026)
Size
32 kB (32479 bytes)
Hash
04c34bd00edeca5e9f0067d8de727263
8303c1c817ef8f2719dd26ff9ea7ab3fe878163d
a7ba5f9c7bb2a1eacaaf3d91ac38ed27ab66548379884936e7cc890834e351c9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riURdTxWgE5wgxre8psB7Ngzik0c18Mf%2BFNJDY4A2ubWdDyuzcfgJIsfAU3YRqz7T1OGspVDiq%2FjRy6oBA73AuSYaoK1%2FZNoviTkKIq1q9iTepcZjffz9QZPK5q9xLKR87PEKN4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e20f8e2b512-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2

104.21.77.237

409 Conflict

276 B

URL HTTP/1.1
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with no line terminators
Size
276 B (276 bytes)
Hash
ee7d57a861e7839603c0124a2cffb987
9d2d42be0975d6ef5b67844e27cc01bed6c4d11e
5784c2f69e6933ef70a4ece16358f45e710351335adc678191127f71a4156095

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 409 Conflict
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQ9741Cw2Uy52NzhJLRwdlpM62FTde86PVJYKZE0a6NyTqeBfxEz%2Bb1DvU2iJtPwlOeOhurkbtYk7t8AaOjmG6arEX416TANeTIGaRP56k6a8au0qCzq0DmqoBQwKmT7pbgmDXM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651e21aac0b50f-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212

104.21.77.237

200 OK

2.6 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6091), with no line terminators
Size
2.6 kB (2574 bytes)
Hash
04707e026d958b0930058e62e149a320
5add6ddce69863946c147d32b8b17ebf8d996270
25ba9835e3b974f8f386b819df9e9458775f30cb4d5411f4264f754be09659ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2212 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Content-Length: 2574
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:26:49 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZdAYHTgjUvooJ6xnyNyzPVCPlxIbKdzvqKwQh%2FaagZIP3PJIWPzsRiogyGs%2F6Q8G%2Fk2hvk5rSd0YhvT5Fa4TgDW0AZf65jq98gPOud8TLf1svy4usBA%2BBUmpMlxZTE276smSBY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e210f740b49-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673179200

104.21.77.237

200 OK

17 kB

URL HTTP/1.1
www.saha-banks.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673179200
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (34252), with no line terminators
Size
17 kB (16561 bytes)
Hash
436ffe411d7a275edd7436cf2345e5fd
1c83000aea539e165f93f18c7b96b85fe3dd4b79
867f9b080713a6f6353193b7e8fdce49c018f093999a3fc21e95bc9ccb73302d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1673179200 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
cache-control: max-age=14400, public
x-control-type-options: nosniff
vary: accept-encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsFLjAE4Y1bxlmMmIb9iJzPPFUV%2BLV2MzfUWIyOWfmQ%2FZCfxqmPY0PeigfqEbLdRKJABEoBoVI5qONCyTOiNKbZf5PyWyT%2BlztYird1Do3dO%2BgF3CUrgo9aM0KKLVKLYOZumMNI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e233a320b49-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1

104.21.77.237

200 OK

9.3 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (23452)
Size
9.3 kB (9292 bytes)
Hash
c71948baa7efc749b427fa84f76a17b9
906d046ea213beb93d6c02eb68bfb3cfa10edb48
3bbe2e1e4b4982f5e17d8fb150f0f45f2362122f5a845c3090cbb4153e5aa5d0

HTTP Headers

GET /wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.0.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Content-Length: 9292
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 20:27:08 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGofhce9otCLdRpnK3hRBlT%2FeyF7OvgSG5vliPJKBl2vH1%2F8%2F9ak0JMDrJl2kAxpmp1nVWbBjya0H5txP9mFwLenDj6oKQiTuGfdE7y6BZToFNHTCztrzi0kobCZN04ttJNUF24%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e210a76fac8-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2

104.21.77.237

409 Conflict

276 B

URL HTTP/1.1
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with no line terminators
Size
276 B (276 bytes)
Hash
6d63af39e6f6bab60dbcbb3423e46848
4988fb614495bd82e826b50e67588a13a7146040
6f4452d6a29c3e08a99ef6b4e9c5bb65fdccbf79edf19933e80319b6c4fcf47a

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 409 Conflict
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4T2ihxx2ZL3cs8a5Za4e21Y1l0sFrbJzDchjAyFR9jeBNkNaaW1eb8EEhNDQU2CAJF%2BqcEc8sNDa3A%2B5Qw2nXdO19f4FzqAKAmBFhpK05GltMaJorti%2BS8NCzBIp2eohQNxYfSE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651e21e938b515-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

104.21.77.237

200 OK

4.6 kB

URL HTTP/1.1
www.saha-banks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Content-Length: 4618
Connection: keep-alive
Last-Modified: Wed, 18 Nov 2020 21:36:06 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAOXXXK86%2FO6QZMFGvcKuFfe1TlWmNe7wzEujrxg17Yb%2FuJFdET%2F17CkDTGMrVPS%2Fh2tNqccodMX%2Bk46svIXpeA0Q10thF061Wd5GZ4lMOdEjk3xWUfo4CcYEPtd9%2FYq3IiNGLc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e220fcc0b65-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9672
Expires: Sun, 08 Jan 2023 15:41:55 GMT
Date: Sun, 08 Jan 2023 13:00:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9672
Expires: Sun, 08 Jan 2023 15:41:55 GMT
Date: Sun, 08 Jan 2023 13:00:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9672
Expires: Sun, 08 Jan 2023 15:41:55 GMT
Date: Sun, 08 Jan 2023 13:00:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9672
Expires: Sun, 08 Jan 2023 15:41:55 GMT
Date: Sun, 08 Jan 2023 13:00:43 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14548 bytes)
Hash
5dc193698e3154c6727f0f8a468f4896
ac3e055c64cc024e55bbdc2bdfdb07799f06f83b
4e7fa4cc65a3514cd05a6582a7bcafa3b898cf9cf5fcc5f580c4b05c2b09e5e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14548
x-amzn-requestid: 5b7bca56-608c-43a4-b082-2c44534377c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZmqdEPHoAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba1e42-1555e2f52c04321c48a72a62;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 01:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zVGn_81T5E6rBNgnwEZRb0r9ePl0UkoqyLZJd481FElYin_LIEcZ-w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 07:40:00 GMT
age: 19243
etag: "ac3e055c64cc024e55bbdc2bdfdb07799f06f83b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc647e729-b53f-49f8-a6ab-2ce5f8545fb6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6536 bytes)
Hash
72302799dca34901be4db1c732277abb
34c149aa1986ba9bbefeddae4f19ff58f4b5093b
f017823817627b30cc424f10babc7cea1470158788026a06ef537435bf7d495c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc647e729-b53f-49f8-a6ab-2ce5f8545fb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6536
x-amzn-requestid: 231fb617-4d68-4069-9627-135017be4a93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDufFHeIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e65c-53903c7d05368c07629f4156;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CgCLMZPEe18AbIV0uxNOAC2kvwDiy-myo9Q103jA2IS-l0ANK0_EhQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:41:46 GMT
age: 55137
etag: "34c149aa1986ba9bbefeddae4f19ff58f4b5093b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13787 bytes)
Hash
30c53ae078b112f7186e910c38898233
d3c58c28f0734f98bed64a26ede077464c3ad3f2
8f7dd1cf9f1472468a7caaf67a8f9c15bfe8836badcfb3249a9a8a7a6c3c0533

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13787
x-amzn-requestid: 2598b4fe-a032-47d7-8e6c-cfdcfbe9d64a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDvYE35IAMF1Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e662-574eb7370aac63dd531d6b75;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cd50TSdgJPa-oMD9VpvWgVF9DMls8TmQqVUNNj5d6BPlVnN1_3vTUA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 22:05:52 GMT
age: 53691
etag: "d3c58c28f0734f98bed64a26ede077464c3ad3f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13626 bytes)
Hash
afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 407fef75-2217-4da7-8ea8-b5ede48a0615
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNKshEEvoAMFkMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b524b6-72ca4e7b3034e7ac1f3fa1ed;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 07:03:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xOpZDrVh8MsfFqh0HuJJIWFvlgIm0jUE73p9MpgRA1PO_VAv0vP2nw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 16:43:14 GMT
age: 73049
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10544 bytes)
Hash
f2abe0388f11bae93f827a971bd29802
a57915c3b8388bc23c3a677ba12cc0525d949c2c
d23c15ca723fe73f6893703c7d1830034182fb1c9c620837313774c62368fa06

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10544
x-amzn-requestid: 04bdd2a7-b3dd-434b-833c-7101a1da9da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDy1E_goAMFmgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e678-3468e4a9174280c146f28962;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BTPEBPH5icsKe4sSjs8d_ILObhQcrFYwZG6VnW33Wv6lQzEp_AzcnQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 22:37:47 GMT
age: 51776
etag: "a57915c3b8388bc23c3a677ba12cc0525d949c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3750e6a-c5c3-4c07-8912-be2b2eaf7e4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11629 bytes)
Hash
073554b46cc8ac731a6ae967ff367f70
d1a8816ad1296220be03d2191f6505f4b9fe6837
918e2a1addecb099a2b00ac33288ec1b7cd8d2a1ea9a9f90c5f1d2c54367cef1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3750e6a-c5c3-4c07-8912-be2b2eaf7e4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11629
x-amzn-requestid: f284312f-cc21-4148-bc52-13f52fae1190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eT5KkHRQIAMFVOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7d576-7ee3d3fd4afbfcfc4faa613b;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 08:01:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTxyVFQ59QCjs_0CD-nzFgyMsFKeU77l75dzWNYLJYmYZpxs6tGfHQ==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 03:57:57 GMT
age: 32566
etag: "d1a8816ad1296220be03d2191f6505f4b9fe6837"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0

104.21.77.237

200 OK

3.9 kB

URL HTTP/1.1
www.saha-banks.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1577)
Size
3.9 kB (3861 bytes)
Hash
0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.11.0 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Content-Length: 3861
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 20:34:10 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5KMKDQpD7n18XEDBo59%2FCg4fcM06BRqw8V0DBUCGz6EOzc40gmY4GrJk%2FsXGTn0yP14EjXZ4jAN%2BsSdHW1mhWXCEYAY8waCWeKZ34goldziZo2DSqlIR%2BOOefhf%2BAy8K1tKbpc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e22dc6cb50f-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

104.21.77.237

200 OK

39 kB

URL HTTP/1.1
www.saha-banks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
39 kB (39153 bytes)
Hash
32f58a61f7c5a7e10f8b2dcf8e9a8e34
865c25589283ab1debd45bdfa6c4d8c6ecf15ad3
481cb2216fbdb0797af8c61b69c0bda2c10d025f7b11f2cdfac382d35dc45d63

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 08:34:13 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lflr2yfQUgbw7bb9JXPKtAWYi%2FIRNE%2F9GYXVk9unSzzycNAA7VTrLaw15sYoN7N%2Byhg49rAJqXKQ9XkogKnXWA5msREX4%2FTVUvlwik2D3W7P2LLWZk1aFQWAh%2FYnnLSptdDOjAQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e223a36b512-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

104.21.77.237

200 OK

5.3 kB

URL HTTP/1.1
www.saha-banks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15660)
Size
5.3 kB (5321 bytes)
Hash
710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: application/javascript
Content-Length: 5321
Connection: keep-alive
Last-Modified: Tue, 12 Apr 2022 17:26:24 GMT
Cache-Control: max-age=86400
Expires: Mon, 09 Jan 2023 13:00:43 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHz3svOB9nxZP9WQc%2BuDHRun3NWVWuPumK3nEdw90KLsEm0z7hx3IqRvwyOBa%2BajcgpbKM7dKjIUICNNjdssgNXc0JSXSmjIJP8Vfa4n2%2BoggC7TRbH4LDjFdacRDmyoG0Wkq8U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e236a680b49-OSL
alt-svc: h2=":443"; ma=60

www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2

104.21.77.237

409 Conflict

276 B

URL HTTP/1.1
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with no line terminators
Size
276 B (276 bytes)
Hash
7451176c75fedf8dafcf54ec8355d274
1c9223af620034c594869b1ac7193f4f929cdec0
c4b6d838990846d9bd893f429f83c179df1236d02a06ed12cb0eba9117e4cfe8

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 409 Conflict
Date: Sun, 08 Jan 2023 13:00:43 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khW1U5ePqCpaT3UyRxmxHl50wqPi00loT7ORhFhA0uAM8xP3itt0slM%2BapNCpSOi30GzQLYuHk36sIxE9EIWr7X4GJN1WID2uPYUN0Zgn868BWfPzDp7Id0R5KrZaQ27yMeatno%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651e25ca3bb50f-OSL
alt-svc: h2=":443"; ma=60

2.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g

192.0.73.2

200 OK

8.1 kB

URL HTTP/2
2.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 140x140, components 3\012- data
Size
8.1 kB (8076 bytes)
Hash
c25cbc4a9a13cad4cd9d4763afa94359
d9fbab0918619a9094338198020ed46792fd801e
e2ac7c902c15f2367a7de997362ec45490b4a4b72a7282cb13ea896c78d607a5

HTTP Headers

GET /avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g HTTP/1.1
Host: 2.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 13:00:44 GMT
content-type: image/jpeg
content-length: 8076
last-modified: Thu, 09 Mar 2017 15:27:12 GMT
link: <https://www.gravatar.com/avatar/e683bd3c16c93896774f76c132ffb44f?s=140&d=mm&r=g>; rel="canonical"
content-disposition: inline; filename="e683bd3c16c93896774f76c132ffb44f.jpeg"
access-control-allow-origin: *
expires: Sun, 08 Jan 2023 13:05:44 GMT
cache-control: max-age=300
x-nc: MISS arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
69c3f0bdbb90c95313c7de5255c3b6e8
8edcbfcc3b87aeecc9f3ca84537512e01039ad6a
754d91c7500f67369c1ea04649eddef7e4201932f81405a0662a6d5f4b80a3da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
910d902590c4dce2c5fde148d455a94c
05617b6a2fd1a7eb4fcb098a7ce48011d3f835bc
3bfd7cff0474a36458748e4cc6dfa647fdd7bd8b4fa792079042a04c7dffe0b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com

142.250.74.34

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 08 Jan 2023 13:00:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/adsid/integrator.js?domain=www.saha-banks.com

172.217.21.162

200 OK

100 B

URL HTTP/2
adservice.google.com/adsid/integrator.js?domain=www.saha-banks.com
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 08 Jan 2023 13:00:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
69c3f0bdbb90c95313c7de5255c3b6e8
8edcbfcc3b87aeecc9f3ca84537512e01039ad6a
754d91c7500f67369c1ea04649eddef7e4201932f81405a0662a6d5f4b80a3da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
910d902590c4dce2c5fde148d455a94c
05617b6a2fd1a7eb4fcb098a7ce48011d3f835bc
3bfd7cff0474a36458748e4cc6dfa647fdd7bd8b4fa792079042a04c7dffe0b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2

104.21.77.237

409 Conflict

276 B

URL HTTP/1.1
www.saha-banks.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with no line terminators
Size
276 B (276 bytes)
Hash
a748a1bbe2ebb84af00ec57e4e120159
ecd9af1b333851987790054076e969d7aa9e302e
763fc1ec0b5fd1472875d5181b255ff9cb07f7893667320aa24dd38e9c5d0003

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830

HTTP/1.1 409 Conflict
Date: Sun, 08 Jan 2023 13:00:44 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cg8jj%2Fcb9L2BBu7a7h97GkdM6yFPFS1CbVqMafzHmBIniRXghKFldfuk84oEsVwk5zR39%2B27fNtpy%2B27IfDJIQzypkA88HnYI1Z%2F06%2BxxVZZVaiOMMT85xMBgykS92kQUWxKBLA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78651e26fb84b50f-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e4d2865d6f7ea60de63ad932691f4fe5
5f1c688c4d676eb8ecdad52c5d9a23d711c5aef0
25e569ecceb0af06dd128875e54d9ea2a2c902c9fd781ad5d689ed5c205204b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

142.250.74.74

200 OK

5.4 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b

HTTP Headers

GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 5437
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 07 Jan 2023 09:37:20 GMT
Expires: Sun, 07 Jan 2024 09:37:20 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 98604

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e4d2865d6f7ea60de63ad932691f4fe5
5f1c688c4d676eb8ecdad52c5d9a23d711c5aef0
25e569ecceb0af06dd128875e54d9ea2a2c902c9fd781ad5d689ed5c205204b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap

216.58.207.202

200 OK

609 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
609 B (609 bytes)
Hash
361fdf2276076cc33d6b512e7f8591d8
3b940dacd9f1207eab2bcb6fc47c2524fa853815
76f15d81c8faa3d4a27f851e06a63488846c47d7c64fc856627ee96b292870f0

HTTP Headers

GET /css?family=Cairo%7CChanga%7CQuestrial:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.saha-banks.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 08 Jan 2023 13:00:44 GMT
Date: Sun, 08 Jan 2023 13:00:44 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2fc84f7daa4df6827d6d78b618547959
9323b08ef3841ed8764b82b2106672d7aff54e80
d307b3f523cfd33dc763f89cd6b270d8a3d0ad5b3edd7aabfd230775a21f8f38

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tpc.googlesyndication.com/sodar/sodar2.js

216.58.211.1

200 OK

6.4 kB

URL HTTP/2
tpc.googlesyndication.com/sodar/sodar2.js
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1321)
Size
6.4 kB (6386 bytes)
Hash
ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe

HTTP Headers

GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 08 Jan 2023 13:00:44 GMT
expires: Sun, 08 Jan 2023 13:00:44 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.saha-banks.com/cdn-cgi/challenge-platform/h/b/cv/result/78651e141e19fac8

104.21.77.237

200 OK

28 B

URL HTTP/1.1
www.saha-banks.com/cdn-cgi/challenge-platform/h/b/cv/result/78651e141e19fac8
IP
104.21.77.237:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
86de097d54457ad4fbf85150ea2dc2fb
194863f4b15ecf7eb4f38bf7ed46b688289be8a4
6301b31e8f84ba8a7465199ebf1c2341253198f21763ad7e7cf6fdebe3d832ec

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/cv/result/78651e141e19fac8 HTTP/1.1
Host: www.saha-banks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Content-Length: 11902
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://www.saha-banks.com/issuing-al-ahly-atm-card-instead-of-a-lost-self-service-card/
Cookie: _ga_MNTK4YVF83=GS1.1.1673182829.1.0.1673182829.0.0.0; _ga=GA1.1.1103795036.1673182830; __gads=ID=3983deef905ccff2-22b7d9da35db00f9:T=1673182844:RT=1673182844:S=ALNI_MZAKssAuv5J3LtrWksh_-f8wdTEmw; __gpi=UID=00000b9fad2c7ba6:T=1673182844:RT=1673182844:S=ALNI_Mb6jCHCquWyQqTKN1ufhr96aFcWBg

HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 13:00:44 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=kV9PNsmFaQ0ze10absc_61cSpTGWZ05dWycJJPi7zRs-1673182844-0-AbXjJF6DnScIyAUAfJogWN0KGq5Xk5IoDeZar+Cc3OB8xrIKOjTAmRSts/erkW1tHaHhIB+FGeJvhOSpBBDJMu8zH22whkty7IFXUpMYdIO2QHfe96OdLZJlxI1lj9uKTtGDZDBmWyoID0EjSvPi+zI=; path=/; expires=Sun, 08-Jan-23 13:30:44 GMT; domain=.saha-banks.com; HttpOnly; SameSite=None
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjysdLqTG8xnLi2lmmm6aCrSxppq%2BEbytr6L0Ce69KqUZDUocflRHT0NhXawlXDDLjS0PrQQwsLeDaT3bWmwEThDethvDtKnbEaeB7Nqhi2AlnvjF3FQ2wFHl6%2FNUzBXmcnwFLk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78651e2d0c7db50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2

142.250.74.35

200 OK

9.1 kB

URL HTTP/1.1
fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9120, version 1.0\012- data
Size
9.1 kB (9120 bytes)
Hash
18ad880aaa4e28b6cd1ef0d30ac95573
da6a33a1ecc296aa481432e2727b273140b78543
f2c5710634752d1a156adf5ac961c8400e3a577c90f97a6a293a07f4a28957fd

HTTP Headers

GET /s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9120
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 07 Jan 2023 20:06:35 GMT
Expires: Sun, 07 Jan 2024 20:06:35 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 24 Jun 2022 18:40:48 GMT
Content-Type: font/woff2
Age: 60850

fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2

142.250.74.35

200 OK

14 kB

URL HTTP/1.1
fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14316, version 1.0\012- data
Size
14 kB (14316 bytes)
Hash
9383ff090e200fc692eb9d0f91df0e6a
eae567c614d06c697ab908310bbf3af6fa331db3
91fa743b90662d1247ff2a9e452e5cfa525e0d4a4caa1a29ed9820a74bb0f80c

HTTP Headers

GET /s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14316
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 02 Jan 2023 12:14:47 GMT
Expires: Tue, 02 Jan 2024 12:14:47 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Nov 2022 19:56:04 GMT
Content-Type: font/woff2
Age: 521158

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f3bf71643ae5219a72dda1da70667cf6
00e3e8da4828280fa90ad6f8550b32a1afe9eda7
a62b2beef5db6770d7caefcc77a94da89d1d64e3de538b47926c8b6dee469137

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 13:00:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2

142.250.74.35

200 OK

19 kB

URL HTTP/1.1
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Size
19 kB (19292 bytes)
Hash
19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

HTTP Headers

GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 07 Jan 2023 18:17:31 GMT
Expires: Sun, 07 Jan 2024 18:17:31 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
Age: 67394

www.google.com/recaptcha/api2/aframe

142.250.74.132

200 OK

513 B

URL HTTP/2
www.google.com/recaptcha/api2/aframe
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Size
513 B (513 bytes)
Hash
5bce3100f80f6e3376912bb281f2f586
d9253993ba9428e1ecf2ef8a11280b74b6775bc7
fa9bd46144e6c8dbb9aa5ef3e8966f61dc59bbd0d2f416f5aca11e0d5cff1280

HTTP Headers

GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 08 Jan 2023 13:00:45 GMT
date: Sun, 08 Jan 2023 13:00:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-NvfdXwh8LArsJqKGBBiYFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com

142.250.74.34

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 08 Jan 2023 13:00:45 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2

142.250.74.35

200 OK

8.7 kB

URL HTTP/1.1
fonts.gstatic.com/s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8708, version 1.0\012- data
Size
8.7 kB (8708 bytes)
Hash
cd316e4c96f15e4f5ee9b4cad904f4c7
c9d4a1c25311b932f4707d1315cfa037bff2687c
4e1343e3fad2721d8db43b01c81295a45afd6f82d519f0376290715426abbacc

HTTP Headers

GET /s/changa/v20/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjLj9ytf.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8708
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 07 Jan 2023 20:06:35 GMT
Expires: Sun, 07 Jan 2024 20:06:35 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 24 Jun 2022 18:40:47 GMT
Content-Type: font/woff2
Age: 60850

fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2

142.250.74.35

200 OK

12 kB

URL HTTP/1.1
fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11760, version 1.0\012- data
Size
12 kB (11760 bytes)
Hash
dc696827ea29c67ac521ff0b36f50562
5fad76118dc2cf6d27666856a085693f0569db9a
157025606cebc118ce7bb7a62122058604fb39cbae9ae6bf2e7ad57bf4eb8087

HTTP Headers

GET /s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.saha-banks.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11760
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Jan 2023 08:53:25 GMT
Expires: Sat, 06 Jan 2024 08:53:25 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 08 Nov 2022 19:55:08 GMT
Content-Type: font/woff2
Age: 187640

adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com

142.250.74.34

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 08 Jan 2023 13:00:45 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com

142.250.74.34

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 08 Jan 2023 13:00:46 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com

142.250.74.34

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=www.saha-banks.com
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=www.saha-banks.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.saha-banks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 08 Jan 2023 13:00:46 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (154)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations