urlscan.io logo urlscan.io
SecurityTrails logo

preprod.sso.red.sa Open in urlscan Pro
104.40.221.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://preprod.account.red.sa/
Effective URL: https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=h...
Submission: On November 14 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 104.40.221.127, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is preprod.sso.red.sa.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 6th 2019. Valid for: 3 months.
This is the only time preprod.sso.red.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 13.81.253.112 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
3 104.40.221.127 8075 (MICROSOFT...)
13 3
Apex Domain
Subdomains		 Transfer
12 red.sa
preprod.account.red.sa
preprod.sso.red.sa
419 KB
2 googleapis.com
fonts.googleapis.com
1 KB
13 2
Domain Requested by
9 preprod.account.red.sa 1 redirects preprod.account.red.sa
3 preprod.sso.red.sa preprod.account.red.sa
preprod.sso.red.sa
2 fonts.googleapis.com preprod.account.red.sa
13 3

This site contains no links.

Subject Issuer Validity Valid
preprod.account.red.sa
Let's Encrypt Authority X3		 2019-11-14 -
2020-02-12		 3 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
preprod.sso.red.sa
Let's Encrypt Authority X3		 2019-10-06 -
2020-01-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e22016daa&response_mode=fragment&response_type=code&scope=openid&nonce=44058be1-78d8-41a6-990d-295212ec9764
Frame ID: C90480818E172311FF48AD21817A8598
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://preprod.account.red.sa/ Page URL
  2. https://preprod.account.red.sa/auth/realms/RED/protocol/openid-connect/auth?client_id=security-admin-consol... HTTP 301
    https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-co... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Unix/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

420 kB
Transfer

1557 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://preprod.account.red.sa/ Page URL
  2. https://preprod.account.red.sa/auth/realms/RED/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e22016daa&response_mode=fragment&response_type=code&scope=openid&nonce=44058be1-78d8-41a6-990d-295212ec9764 HTTP 301
    https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e22016daa&response_mode=fragment&response_type=code&scope=openid&nonce=44058be1-78d8-41a6-990d-295212ec9764 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
preprod.account.red.sa/ 		966 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://preprod.account.red.sa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.81.253.112 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Apache/2.4.41 (Unix) OpenSSL/1.1.1d /
Resource Hash
ff1bf4f001e71d5eaabec221ebec3612dc9c59fb15e95b430ddcd74aad5fe8e8

Request headers

Host
preprod.account.red.sa
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Thu, 14 Nov 2019 06:30:32 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
Last-Modified
Thu, 14 Nov 2019 06:16:02 GMT
Accept-Ranges
bytes
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
471
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
css
fonts.googleapis.com/ 		7 KB
746 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Requested by
Host: preprod.account.red.sa
URL: https://preprod.account.red.sa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
eba87c6930cc65b07a38ddcecfdf8c32ef5421a3707f3d99c0c5d382ae6e181d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://preprod.account.red.sa/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 14 Nov 2019 06:30:32 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 14 Nov 2019 06:30:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Thu, 14 Nov 2019 06:30:32 GMT
icon
fonts.googleapis.com/ 		574 B
384 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: preprod.account.red.sa
URL: https://preprod.account.red.sa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://preprod.account.red.sa/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 14 Nov 2019 06:30:32 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 14 Nov 2019 06:30:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Thu, 14 Nov 2019 06:30:32 GMT
runtime.e89741c86dc89dd2ddfd.js
preprod.account.red.sa/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://preprod.account.red.sa/runtime.e89741c86dc89dd2ddfd.js
Requested by
Host: preprod.account.red.sa
URL: https://preprod.account.red.sa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.81.253.112 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Apache/2.4.41 (Unix) OpenSSL/1.1.1d /
Resource Hash
eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://preprod.account.red.sa/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Nov 2019 06:30:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 06:16:02 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
712
polyfills.3bfd66addbd0d2814591.js
preprod.account.red.sa/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://preprod.account.red.sa/polyfills.3bfd66addbd0d2814591.js
Requested by
Host: preprod.account.red.sa
URL: https://preprod.account.red.sa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.81.253.112 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Apache/2.4.41 (Unix) OpenSSL/1.1.1d /
Resource Hash
1cae2e80a478f8c3aaa3988d0495b21ca579b7de2bdfcbef442650e53c0cf4db

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://preprod.account.red.sa/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Nov 2019 06:30:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 06:16:02 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
styles.7b4029a62f10df1a56d3.js
preprod.account.red.sa/ 		80 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://preprod.account.red.sa/styles.7b4029a62f10df1a56d3.js
Requested by
Host: preprod.account.red.sa
URL: https://preprod.account.red.sa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.81.253.112 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Apache/2.4.41 (Unix) OpenSSL/1.1.1d /
Resource Hash
0c0583c35be4be356db1a57f918cfeb9ef06eeeaaf5280e1299eb9d94245767f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://preprod.account.red.sa/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Nov 2019 06:30:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 06:16:02 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12889
scripts.531d87bb979c5fa92b6c.js
preprod.account.red.sa/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://preprod.account.red.sa/scripts.531d87bb979c5fa92b6c.js
Requested by
Host: preprod.account.red.sa
URL: https://preprod.account.red.sa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.81.253.112 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Apache/2.4.41 (Unix) OpenSSL/1.1.1d /
Resource Hash
7adfc636d0b57fb954e9b381964c241fd593bcc5f986e0d42691a675c9bfe2aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://preprod.account.red.sa/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Nov 2019 06:30:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 06:16:02 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1184
vendor.8a5640927f513ce5b9da.js
preprod.account.red.sa/ 		1 MB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://preprod.account.red.sa/vendor.8a5640927f513ce5b9da.js
Requested by
Host: preprod.account.red.sa
URL: https://preprod.account.red.sa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.81.253.112 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Apache/2.4.41 (Unix) OpenSSL/1.1.1d /
Resource Hash
1f676002470efe05c0e9651e4257914d4cbd1c5d260533c6fc8312ddcf7fed51

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://preprod.account.red.sa/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Nov 2019 06:30:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 06:16:02 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
main.633673982604b6af18f0.js
preprod.account.red.sa/ 		145 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://preprod.account.red.sa/main.633673982604b6af18f0.js
Requested by
Host: preprod.account.red.sa
URL: https://preprod.account.red.sa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.81.253.112 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Apache/2.4.41 (Unix) OpenSSL/1.1.1d /
Resource Hash
9aa9096e5091dd5eae11bba24790b7ecfe0fc0fe89611759fe69ee600178216c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://preprod.account.red.sa/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Nov 2019 06:30:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Nov 2019 06:16:02 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
26222
DINNextLTArabic-Regular.woff2
preprod.account.red.sa/assets/fonts/main_arabic/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://preprod.account.red.sa/assets/fonts/main_arabic/DINNextLTArabic-Regular.woff2
Requested by
Host: preprod.account.red.sa
URL: https://preprod.account.red.sa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.81.253.112 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Apache/2.4.41 (Unix) OpenSSL/1.1.1d /
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://preprod.account.red.sa/
Origin
https://preprod.account.red.sa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Nov 2019 06:30:32 GMT
Last-Modified
Thu, 14 Nov 2019 06:16:02 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
Content-Type
font/woff2
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
46320
Primary Request auth
preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/
Redirect Chain
  • https://preprod.account.red.sa/auth/realms/RED/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e2...
  • https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e2...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e22016daa&response_mode=fragment&response_type=code&scope=openid&nonce=44058be1-78d8-41a6-990d-295212ec9764
Requested by
Host: preprod.account.red.sa
URL: https://preprod.account.red.sa/vendor.8a5640927f513ce5b9da.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.40.221.127 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
850f27882377c22adc34deb9483e90a8f17d2957eba4bf8350c72524489e07f1
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
preprod.sso.red.sa
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-site
Referer
https://preprod.account.red.sa/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://preprod.account.red.sa/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 14 Nov 2019 06:30:32 GMT
Content-Type
text/html;charset=utf-8
Content-Length
2151
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Language
en

Redirect headers

Date
Thu, 14 Nov 2019 06:30:32 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
Location
https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e22016daa&response_mode=fragment&response_type=code&scope=openid&nonce=44058be1-78d8-41a6-990d-295212ec9764
Content-Length
534
Content-Type
text/html; charset=iso-8859-1
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
login.css
preprod.sso.red.sa/auth/resources/7.0.0/login/redtheme/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://preprod.sso.red.sa/auth/resources/7.0.0/login/redtheme/css/login.css
Requested by
Host: preprod.sso.red.sa
URL: https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e22016daa&response_mode=fragment&response_type=code&scope=openid&nonce=44058be1-78d8-41a6-990d-295212ec9764
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.40.221.127 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
679e355d5845bcfc119e442310424a26ada3a1e091cfb83aef3c1ee6579ff1f1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e22016daa&response_mode=fragment&response_type=code&scope=openid&nonce=44058be1-78d8-41a6-990d-295212ec9764
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 Nov 2019 06:30:32 GMT
Cache-Control
max-age=2592000
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
4846
Content-Type
text/css;charset=UTF-8
login.js
preprod.sso.red.sa/auth/resources/7.0.0/login/redtheme/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://preprod.sso.red.sa/auth/resources/7.0.0/login/redtheme/js/login.js
Requested by
Host: preprod.sso.red.sa
URL: https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e22016daa&response_mode=fragment&response_type=code&scope=openid&nonce=44058be1-78d8-41a6-990d-295212ec9764
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.40.221.127 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f769c6eac178e99c503fe1aed2d8d536b4121ee31b2a47988b8438dfa038f4c1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://preprod.sso.red.sa/auth/realms/preprod/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=https%3A%2F%2Fpreprod.account.red.sa%2F&state=c553b22a-ec25-42c1-a7a9-7d0e22016daa&response_mode=fragment&response_type=code&scope=openid&nonce=44058be1-78d8-41a6-990d-295212ec9764
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 Nov 2019 06:30:32 GMT
Cache-Control
max-age=2592000
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
1821
Content-Type
text/javascript;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://preprod.account.red.sa/main.633673982604b6af18f0.js(Line 1)
Message:
d