sdaadmoney.cf Open in urlscan Pro
172.67.147.227  Malicious Activity! Public Scan

28 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sdaadmoney.cf/	27 KB 5 KB	243ms 185ms	Document text/html	172.67.147.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.147.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.26 Resource Hash 2214dd3e3aaa4190276ae54c9f9ecaee8de74dff1295b20ced6163e36b1f74f1 Request headers :method GET :authority sdaadmoney.cf :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 06 Oct 2021 06:39:35 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.26 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qfXzYQ07zcYh%2BPNpsmIm7%2Bqm0m%2B3S%2BMrK6aqNWIpwFeI44gutyY8d1G6CGDhqezexbhdqVVQVae7otJxaioQAwAaIv6CeTJTWhnr4RScfg%2BE7%2BcMBkHDJAw%2BG8tYZYI"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 699ce4b78e1a277c-PRG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET		css-bcf77f8f-2549-4b46-a774-e5ac5027fab2@mhtml.blink /	0 0
GET		css-3c0adda9-2169-43cb-9867-5082295ff9cf@mhtml.blink /	0 0
GET		css-bbadbbef-00c5-4267-8e4d-458270822e43@mhtml.blink /	0 0
GET H2	200	controls.css www.sadad.com/Style%20Library/ar-SA/Themable/Core%20Styles/	30 KB 5 KB	51ms 20ms	Stylesheet text/css	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sadad.com/Style%20Library/ar-SA/Themable/Core%20Styles/controls.css Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 359039bcb5264fecfde39a9f231db4b8d2badf0f168fc32c56fc889056e765f3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6359 cf-polished origSize=49555 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:58:48 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains; content-type text/css cache-control max-age=14400 cf-ray 699ce4bbe9c34339-FRA cf-bgj minify
GET H2	200	page-layouts-21.css www.sadad.com/Style%20Library/ar-SA/Core%20Styles/	1 KB 665 B	52ms 21ms	Stylesheet text/css	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sadad.com/Style%20Library/ar-SA/Core%20Styles/page-layouts-21.css Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 701656161dc167a3fb85fffeabb2df89552a4ab322811c787d5e9d865eb69b1b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6359 cf-polished origSize=1774 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:58:49 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type text/css cache-control max-age=14400 cf-ray 699ce4bbe9c64339-FRA cf-bgj minify
GET H2	200	corev48630.css www.sadad.com/_layouts/1025/styles/Themable/	137 KB 24 KB	57ms 27ms	Stylesheet text/css	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sadad.com/_layouts/1025/styles/Themable/corev48630.css?rev=q4oC6vgYyMDS%2BypgPPiGcA%3D%3D Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ff9cf120fd5fd4257826f9f8b87a39318cb3bc4c2d7254fe6c9c21d2df25600 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6359 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:00:14 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains; content-type text/css cache-control max-age=14400 cf-ray 699ce4bbe9c74339-FRA cf-bgj minify
GET H2	200	bootstrap.min.css www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/	119 KB 19 KB	56ms 25ms	Stylesheet text/css	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/bootstrap.min.css Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6359 vary Accept-Encoding content-length 19741 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:59:02 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains; content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bbe9c94339-FRA
GET H2	404	ie10-viewport-bug-workaround.css www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/	0 0	156ms 126ms	Stylesheet text/html	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ie10-viewport-bug-workaround.css Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H2	200	jquery.smartmenus.bootstrap.css www.sadad.com/_layouts/inc/SADAD.Internet.Portal/multilevel-menu/css/	3 KB 707 B	55ms 24ms	Stylesheet text/css	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/multilevel-menu/css/jquery.smartmenus.bootstrap.css Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b343ff74c02205d8b4324cde81d74324da5ba7b06eca9a137ceb6c3c8d7b7e9f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6359 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:58:54 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains; content-type text/css cache-control max-age=14400 cf-ray 699ce4bbe9cd4339-FRA cf-bgj minify
GET H2	404	navbar.css www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/	0 0	152ms 122ms	Stylesheet text/html	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/navbar.css Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H2	200	styles.css www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/	19 KB 4 KB	61ms 31ms	Stylesheet text/css	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70791816df959b5d95a23c1b21c23d14d1e4ec01764d31f41b354edec0bd6b85 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 6359 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:59:39 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains; content-type text/css cache-control max-age=14400 cf-ray 699ce4bbe9d04339-FRA cf-bgj minify
GET H2	200	fgimg.png www.sadad.com/_layouts/images/	20 KB 20 KB	18ms 16ms	Image image/png	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/_layouts/images/fgimg.png Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4004293f081201ead3df6f86daa9d3974bde048ae8187cda602dffb256324124 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 6358 cf-polished status=not_needed vary Accept-Encoding content-length 20115 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:00:06 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a3e4339-FRA cf-bgj imgq:100,h2pri
GET H2	200	arabic_icon_disabled.png www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/	372 B 489 B	33ms 30ms	Image image/png	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/arabic_icon_disabled.png Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7234436a16815743645bf4ef4fafdce42027b982cf54e20518a16f01ff487207 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 6358 cf-polished status=not_needed vary Accept-Encoding content-length 372 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:59:17 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains; content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a424339-FRA cf-bgj imgq:100,h2pri
GET H2	200	english_icon.png www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/	560 B 650 B	28ms 25ms	Image image/png	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/english_icon.png Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c8e9aadc1add3c5ed03bf930079ca0bab2689e47933aacbd6ec51d1bb5712e3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 6358 cf-polished status=not_needed vary Accept-Encoding content-length 560 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:59:11 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a454339-FRA cf-bgj imgq:100,h2pri
GET H2	200	sadad_logo_ar.png www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/	3 KB 3 KB	33ms 31ms	Image image/png	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/sadad_logo_ar.png Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3b99a741b0cfdd528816822497368578c2bdbefa8a689797391a1d08d45acb8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 6358 cf-polished status=not_needed vary Accept-Encoding content-length 2771 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:59:16 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains; content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a474339-FRA cf-bgj imgq:100,h2pri
GET H2	200	ah1.jpg www.sadad.com/ar/Lists/Banks/Attachments/3/	11 KB 11 KB	21ms 18ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/3/ah1.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 377e79b1924f6791cb854879830b3b2b132b59dc2533100b4ca4cecf0bf53c5c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=24365 vary Accept-Encoding content-length 11196 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:24 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a494339-FRA cf-bgj imgq:100,h2pri
GET H2	200	linkIcon.png www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/	625 B 759 B	35ms 33ms	Image image/png	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/linkIcon.png Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6eac338fd0482c0a5ccdb022d113d73084517ca02deb4582ad18e29d305bf33 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 3378 cf-polished status=not_needed vary Accept-Encoding content-length 625 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:59:13 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains; content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a4c4339-FRA cf-bgj imgq:100,h2pri
GET H2	200	ANBLogonewwebsite.jpg www.sadad.com/ar/Lists/Banks/Attachments/5/	3 KB 3 KB	28ms 26ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/5/ANBLogonewwebsite.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c06099afdb076aff559f77872c4191b7b231eeb351cb921e1c2931b9ebd83dea Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=3284 vary Accept-Encoding content-length 2701 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:26 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a4e4339-FRA cf-bgj imgq:100,h2pri
GET H2	200	BAJ.jpg www.sadad.com/ar/Lists/Banks/Attachments/6/	10 KB 10 KB	36ms 34ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/6/BAJ.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acb852be211af316065fdf1773d45cdfb35d24dadf9395c7bcf3466bdfd2923d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=12565 vary Accept-Encoding content-length 10322 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:21 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a4f4339-FRA cf-bgj imgq:100,h2pri
GET H2	200	BSFCCM1.jpg www.sadad.com/ar/Lists/Banks/Attachments/7/	5 KB 5 KB	29ms 26ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/7/BSFCCM1.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33411c99d23fea47c220dcaa01b92e0effff49fe58c77bd24a78b05374b9783a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=5526 vary Accept-Encoding content-length 4923 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:20 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a514339-FRA cf-bgj imgq:100,h2pri
GET H2	200	ENBD.jpg www.sadad.com/ar/Lists/Banks/Attachments/8/	19 KB 20 KB	28ms 26ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/8/ENBD.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 591f43929a28796a47b185bd1fba8b5dbb8029cd5e6f044c79346b0a784685a5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=24410 vary Accept-Encoding content-length 19909 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:23 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a534339-FRA cf-bgj imgq:100,h2pri
GET H2	200	MUSCAT.jpg www.sadad.com/ar/Lists/Banks/Attachments/9/	15 KB 15 KB	33ms 31ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/9/MUSCAT.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12bf0c9521c513c27d9f119145df1055894963c1575a08671457ea58be2acd65 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=17563 vary Accept-Encoding content-length 14982 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:19 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a554339-FRA cf-bgj imgq:100,h2pri
GET H2	200	RBP1.jpg www.sadad.com/ar/Lists/Banks/Attachments/10/	4 KB 4 KB	36ms 34ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/10/RBP1.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61c0b403a7398cca707d0bbc0506fa118c685561768b662ca16b8d266185e151 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=5046 vary Accept-Encoding content-length 4385 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:22 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a574339-FRA cf-bgj imgq:100,h2pri
GET H2	200	SABB-LOGO2.gif www.sadad.com/ar/Lists/Banks/Attachments/11/	13 KB 13 KB	28ms 27ms	Image image/gif	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/11/SABB-LOGO2.gif Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9b50bc443f5058609707562e0dc85344d3dee36f201b87afdf5f6abe9479da4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=13378 vary Accept-Encoding content-length 13278 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:20 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a584339-FRA cf-bgj imgq:100,h2pri
GET H2	200	sambalogo.bmp www.sadad.com/ar/Lists/Banks/Attachments/12/	106 KB 106 KB	33ms 31ms	Image image/x-ms-bmp	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/12/sambalogo.bmp Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82811f2112076423b69ce960ac2ce849e1359ee749cc320234d5c8fe74c87b11 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 vary Accept-Encoding content-length 108470 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:25 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/x-ms-bmp cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a594339-FRA
GET H2	200	The_Saudi_Investment_Bank.png www.sadad.com/ar/Lists/Banks/Attachments/13/	3 KB 3 KB	37ms 35ms	Image image/png	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/13/The_Saudi_Investment_Bank.png Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f008eb262e2f375179045ef0bf62dd91de419386fc99da237c0f84b0a0c2a7b8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=6253 vary Accept-Encoding content-length 3145 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:25 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a5a4339-FRA cf-bgj imgq:100,h2pri
GET H2	200	Untitled.jpg www.sadad.com/ar/Lists/Banks/Attachments/14/	10 KB 10 KB	27ms 26ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/14/Untitled.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42c0a09e992f57d3ab09367a7a9715240c3208f2b40cba5312cfc5de5049dfba Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=12691 vary Accept-Encoding content-length 10148 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:26 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a5b4339-FRA cf-bgj imgq:100,h2pri
GET H2	200	untitledba.bmp www.sadad.com/ar/Lists/Banks/Attachments/15/	96 KB 96 KB	21ms 19ms	Image image/x-ms-bmp	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/15/untitledba.bmp Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ca5e67c1d267762ebb01996f5387541fc0d88118e75d691c2094b8ecbd90eb5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 vary Accept-Encoding content-length 98614 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:24 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/x-ms-bmp cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a5c4339-FRA
GET H2	200	936143_1223754970.gif www.sadad.com/ar/Lists/Banks/Attachments/16/	5 KB 6 KB	39ms 37ms	Image image/gif	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/16/936143_1223754970.gif Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b2103abd225ce0041a68fb29ef8aefbf0855860be8cd5364969312133af1ebf Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=5596 vary Accept-Encoding content-length 5588 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:21 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a5e4339-FRA cf-bgj imgq:100,h2pri
GET H2	200	GIB.jpg www.sadad.com/ar/Lists/Banks/Attachments/17/	26 KB 27 KB	28ms 26ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/17/GIB.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27a0fc28cfa6fcb58ed09381bb504fe2a64c4575c899999ba79b879a1c28e13c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=50535 vary Accept-Encoding content-length 27127 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:22 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a5f4339-FRA cf-bgj imgq:100,h2pri
GET H2	200	Al_Rajhi_Bank.jpg www.sadad.com/ar/Lists/Banks/Attachments/18/	8 KB 8 KB	27ms 25ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/18/Al_Rajhi_Bank.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfb68debfcec66389d4442ae8becd53059a734301fb03e453ec7d14402219b68 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=29377 vary Accept-Encoding content-length 8413 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:19 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc0a614339-FRA cf-bgj imgq:100,h2pri
GET H2	200	NBK_Logo.jpg www.sadad.com/ar/Lists/Banks/Attachments/19/	12 KB 12 KB	36ms 34ms	Image image/jpeg	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/ar/Lists/Banks/Attachments/19/NBK_Logo.jpg Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5690aed1e54590c924886bf81ecba9f4a0566613e9b8ac4695d4afeb0404bd23 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 233 cf-polished origSize=12602 vary Accept-Encoding content-length 12152 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 01:02:23 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bc1a674339-FRA cf-bgj imgq:100,h2pri
GET H2	200	twitter_icon_disabled.png www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/	494 B 562 B	18ms 18ms	Image image/png	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/twitter_icon_disabled.png Requested by Host: www.sadad.com URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ebd9fdde20679e9639aa035038fa007f990cdeb54bdecaccb9f94816d399c8b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 6358 cf-polished status=not_needed vary Accept-Encoding content-length 494 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:59:13 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains; content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bcbbf54339-FRA cf-bgj imgq:100,h2pri
GET H2	200	youtube_icon_disabled.png www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/	706 B 797 B	17ms 17ms	Image image/png	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/social/youtube_icon_disabled.png Requested by Host: www.sadad.com URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 152b33cb3f2a8fd0dadbcf16c5ffc8189adefac666a334eef48e8414ea1f84bd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 6358 cf-polished status=not_needed vary Accept-Encoding content-length 706 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:59:14 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains; content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bcbbf84339-FRA cf-bgj imgq:100,h2pri
GET H2	200	title_corner_bg_ar.png www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/	262 B 343 B	14ms 14ms	Image image/png	104.22.20.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/img/title_corner_bg_ar.png Requested by Host: www.sadad.com URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.20.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d56ce204051bce3c87f407dba052ed956337c2aeb93df7811f01d60d8fae757 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:36 GMT x-content-type-options nosniff cf-cache-status HIT age 6358 cf-polished origSize=378 vary Accept-Encoding content-length 262 x-xss-protection 1; mode=block last-modified Wed, 15 Jan 2020 00:59:16 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 699ce4bcbbf94339-FRA cf-bgj imgq:100,h2pri
GET H2	404	footer_btn.png sdaadmoney.cf/_layouts/inc/SADAD.Internet.Portal/img/	64 KB 64 KB	965ms 965ms	Image text/html	172.67.147.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sdaadmoney.cf/_layouts/inc/SADAD.Internet.Portal/img/footer_btn.png Requested by Host: sdaadmoney.cf URL: https://sdaadmoney.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.147.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1e7e3474cd42b1a8e6a3556c83dd183732f2203daa8d689ae79b3b0482ac388 Request headers :path /_layouts/inc/SADAD.Internet.Portal/img/footer_btn.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sdaadmoney.cf referer https://sdaadmoney.cf/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://sdaadmoney.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 06:39:37 GMT content-encoding br cf-cache-status MISS last-modified Mon, 07 Jun 2021 07:43:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnpR4xkofCMr3%2F8dq8zP%2FgZckZ6Z8gYlMO4UBQOCs4DEy585cXwsZlzQTwUYzy1r9GmUo5I3P1dSZvr%2BfIv1XMGuzwiQlWROY6G%2BUV4AxuA%2BI1QKPBqcDFXzECLDUhrv"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 699ce4bcc8ef277c-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET		FrutigerLTArabic-65Bold.html www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/	0 0
GET		FrutigerLTArabic-55Roman.html www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/	0 0
GET		FrutigerLTArabic-55Roman.ttf www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/	0 0
GET		FrutigerLTArabic-65Bold.ttf www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

mhtml.blink

URL

cid:css-bcf77f8f-2549-4b46-a774-e5ac5027fab2@mhtml.blink

Domain

mhtml.blink

URL

cid:css-3c0adda9-2169-43cb-9867-5082295ff9cf@mhtml.blink

Domain

mhtml.blink

URL

cid:css-bbadbbef-00c5-4267-8e4d-458270822e43@mhtml.blink

Domain

www.sadad.com

URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.html

Domain

www.sadad.com

URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.html

Domain

www.sadad.com

URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.ttf

Domain

www.sadad.com

URL

https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SADAD (Financial)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: cid:css-bcf77f8f-2549-4b46-a774-e5ac5027fab2@mhtml.blink Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: cid:css-3c0adda9-2169-43cb-9867-5082295ff9cf@mhtml.blink Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: cid:css-bbadbbef-00c5-4267-8e4d-458270822e43@mhtml.blink Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/navbar.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/bootstrap-3.4.1/css/ie10-viewport-bug-workaround.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://sdaadmoney.cf/ Message: Access to font at 'https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.html' from origin 'https://sdaadmoney.cf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sdaadmoney.cf/ Message: Access to font at 'https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.html' from origin 'https://sdaadmoney.cf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sdaadmoney.cf/ Message: Access to font at 'https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.ttf' from origin 'https://sdaadmoney.cf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-65Bold.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sdaadmoney.cf/ Message: Access to font at 'https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.ttf' from origin 'https://sdaadmoney.cf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.sadad.com/_layouts/inc/SADAD.Internet.Portal/Arabic/css/fonts/FrutigerLTArabic-55Roman.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sdaadmoney.cf/_layouts/inc/SADAD.Internet.Portal/img/footer_btn.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mhtml.blink
sdaadmoney.cf
www.sadad.com
mhtml.blink
www.sadad.com
104.22.20.136
172.67.147.227
12bf0c9521c513c27d9f119145df1055894963c1575a08671457ea58be2acd65
152b33cb3f2a8fd0dadbcf16c5ffc8189adefac666a334eef48e8414ea1f84bd
2214dd3e3aaa4190276ae54c9f9ecaee8de74dff1295b20ced6163e36b1f74f1
27a0fc28cfa6fcb58ed09381bb504fe2a64c4575c899999ba79b879a1c28e13c
2d56ce204051bce3c87f407dba052ed956337c2aeb93df7811f01d60d8fae757
33411c99d23fea47c220dcaa01b92e0effff49fe58c77bd24a78b05374b9783a
359039bcb5264fecfde39a9f231db4b8d2badf0f168fc32c56fc889056e765f3
377e79b1924f6791cb854879830b3b2b132b59dc2533100b4ca4cecf0bf53c5c
4004293f081201ead3df6f86daa9d3974bde048ae8187cda602dffb256324124
42c0a09e992f57d3ab09367a7a9715240c3208f2b40cba5312cfc5de5049dfba
5690aed1e54590c924886bf81ecba9f4a0566613e9b8ac4695d4afeb0404bd23
591f43929a28796a47b185bd1fba8b5dbb8029cd5e6f044c79346b0a784685a5
5ca5e67c1d267762ebb01996f5387541fc0d88118e75d691c2094b8ecbd90eb5
5ebd9fdde20679e9639aa035038fa007f990cdeb54bdecaccb9f94816d399c8b
61c0b403a7398cca707d0bbc0506fa118c685561768b662ca16b8d266185e151
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
701656161dc167a3fb85fffeabb2df89552a4ab322811c787d5e9d865eb69b1b
70791816df959b5d95a23c1b21c23d14d1e4ec01764d31f41b354edec0bd6b85
7234436a16815743645bf4ef4fafdce42027b982cf54e20518a16f01ff487207
7b2103abd225ce0041a68fb29ef8aefbf0855860be8cd5364969312133af1ebf
7ff9cf120fd5fd4257826f9f8b87a39318cb3bc4c2d7254fe6c9c21d2df25600
82811f2112076423b69ce960ac2ce849e1359ee749cc320234d5c8fe74c87b11
9c8e9aadc1add3c5ed03bf930079ca0bab2689e47933aacbd6ec51d1bb5712e3
a1e7e3474cd42b1a8e6a3556c83dd183732f2203daa8d689ae79b3b0482ac388
a3b99a741b0cfdd528816822497368578c2bdbefa8a689797391a1d08d45acb8
acb852be211af316065fdf1773d45cdfb35d24dadf9395c7bcf3466bdfd2923d
b343ff74c02205d8b4324cde81d74324da5ba7b06eca9a137ceb6c3c8d7b7e9f
c06099afdb076aff559f77872c4191b7b231eeb351cb921e1c2931b9ebd83dea
cfb68debfcec66389d4442ae8becd53059a734301fb03e453ec7d14402219b68
e9b50bc443f5058609707562e0dc85344d3dee36f201b87afdf5f6abe9479da4
f008eb262e2f375179045ef0bf62dd91de419386fc99da237c0f84b0a0c2a7b8
f6eac338fd0482c0a5ccdb022d113d73084517ca02deb4582ad18e29d305bf33