cb.khaleeji.bank Open in urlscan Pro
2606:4700::6812:129c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://verify.ratbi.app/
Effective URL:
https://cb.khaleeji.bank/signin
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 04 via api (November 4th 2024, 12:50:51 pm UTC) from IT — Scanned from IT

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 32 HTTP transactions. The main IP is 2606:4700::6812:129c, located in United States and belongs to CLOUDFLARENET, US. The main domain is cb.khaleeji.bank.
TLS certificate: Issued by WE1 on September 14th 2024. Valid for: 3 months.

This is the only time cb.khaleeji.bank was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	157.175.13.253 157.175.13.253	16509 (AMAZON-02) (AMAZON-02)
29	2606:4700::68... 2606:4700::6812:129c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
32	4

1 157.175.13.253 (Bahrain) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-157-175-13-253.me-south-1.compute.amazonaws.com

verify.ratbi.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700::6812:129c (United States)

ASN13335 (CLOUDFLARENET, US)

cb.khaleeji.bank	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	khaleeji.bank cb.khaleeji.bank	1 MB
2	gstatic.com fonts.gstatic.com	67 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	ratbi.app 1 redirects verify.ratbi.app	765 B
0	Failed function sub() { [native code] }. Failed
32	5

	Domain	Requested by
29	cb.khaleeji.bank	cb.khaleeji.bank
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cb.khaleeji.bank
1	verify.ratbi.app	1 redirects
0	truncated Failed	cb.khaleeji.bank
32	5

This site contains no links.

Subject Issuer	Validity	Valid
khaleeji.bank WE1	`2024-09-14` - `2024-12-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cb.khaleeji.bank/signin
Frame ID: FAFDF6FAE530730A8DB8766D8013D1CE
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KHCB Ratbi | Corporate

Page URL History Show full URLs

http://verify.ratbi.app/ HTTP 307
https://verify.ratbi.app/ HTTP 302
https://cb.khaleeji.bank/signin Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

1414 kB
Transfer

3093 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://verify.ratbi.app/ HTTP 307
https://verify.ratbi.app/ HTTP 302
https://cb.khaleeji.bank/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
cb.khaleeji.bank/
Redirect Chain

http://verify.ratbi.app/
https://verify.ratbi.app/
https://cb.khaleeji.bank/signin

7 KB
2 KB

626ms
537ms

Document
text/html

2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbce7dc23df3ac7a35fe309f2e42c16d4c1a37708fe0d789c45264af53a909f4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8dd4bb2e389cba9f-MXP
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
content-type: text/html; charset=UTF-8
date: Mon, 04 Nov 2024 12:50:41 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
rtok: valid
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains "Strict-Transport-Security: max-age=31536000; includeSubDomains"
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, must-revalidate max-age=0, no-cache, no-store, must-revalidate
Connection: Upgrade, Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Nov 2024 12:50:40 GMT
Expect-CT: enforce, max-age=300, report-uri='https://api.ryalize.com/gnr/ct'
Keep-Alive: timeout=5, max=100
Location: https://cb.khaleeji.bank/signin
RTOK: valid
Referrer-Policy: strict-origin
Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Upgrade: h2,h2c
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-XSS-Protection: 1; mode=block 1; mode=block

GET
H2 200 env.js Show response
cb.khaleeji.bank/ 103 B
234 B 442ms
437ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/env.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac2a89881ee56ba2817f651fbc37d45bf8eca795bb9992c0a600a0b668f04ed9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "67-62148df663dcd-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:41 GMT
content-type: application/javascript
last-modified: Wed, 04 Sep 2024 10:45:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31bea3ba9f-MXP
accept-ranges: bytes
content-length: 105
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 168ms
70ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500,700,900|Montserrat:300,400,500,600,700,800,900

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91cf1196502d0a1895961bd4c05ae08f980db0f6a0cb52107807c8193994492f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 12:50:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 12:50:41 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 04 Nov 2024 12:50:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 style.min.css
cb.khaleeji.bank/assets/fonts/feather/ 9 KB
2 KB 436ms
432ms Stylesheet
text/css 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/fonts/feather/style.min.css

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19b366f0bf73b398bd5791e6ee53105f4708cd9cdc54da465478cb0fd1133c87

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "2409-603e002c8ade4-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:41 GMT
content-type: text/css
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31be93ba9f-MXP
accept-ranges: bytes
content-length: 1955
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 style.css
cb.khaleeji.bank/assets/fonts/simple-line-icons/ 88 KB
61 KB 899ms
895ms Stylesheet
text/css 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/fonts/simple-line-icons/style.css

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef9e83b93acd779b332f45d314d0278c3130668cac8beca665c8d090b75f086e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "16037-603e002c91b44-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:42 GMT
content-type: text/css
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31be95ba9f-MXP
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 font-awesome.min.css
cb.khaleeji.bank/assets/fonts/font-awesome/css/ 158 KB
105 KB 543ms
539ms Stylesheet
text/css 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/fonts/font-awesome/css/font-awesome.min.css

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f858c81cc01a8b0b12c42a973ee08d25fc06d1103f924592c338b6fc9606429d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "27705-603e002c8ade4-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:42 GMT
content-type: text/css
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31be97ba9f-MXP
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 perfect-scrollbar.min.css
cb.khaleeji.bank/assets/vendors/css/ 3 KB
614 B 448ms
445ms Stylesheet
text/css 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/css/perfect-scrollbar.min.css

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

662f2e8342586a328966efb1de4d4ab4efbb44c7da9684423136839c5adbefe7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "cd0-603e002c9d6c4-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:41 GMT
content-type: text/css
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31be9aba9f-MXP
accept-ranges: bytes
content-length: 524
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 prism.min.css
cb.khaleeji.bank/assets/vendors/css/ 2 KB
943 B 2896ms
2892ms Stylesheet
text/css 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/css/prism.min.css

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da1adaaeda91711cea8e6a409083ed6dc87cc79821be8b2c4686d39ee201dd3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "794-603e002c9d6c4-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:44 GMT
content-type: text/css
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31be9bba9f-MXP
accept-ranges: bytes
content-length: 851
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sweetalert2.min.css
cb.khaleeji.bank/assets/vendors/css/ 14 KB
3 KB 452ms
448ms Stylesheet
text/css 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/css/sweetalert2.min.css

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1000c400415ff168a11fabae79791b9e3d591cb0044159ef4cbbf8d6e103e47

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "36a3-603e002c9d6c4-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:41 GMT
content-type: text/css
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31be9dba9f-MXP
accept-ranges: bytes
content-length: 2750
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 app.css
cb.khaleeji.bank/assets/css/ 1 MB
136 KB 543ms
540ms Stylesheet
text/css 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/css/app.css?1730724641

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56ba1807a5602b406bbdfa46652fe9beeb8188b9549cb0df005deadbc4b9b9ce

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "16f0aa-60fdaaa87d46d-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:42 GMT
content-type: text/css
last-modified: Fri, 26 Jan 2024 15:08:18 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31be9fba9f-MXP
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 signin.css
cb.khaleeji.bank/code/authorization/ 357 B
333 B 437ms
434ms Stylesheet
text/css 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/code/authorization/signin.css?1730724641

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bc34eadc7987a522c2f6a8343e1388f7b4519c11fe988aa58942b233f275d07

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "165-62148d8cd6182-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:41 GMT
content-type: text/css
last-modified: Wed, 04 Sep 2024 10:43:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31bea1ba9f-MXP
accept-ranges: bytes
content-length: 220
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 khcb-color-2.svg
cb.khaleeji.bank/assets/img/brand/ 2 KB
1 KB 1807ms
1805ms Image
image/svg+xml 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cb.khaleeji.bank/assets/img/brand/khcb-color-2.svg

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e095b4cc37a995c03cb0fd10944cc84629a1dca07ba551cc60e4dce16761845a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "921-603e002c94a24-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 12:50:43 GMT
date: Mon, 04 Nov 2024 12:50:43 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31bea7ba9f-MXP
accept-ranges: bytes
content-length: 1137
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ratbi-icon.png
cb.khaleeji.bank/assets//img/brand/ 60 KB
60 KB 1900ms
1898ms Image
image/png 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cb.khaleeji.bank/assets//img/brand/ratbi-icon.png

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6677dce83aaaac0363b5bf431b289fc1ca2372fb057a887fc0a120c3528ff82

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

cf-cache-status: MISS
etag: "efcb-608adf6e1f9e2"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 12:50:43 GMT
date: Mon, 04 Nov 2024 12:50:43 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 07:52:04 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb31eefdba9f-MXP
accept-ranges: bytes
content-length: 61387
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 jquery.min.js Show response
cb.khaleeji.bank/assets/vendors/js/core/ 88 KB
30 KB 3480ms
3476ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/js/core/jquery.min.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "15e40-603e002c9e664-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:45 GMT
content-type: application/javascript
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34ab4dba9f-MXP
accept-ranges: bytes
content-length: 30989
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 popper.min.js Show response
cb.khaleeji.bank/assets/vendors/js/core/ 21 KB
7 KB 2354ms
2351ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/js/core/popper.min.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "520c-603e002c9e664-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:44 GMT
content-type: application/javascript
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34ab4fba9f-MXP
accept-ranges: bytes
content-length: 7457
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bootstrap.min.js Show response
cb.khaleeji.bank/assets/vendors/js/core/ 57 KB
16 KB 2434ms
2431ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/js/core/bootstrap.min.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "e2d8-603e002c9e664-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:44 GMT
content-type: application/javascript
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34ab53ba9f-MXP
accept-ranges: bytes
content-length: 15437
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 perfect-scrollbar.jquery.min.js Show response
cb.khaleeji.bank/assets/vendors/js/ 25 KB
7 KB 3377ms
3374ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/js/perfect-scrollbar.jquery.min.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f033c0119574e7572381ee23fb66b898dcee48202ed545dcd6b42b4b2a536193

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "64d0-603e002cac124-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:45 GMT
content-type: application/javascript
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34ab54ba9f-MXP
accept-ranges: bytes
content-length: 6574
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 prism.min.js Show response
cb.khaleeji.bank/assets/vendors/js/ 12 KB
4 KB 3367ms
3364ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/js/prism.min.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae22fc93b4fff4438cbd87a08729f84e4135bab38adc6b810bf419d8a4b31b9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "2fbf-603e002cad0c4-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:45 GMT
content-type: application/javascript
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34ab55ba9f-MXP
accept-ranges: bytes
content-length: 4459
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 jquery.matchHeight-min.js Show response
cb.khaleeji.bank/assets/vendors/js/ 3 KB
1 KB 3343ms
3341ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/js/jquery.matchHeight-min.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56dca37a7c50cf6f38eaade7526517e1bcb444287a832ae7bfffef4d42d376db

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "d1e-603e002cab184-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:45 GMT
content-type: application/javascript
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34ab58ba9f-MXP
accept-ranges: bytes
content-length: 1365
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 screenfull.min.js Show response
cb.khaleeji.bank/assets/vendors/js/ 3 KB
1015 B 2343ms
2341ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/js/screenfull.min.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59b98502e3bd0e9e7be6b91a69eb5013943eb2e31373a8d82b97587015b3359a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "ba9-603e002cad0c4-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:44 GMT
content-type: application/javascript
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34ab59ba9f-MXP
accept-ranges: bytes
content-length: 902
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 pace.min.js Show response
cb.khaleeji.bank/assets/vendors/js/pace/ 12 KB
4 KB 3382ms
3380ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/js/pace/pace.min.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

978f7b15ef20b1b9a0f9e35cec1a6d2407db85676a6d4589b525d2110f8fefe3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "30f9-603e002cab184-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:45 GMT
content-type: application/javascript
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34ab5cba9f-MXP
accept-ranges: bytes
content-length: 4363
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 moment.min.js Show response
cb.khaleeji.bank/assets/vendors/js/ 57 KB
18 KB 4563ms
4562ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/js/moment.min.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

978ecd36e892112c7a0f429c43ac64727b76a26e09010289f50673a9ca3039fd

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "e2f8-603e002cab184-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:46 GMT
content-type: application/javascript
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34ab5fba9f-MXP
accept-ranges: bytes
content-length: 18563
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sweetalert2.min.js Show response
cb.khaleeji.bank/assets/vendors/js/ 20 KB
7 KB 3363ms
3361ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/vendors/js/sweetalert2.min.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acadb7a7694c53bba063f7a1ddf96b54de35263eb11891d205064842bb78cd26

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "4f71-62148d8cd4241-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:45 GMT
content-type: application/javascript
last-modified: Wed, 04 Sep 2024 10:43:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34ab62ba9f-MXP
accept-ranges: bytes
content-length: 6562
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 app-sidebar.js Show response
cb.khaleeji.bank/assets/js/ 8 KB
2 KB 4370ms
4368ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/js/app-sidebar.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdfad10c6e2fac3f478895644c7400e43451b79fed6967848624a813300c0752

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1e99-62148d8cc9661-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:46 GMT
content-type: application/javascript
last-modified: Wed, 04 Sep 2024 10:43:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34dbc4ba9f-MXP
accept-ranges: bytes
content-length: 1859
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 notification-sidebar.js Show response
cb.khaleeji.bank/assets/js/ 843 B
446 B 4364ms
4363ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/js/notification-sidebar.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bfda93d6f8281295166cc012acfefca022305fb26bd57ee9ebc0d2cae5f67e8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "34b-603e002c9d6c4-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:46 GMT
content-type: application/javascript
last-modified: Sun, 27 Aug 2023 04:28:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34dbc6ba9f-MXP
accept-ranges: bytes
content-length: 331
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 customizer.js Show response
cb.khaleeji.bank/assets/js/ 10 KB
2 KB 3380ms
3379ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/js/customizer.js

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8348656fce81a34c8fff3bd2e8bf7cf83bc5e5863b5c9f00bd3f334491e1452f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "2634-62492c908a37e-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:45 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 07:11:56 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34dbc7ba9f-MXP
accept-ranges: bytes
content-length: 1884
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 signin.js Show response
cb.khaleeji.bank/code/authorization/ 6 KB
2 KB 3372ms
3371ms Script
application/javascript 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/code/authorization/signin.js?1730724641

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1d40fa275f14691b22240905adaf18cfb5c68567209e71f1afbb021274a41ba

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "192d-62492c908a37e-gzip"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:45 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 07:11:56 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb34dbc8ba9f-MXP
accept-ranges: bytes
content-length: 1552
x-xss-protection: 1; mode=block
server: cloudflare

GET truncated
/ 0
0

GET
H2 200 khcb-portal-background.jpg
cb.khaleeji.bank/assets/img/other/ 749 KB
750 KB 2027ms
2027ms Image
image/jpeg 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cb.khaleeji.bank/assets/img/other/khcb-portal-background.jpg

Requested by

Host: cb.khaleeji.bank
URL: https://cb.khaleeji.bank/assets/css/app.css?1730724641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e8c56409e48d891cd43b69b2cf43de22d7310fb29448b471102acc11bac209

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/assets/css/app.css?1730724641

Response headers

cf-cache-status: MISS
etag: "bb354-608adf6e21922"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
date: Mon, 04 Nov 2024 12:50:46 GMT
content-type: image/jpeg
last-modified: Fri, 27 Oct 2023 07:52:04 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb43dd18ba9f-MXP
accept-ranges: bytes
content-length: 766804
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 93ms
41ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500,700,900|Montserrat:300,400,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://cb.khaleeji.bank
Referer: https://fonts.googleapis.com/

Response headers

age: 423038
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:20:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:20:06 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 105ms
52ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500,700,900|Montserrat:300,400,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://cb.khaleeji.bank
Referer: https://fonts.googleapis.com/

Response headers

age: 421525
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:45:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:45:19 GMT
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35448
x-xss-protection: 0
server: sffe

GET
H2 200 ratbi-icon.png
cb.khaleeji.bank/assets/img/brand/ 60 KB
60 KB 246ms
245ms Other
image/png 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/img/brand/ratbi-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6677dce83aaaac0363b5bf431b289fc1ca2372fb057a887fc0a120c3528ff82

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

cf-cache-status: MISS
etag: "efcb-608adf6e1f9e2"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 12:50:46 GMT
date: Mon, 04 Nov 2024 12:50:47 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 07:52:04 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb533eacba9f-MXP
accept-ranges: bytes
content-length: 61387
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ratbi-icon.png
cb.khaleeji.bank/assets/img/brand/ 60 KB
60 KB 181ms
180ms Other
image/png 2606:4700::6812:129c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cb.khaleeji.bank/assets/img/brand/ratbi-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:129c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6677dce83aaaac0363b5bf431b289fc1ca2372fb057a887fc0a120c3528ff82

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cb.khaleeji.bank/signin

Response headers

cf-cache-status: MISS
etag: "efcb-608adf6e1f9e2"
expect-ct: max-age=86400, enforce
rtok: valid
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 12:50:47 GMT
date: Mon, 04 Nov 2024 12:50:47 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 07:52:04 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, "Strict-Transport-Security: max-age=31536000; includeSubDomains"
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
cache-control: max-age=0, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
referrer-policy: same-origin
cf-ray: 8dd4bb556a59ba9f-MXP
accept-ranges: bytes
content-length: 61387
x-xss-protection: 1; mode=block
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.khaleeji.bank/	1970-01-21 00:45:26	Name: __cf_bm Value: yObV_8Za5ZMH9wQUnqNsBgGy7V2TjsrMDqdcF9GAIUs-1730724641-1.0.1.1-jHAHLcJzOJzain0WKQ1eLyI54stgdlu.gImefxVN0oRU0vRoe8V.TW6oaB.Lpz9sZMpzB7doO47KNM7e01e4Ww

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cb.khaleeji.bank/signin Message: Refused to load the font 'data:font/x-font-woff;charset=utf-8;base64,d09GRk9UVE8AAOe8AAsAAAABu6AAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABDRkYgAAABCAAA4yUAAbPOH4xiK0ZGVE0AAOQwAAAAGgAAABxmk/qIR0RFRgAA5EwAAAAeAAAAIADRAARPUy8yAADkbAAAAEsAAABgL93cQWNtYXAAAOS4AAABMgAAApb6NPANaGVhZAAA5ewAAAAwAAAANv4pzBNoaGVhAADmHAAAACAAAAAkBBH/42htdHgAAOY8AAAAfgAAAU4HvwSibWF4cAAA5rwAAAAGAAAABgCkUABuYW1lAADmxAAAAOwAAAIKic1IyHBvc3QAAOewAAAADAAAACAAAwAAeJy8vXl8VdX1h73PnRNCSIBgmBIEBBQRQhhFBcQJQXGqUqVKrVpEixSppUqdENFGpBQVFStatWpFpRURlUKkiIiIEVBAQEDmKSFApjvtdz1r3wSosbW/...NigAAmBjhgZMgH0+pAXMAgzxCOkGJIg7PCGerBtD6D/v//DP5AlgEUg4ASAz6gj2QXCPhDeRJYVTMCoQGch6yXCUUdP0MAQwIOGyWAqtWB8oxgO/wZOPC4zgNMKkB5GgwgXxn8BwOomAMwVOQYxJH06DOwg8wEAPJEEGEAAAAAUAAApAAAeJydj81qAjEUhU90lP64EaSLroK4zZCMoODCpSC4E+ymKyVIQBMZfZa+iW/kg3gmvYtCCwUDIR8n3725AdDDFxSapdDHSLiFF6yE2yhxFS7QV0/CHbyqSrjLfEtTFc9Mhrmq4RYGmAi38YkP4YLOTbiDN/Uu3MVQzbFGwBEnHOBhOEdAzLTEDol8BtbheDp4swrRm+UuRUZ/ej+FRQ4v+ayxp6pR8XOW54z7/2e/PYcpU8c6w3pLGrN5ipdFqvdeV6XVM/1rQGZuapw1lXX0H/vjhk7Nu5CdZpRmfGx8fQ4palfaBzvfAVpKVSR4nGNgZsALAAB9AAQ=' because it violates the following Content Security Policy directive: "default-src * 'unsafe-inline' 'unsafe-eval'". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback. Note that '*' matches only URLs with network schemes ('http', 'https', 'ws', 'wss'), or URLs whose scheme matches `self`'s scheme. The scheme 'data:' must be added explicitly.
security	error	URL: https://cb.khaleeji.bank/signin Message: Refused to load the font 'data:font/x-font-woff;charset=utf-8;base64,d09GRgABAAAAAX7oAA0AAAAChqwABAAHAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABMAAAABwAAAAca75HuUdERUYAAAFMAAAAHwAAACAC8AAET1MvMgAAAWwAAAA+AAAAYIgyekBjbWFwAAABrAAAAWkAAALyCr86f2dhc3AAAAMYAAAACAAAAAj//wADZ2x5ZgAAAyAAAV95AAJMvI/3rk1oZWFkAAFinAAAADMAAAA2EInlLWhoZWEAAWLQAAAAHwAAACQPAwq1aG10eAABYvAAAAL0AAAK8EV5GIVsb2NhAAFl5AAABxYAAAsQAvWiXG1heHAAAWz8AAAAHwAAACADLAIcbmFtZQABbRwAAAJEAAAEhuOXi6xwb3N0AAFvYAAAD4UAABp1r4+boQAAAAEAAAAAzD2izwAAAADLTzwwAAAAANQxaLl4nGNgZGBg4ANiCQYQYGJgZGBk...uiuyG6G6YgTEGI6IYpCFMQLHqrxAguBMGic0sQIrohohtVQVQFIaIbIrohohsiuiGiGyK6IaIbIrohohsiuiGiGyK6IaIbIrohohsiujEpCIkEhkQCQyKBwaK3SlUV27Q0MaZrxpkivSnSmzoelCYMXZsyWJViQgrmM8VLpuhviv6m6G+K/qbob4r+puhviv6m6G+K/qbob4r+puhviv6m6G+K/qbob4r+Zim5lqVVeoWrxnVd0nVZ13qpq/RSV5m6rup6QteD+VbpekrX07qe0fVsUk9p3inNO6V5pzTvlOad0rxTmndK805p3inNO6V5pzTvlOad0rxTmlcHzdK05p3WvNOad1rzTmveac07rXmnNe+05p3WvNOad1rzTmveac2rY2tJx9bSjOad0bwzmldH2JKOsKUZzTujeWc074zmndG8M5p3RvPOaN5ZzTureWc176zmndW8s5p3VvPOilMmNemsJp3VpLOadFaTzmrS2dn/AboJB4wAAAA=' because it violates the following Content Security Policy directive: "default-src * 'unsafe-inline' 'unsafe-eval'". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback. Note that '*' matches only URLs with network schemes ('http', 'https', 'ws', 'wss'), or URLs whose scheme matches `self`'s scheme. The scheme 'data:' must be added explicitly.
recommendation	verbose	URL: https://cb.khaleeji.bank/signin Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains "Strict-Transport-Security: max-age=31536000; includeSubDomains"
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cb.khaleeji.bank
fonts.googleapis.com
fonts.gstatic.com
truncated
verify.ratbi.app
truncated
142.250.186.67
157.175.13.253
2606:4700::6812:129c
2a00:1450:4001:812::200a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
19b366f0bf73b398bd5791e6ee53105f4708cd9cdc54da465478cb0fd1133c87
1bc34eadc7987a522c2f6a8343e1388f7b4519c11fe988aa58942b233f275d07
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
56ba1807a5602b406bbdfa46652fe9beeb8188b9549cb0df005deadbc4b9b9ce
56dca37a7c50cf6f38eaade7526517e1bcb444287a832ae7bfffef4d42d376db
59b98502e3bd0e9e7be6b91a69eb5013943eb2e31373a8d82b97587015b3359a
662f2e8342586a328966efb1de4d4ab4efbb44c7da9684423136839c5adbefe7
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6bfda93d6f8281295166cc012acfefca022305fb26bd57ee9ebc0d2cae5f67e8
7ae22fc93b4fff4438cbd87a08729f84e4135bab38adc6b810bf419d8a4b31b9
8348656fce81a34c8fff3bd2e8bf7cf83bc5e5863b5c9f00bd3f334491e1452f
8da1adaaeda91711cea8e6a409083ed6dc87cc79821be8b2c4686d39ee201dd3
91cf1196502d0a1895961bd4c05ae08f980db0f6a0cb52107807c8193994492f
978ecd36e892112c7a0f429c43ac64727b76a26e09010289f50673a9ca3039fd
978f7b15ef20b1b9a0f9e35cec1a6d2407db85676a6d4589b525d2110f8fefe3
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ac2a89881ee56ba2817f651fbc37d45bf8eca795bb9992c0a600a0b668f04ed9
acadb7a7694c53bba063f7a1ddf96b54de35263eb11891d205064842bb78cd26
b1d40fa275f14691b22240905adaf18cfb5c68567209e71f1afbb021274a41ba
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbce7dc23df3ac7a35fe309f2e42c16d4c1a37708fe0d789c45264af53a909f4
c5e8c56409e48d891cd43b69b2cf43de22d7310fb29448b471102acc11bac209
cdfad10c6e2fac3f478895644c7400e43451b79fed6967848624a813300c0752
d6677dce83aaaac0363b5bf431b289fc1ca2372fb057a887fc0a120c3528ff82
e095b4cc37a995c03cb0fd10944cc84629a1dca07ba551cc60e4dce16761845a
ef9e83b93acd779b332f45d314d0278c3130668cac8beca665c8d090b75f086e
f033c0119574e7572381ee23fb66b898dcee48202ed545dcd6b42b4b2a536193
f1000c400415ff168a11fabae79791b9e3d591cb0044159ef4cbbf8d6e103e47
f858c81cc01a8b0b12c42a973ee08d25fc06d1103f924592c338b6fc9606429d

cb.khaleeji.bank Open in urlscan Pro 2606:4700::6812:129c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

50 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

1414 kBTransfer

3093 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cb.khaleeji.bank Open in urlscan Pro
2606:4700::6812:129c Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

1414 kB
Transfer

3093 kB
Size

1
Cookies

32 HTTP transactions
2 data transactions