| fsafeds.combid.sa.com/login.php/login_files/Logo_Master-Reverse.svg |  172.67.210.92 | 200 OK | 328 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/login_files/Logo_Master-Reverse.svg IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
File typeHTML document, ASCII text, with very long lines (25799) Size328 kB (327983 bytes) Hash06d1cc9ea32b52fc24745162572855d7 937e8125a480e690397495b9e73f11f3e251fe87 7a9bf214f197623d8767bf5f2a1430cb9701994bf1c2b08a82a3da4dd8d2e8c4
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/login_files/Logo_Master-Reverse.svg HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3UFMj2l7h702uujTWLAMOVoADpg0r3IvBeteiFOmDuV1NZDih4gb7FgWfdrdlIvfBUq7FgMObq%2FO4QX%2BKcLLf1tgi7smwcPWa9XYNtP8YV0TuYR%2B5%2FGPpN2JzZzzelj1tgsawdMyquk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671d8e2d56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/Heebo-Regular.f79824ba5360b07f.woff | 172.67.210.92 | 200 OK | 292 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/Heebo-Regular.f79824ba5360b07f.woff IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
File typeHTML document, ASCII text, with very long lines (25799) Size292 kB (291687 bytes) Hashd370ee056a9bc0e8f9cd48458f564ead d0e27ea1638ed5cf7d2483b68db72758cffe494d b1ca2c16b38b86a3ff7adeabf3e0d780a3b60368bd662f02b9e2823bd1700613
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/Heebo-Regular.f79824ba5360b07f.woff HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FcCKKdlCvWPWk67%2Bv4Ctipl%2BnKjTc5%2Bnb8nyYGNY3eoMCum0ncSMystWQ5UYEtBAI04rXCMFJzDFyYydrpSMwIP3DySP8SfT%2B%2FR0z2Z9RsCYg%2BR7EnkGuQScu04IhArKCM75MEGpHbo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed67203f1f56b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/Heebo-Light.d5df06158ca97ace.woff | 172.67.210.92 | 200 OK | 297 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/Heebo-Light.d5df06158ca97ace.woff IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
File typeHTML document, ASCII text, with very long lines (25799) Size297 kB (296887 bytes) Hash01e327bb335de68aeff4b59732e15d61 e69059421f8180becd725e5d1770cb2213c2b3ac 7c6540656fc08adecdba4d8625e0815a87084ef073af39e482475b72dba0b807
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/Heebo-Light.d5df06158ca97ace.woff HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7O1m%2FJKPfppn9dM9GQVXEXRdqEZgbCtPoT0ZQ358K9VYWbc35D44j0ZrQ3VSNNIynQfrOODPyQ9iqoZzwsWaFagndAGtXR4ubuEoTQ0xHWZSYwBp45RGgosQwmfxOBWxN%2BUnzWnmqJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed67206f3556b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/Heebo-Bold.f783ec7e8ff5a0ee.woff | 172.67.210.92 | 200 OK | 302 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/Heebo-Bold.f783ec7e8ff5a0ee.woff IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
File typeHTML document, ASCII text, with very long lines (25799) Size302 kB (301456 bytes) Hash65cedaf664766ec7b8b32c77274326f3 e4fc72ef5832f7e91cca77ac78fa941c5924e7f9 40f4aeb51a3e7311b7ac81c92ea8f061cd78b670007e841e20c77c74cf50add5
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/Heebo-Bold.f783ec7e8ff5a0ee.woff HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23bljMWtIOa6YgdjvM%2B7PGxNNSmWueRG0NtBb6Ov3UbCT8pMIbhT%2F2zy2DWgnfrFhtvWq0226fGLgaX7riTcz5CUJDn%2B7yxXb%2BI53Ju8zsk2nUpALx6NwNPCQH4c%2FdZYMxb%2FBUwbthg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed67204f2656b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/favicon.ico | 172.67.210.92 | 200 OK | 44 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/favicon.ico IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
File typeHTML document, ASCII text, with very long lines (25799) Hash06d1cc9ea32b52fc24745162572855d7 937e8125a480e690397495b9e73f11f3e251fe87 7a9bf214f197623d8767bf5f2a1430cb9701994bf1c2b08a82a3da4dd8d2e8c4
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/favicon.ico HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=729qmSYic7wPPmCaP%2B2mWvXGEhJepmW%2F7QKXt5JIqx8LnyH1VfpjWg%2FG4ioUvXtfFGskIfuvUAliYEY1wAQ1jOajmj6ovn4rPhTVx40%2F%2BiLjuGSalEfvFwuj7zPFUGpbv3UD9Z5pZag%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed67215f8856b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/assets/images/take-a-look-at-your-accounts.svg | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/assets/images/take-a-look-at-your-accounts.svg IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/assets/images/take-a-look-at-your-accounts.svg HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2BvW%2BNsREcZQPe6d5VWLgpzoPz0SfXQUVEWEjX3LD1kF5cNQDdFNQmo%2BABMVSGZUkQkO04J5E22Azbr%2BEAaF5Kij8KW3Ce6SDMARzr4W0%2BybZ%2B4XYiyehckkhWlOLTDuTiX6P8k3oYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671dae3a56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/Heebo-Thin.5740d8571ba2c17c.woff2 | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/Heebo-Thin.5740d8571ba2c17c.woff2 IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/Heebo-Thin.5740d8571ba2c17c.woff2 HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLlvil6rmq9CzpE55VzxKGcz%2BZZye%2FmGBZUnnY4rQlTjK%2BRGb5pirE9XdIdLxrdzxAIsbivt2ih1%2FcDmEK2nFlAWzxiP5uONgHP%2BY1PBUFLKoDWYhcu6oY0haEXzfK8t2QlVsutzgGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671f3ecb56b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/Heebo-Light.b37fd88770249dfa.woff2 | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/Heebo-Light.b37fd88770249dfa.woff2 IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/Heebo-Light.b37fd88770249dfa.woff2 HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJQzQK4kF1uG9aw%2Fzf3N%2Fzx55I9TBumXHzq6WEXAHhw5GrxF9AUyzjWc%2FuyZO5hIqh79DQbs5A%2FpPrwSpNGwbi8%2FJAtdsWk%2FOSpPbsUVh%2B8b8aWktjFuSOF%2FJ89a2zqGsfbYU%2B7hJQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671f4ecd56b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/login_files/styles.330d80deccf75709.css | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/login_files/styles.330d80deccf75709.css IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/login_files/styles.330d80deccf75709.css HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BOdofFPaRjyrFREzX6DeFnf7IToI%2Bo0VtIelV5QyL%2BvloLWJuPEHE3n3t1lVmx4JupryD3Dc0e1Bl3J01S8Zj4Xvt8gQo1IDTTeusXnmmo6BtoFdKR9Auk1bo0L3jzb9A2%2FhCH7oXgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671d8e2c56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/assets/images/Logo_Master.svg | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/assets/images/Logo_Master.svg IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/assets/images/Logo_Master.svg HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XiOpeUuw8yh2qzy%2FsrRBSOdFesLpApULZ2DoJJdKw6jX6nQZt%2Fa3X6WaKdhG5cGkYrOG1HvhDlGMWau4E2LVOuBQpoC4L%2BhQ3kfF8mcLlwGXjBZMDxJTUD%2FSxUnbpuOr3PR6B0NWBWw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671d8e3056b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/assets/images/minimize_icon.svg | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/assets/images/minimize_icon.svg IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/assets/images/minimize_icon.svg HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1IZlHWx75jpV2U7SP6yQAsKQc%2BUDyEwKCRjQJ8IL7jUb1nkIBaXFVmp7ZtBVH3ZYTGEsarWAp%2FhGXnX%2BZAnx9UvXbZh%2BcmVdGhLySxmEcpWjwCZxBlhFeLs%2FwIeYIqcm%2FK4Gs%2B1VNSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671d9e3656b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/assets/images/close_icon.svg | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/assets/images/close_icon.svg IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/assets/images/close_icon.svg HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rcnte7wT18tQwnbR2SRajtzyVNUPBX3Nz87j1kVT1bT2GPX0uNhSszA54oQN%2Fip59RAVUvM1XB9Zo0fDGPfxPCxHzYY4WYiPONNWQEAVFE%2BcGgRQEU3UfrVv3RND42jkhRqoXhRo%2BZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671dae3956b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/capco-icon-fonts.e3dce399bcb18ec3.woff | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/capco-icon-fonts.e3dce399bcb18ec3.woff IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/capco-icon-fonts.e3dce399bcb18ec3.woff HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQUW5ggdjm0n030nr40yLZD%2BBV39dTEgNWxdRNZGSrZz57Dnp%2FXVdDWzVG2HjnPiuGgqNGnCnXECh1AgeVAnnIXXxA4PVMwNCDKX208EfyndfkVQ8pzdzSuIEKIK7bDh8%2FOnmxdQuqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671f3ebc56b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/assets/images/bmo-logo_2.svg | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/assets/images/bmo-logo_2.svg IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/assets/images/bmo-logo_2.svg HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O9%2BRKztHU3iDCReV6kwLw6qQVjIXUUnxaUue2jSkNfynaVeZTTz0PYM%2Fb75T1ZMK7yiw94Jcs8atI1XlGtqe7ACJa2ySgqSmOhjGr3lSoXt7hHeQVWWvV%2FNEhBc%2FwjcBCJywH9NaFZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671d9e3256b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/assets/images/ehl.png | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/assets/images/ehl.png IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/assets/images/ehl.png HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1wLdMEVpKc7iXwJRDw8UU%2BRmeVOiuQs1ShZV6w2azETqEtIJ3aydv9gCdJE7dO4a6nrJ1sXBk1BX7RWbUls6HpW%2Faz5ML8sAV4PTc%2FTEDlgh1YcxZXlsBGvrG0W77AO9y4T6BbE9Ds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671d9e3556b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/Heebo-Regular.f807eddb777f8cc0.woff2 | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/Heebo-Regular.f807eddb777f8cc0.woff2 IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/Heebo-Regular.f807eddb777f8cc0.woff2 HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bwTBOsEm9roNMMTRsf1VernFvs7brruPd9iiytcy6hDcCdLr3iQ7cthg3JHqvNe7IKKbq3ozOBb3IzKkfyPBh%2BN3qtA5GRcPMDb0zkQhKzfCQNT8SKtITtF%2FvI%2BqCURbLn0qGRyXn9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671f2ebb56b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/ | 172.67.210.92 | 200 OK | 291 kB |
URL User Request GET HTTP/2fsafeds.combid.sa.com/login.php/ IP172.67.210.92:443
CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/ HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YTtDdfSNZ97sYdo2GCEU8dDdvjQLS5NCu6WL0UTStyF1d7QOsdcur%2BeTlLwoWX9YJRt5s9h%2F0AddkSX5rVQP%2BcqSWm272xeusrh3kR4UaqwDJXErpc%2FVLDPYhMA6NguW9gQ5HvYjWMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671b6feb56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fsafeds.combid.sa.com/login.php/login_files/jquery.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/login_files/jquery.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/login_files/jquery.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oQvyZyYZG40dRsJbqDxrSlDK3NMN%2FBEPxTHgorHfnnCH%2F7JKNVmXGvtZEEaILO%2BTi0G2EqvxzIRQ2bExj8h%2FFMYnTqhuVh7sSIfwqGd6Du50ghqiCFYFjhjvSOwfaTxhfsYUoRQ0d5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671dbe3e56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/Heebo-Bold.acf14f737f7438f7.woff2 | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/Heebo-Bold.acf14f737f7438f7.woff2 IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/Heebo-Bold.acf14f737f7438f7.woff2 HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H5u%2F8gcQIwvCXP9B1GpFX1MVnICNwaY88jv0uLxGNSEq80uNwDl8apf4S6v4jRk5wEfofj1wPhvaQ1NdMfup3RqZJCjHxbYu8H9AzqlJELy9nRautfW1JhbxV%2B%2BhMppZ079tIebVPDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671f4ed056b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/login_files/Logo_Master-Reverse(1).svg | 172.67.210.92 | 200 OK | 131 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/login_files/Logo_Master-Reverse(1).svg IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
File typeHTML document, ASCII text, with very long lines (25799) Size131 kB (131072 bytes) Hash2ea3e146103f96e2453c4970d233926e 14ef72cd66a6a8f80175077cae3720c644e39a82 151247ef52db7c6f6dbd9f2070dd2018762e4dc93be71c7dfc02c01d208e6360
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/login_files/Logo_Master-Reverse(1).svg HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xo%2BLuX7otoo7S7L6xC7yBN3QItIVurREsFAO6sXJmQh9OdrFQ%2BqviyMdFGd2948bmTpjhiR9JNKTD4SSsXlUJXIEGKgYMY2z3f0XiH0hQJrgd%2FqoBStvm%2BQSWCFXSOiomYdgxvTRBxA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671d9e3156b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/Heebo-Thin.06d7e68503b884ef.woff | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/Heebo-Thin.06d7e68503b884ef.woff IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/Heebo-Thin.06d7e68503b884ef.woff HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7dY1O0vShQ3wPu2BQ81XctHHYC8CIfku2WQRD%2FjTwxaSJbl0Y4ZyTjZgfpxzTqCnX7ucXUCEqNNNh7xxKM5gWKdFl0pMBcTvLYHIaz5CJ4KUPG5KVek5HoYE4GMzhlIgIPdA1y7v9n8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed67205f3356b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/assets/images/fdic.png | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/assets/images/fdic.png IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/assets/images/fdic.png HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgq%2BvkNtuFp3TdFAZEAFQPIwv5OD2o71X1H1%2B29BB8FRLmgjOWR2I7gPZOd9dKRx3IsPq4x3BJzmaaRAessXoBUzDybmTlFY6RUjlJDn5sImywAU3QtRsQYfwVNhZxYv0jtrCmXJsxU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671d9e3356b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/login_files/Logo_Master.svg | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/login_files/Logo_Master.svg IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/login_files/Logo_Master.svg HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAnIUNc6QtR%2BuYlD1dQnij6GXkFzqW6%2FDZ%2FB2MHbInOzgr55cqUKrPWlXuD2t4AOTE6WU%2B1cKfGBLJDLNIyQNZEkphFcjBUEfh3uLD4vZm0CimZ5x5Ad1afH16sgFwoNdxdsDxuSdOI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671dae3c56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/build/b.8cc58ef1821ab39c.svg | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/build/b.8cc58ef1821ab39c.svg IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/build/b.8cc58ef1821ab39c.svg HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WuzoGfs11kQ%2BBOnRp1O0LeRZ4dtpLYjzNhS6uC7a%2BSrfWrkNqym3c3TpMhX3NPm0nYS5Wia%2FjSAlHDbsyltWa%2F8YERkMaZksZEa1y0xvffzY3pbQcHcckzH%2Fd%2FXyP1nbfL%2Fu%2Fx7LV7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671f2eb856b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/Heebo-Medium.8df563692fcd9fd0.woff2 | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/Heebo-Medium.8df563692fcd9fd0.woff2 IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/Heebo-Medium.8df563692fcd9fd0.woff2 HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0wnzSBYijEDroK2Rc%2BSFx5YTQv5m71Y3d4QbKdyvs315Fbv0X%2Fo1FJZGB4Nkq3q7epYm0oxyyOid3rl4eaHDKJmm%2B3592LxPP96v0vL2%2B7lyPA%2BTHL%2FuIx2xpJBeBJV%2FQYc8bjkmaCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671f3ec056b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fsafeds.combid.sa.com/login.php/Heebo-Medium.a79c5a54562ff0d7.woff | 172.67.210.92 | 200 OK | 291 kB |
URL GET HTTP/3fsafeds.combid.sa.com/login.php/Heebo-Medium.a79c5a54562ff0d7.woff IP172.67.210.92:443
Requested byhttps://fsafeds.combid.sa.com/login.php/ CertificateIssuerLet's Encrypt Subjectcombid.sa.com FingerprintC8:80:48:25:32:DD:89:CB:98:9B:AB:EE:2A:EE:EE:2C:41:71:EB:A4 ValidityThu, 25 Apr 2024 21:01:25 GMT - Wed, 24 Jul 2024 21:01:24 GMT
Size291 kB (291184 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Salesforce |
GET /login.php/Heebo-Medium.a79c5a54562ff0d7.woff HTTP/1.1
Host: fsafeds.combid.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fsafeds.combid.sa.com/login.php/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Sun, 05 May 2024 02:46:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JObA1OlhKng8z812SCyP%2BiMhJEGFLHDwuZjC5x8H0%2BZRFZ0g5R7Z%2BWRu9bMYqoNTBVFTjFryX4hC2xmvtgwveN41mycOHGd5ECnW7JXUhjPEpQPzrxgdy%2BOkUB5DTgZI%2BqkOdN7094U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed671fcf0356b5-OSL
alt-svc: h3=":443"; ma=86400
|
|