alfursan.saudia.com
Open in
urlscan Pro
107.154.80.237
Public Scan
Effective URL: https://alfursan.saudia.com/ar/retro-claims
Submission: On August 22 via api from SA — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on July 13th 2023. Valid for: 6 months.
This is the only time alfursan.saudia.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 107.154.80.237 107.154.80.237 | 19551 (INCAPSULA) (INCAPSULA) | |
2 | 43.152.44.80 43.152.44.80 | 139341 (ACE-AS-AP...) (ACE-AS-AP ACE) | |
3 | 2600:9000:225... 2600:9000:2250:a200:1:fa24:cf00:93a1 | () () | |
17 | 4 |
ASN19551 (INCAPSULA, US)
PTR: 107.154.80.237.ip.incapdns.net
alfursan.saudia.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
saudia.com
1 redirects
alfursan.saudia.com |
181 KB |
5 |
geetest.com
api.geetest.com — Cisco Umbrella Rank: 70388 static.geetest.com — Cisco Umbrella Rank: 42916 |
100 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
13 | alfursan.saudia.com |
1 redirects
alfursan.saudia.com
|
3 | static.geetest.com |
alfursan.saudia.com
static.geetest.com |
2 | api.geetest.com |
alfursan.saudia.com
static.geetest.com |
17 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-07-13 - 2024-01-09 |
6 months | crt.sh |
*.geetest.com GeoTrust TLS RSA CA G1 |
2023-03-28 - 2024-04-26 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://alfursan.saudia.com/ar/retro-claims
Frame ID: DC4BAD98A8A46FE70C62EFB21D301A34
Requests: 6 HTTP requests in this frame
Frame:
https://alfursan.saudia.com/_Incapsula_Resource?CWUDNSAI=42&xinfo=14-35417045-0%20NNNN%20RT%281692744618229%2027%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B10%2814%2c0%2c0%29%20U18&incident_id=108000750083011177-185139276880286414&edet=10&cinfo=0e0000004222&rpinfo=0&mth=GET
Frame ID: 1BE8F193C04189305D18F95666C37103
Requests: 5 HTTP requests in this frame
Frame:
https://alfursan.saudia.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=14-35417045-0%20NNNY%20RT%281692744618229%20700%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=108000750083011177-185140475176161998&edet=12&cinfo=0e0000004222&rpinfo=0&cts=vhxklYSep1YzB1QzdK2DgtwwiG0wlcpV8Zvlya2YNmaqO%2fmN9eZ6Qh%2ffJAwTKJ23&mth=GET
Frame ID: 2E4BB090FAC1532A3564B9B4DA2947D8
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://alfursan.saudia.com/ar/retro-claims
HTTP 301
https://alfursan.saudia.com/ar/retro-claims Page URL
- https://alfursan.saudia.com/ar/retro-claims Page URL
Detected technologies
Imperva (Security) ExpandDetected patterns
- /_Incapsula_Resource
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://alfursan.saudia.com/ar/retro-claims
HTTP 301
https://alfursan.saudia.com/ar/retro-claims Page URL
- https://alfursan.saudia.com/ar/retro-claims Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://alfursan.saudia.com/ar/retro-claims HTTP 301
- https://alfursan.saudia.com/ar/retro-claims
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
retro-claims
alfursan.saudia.com/ar/ Redirect Chain
|
864 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ |
148 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ |
1 B 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame 1BE8 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ Frame 1BE8 |
225 KB 73 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1BE8 |
19 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 1BE8 |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ Frame 1BE8 |
750 B 845 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
retro-claims
alfursan.saudia.com/ar/ |
909 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ |
225 KB 72 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame 2E4B |
13 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame 2E4B |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ |
750 B 814 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame 2E4B |
126 B 153 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 2E4B |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 2E4B |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gettype.php
api.geetest.com/ Frame 2E4B |
460 B 755 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fullpage.9.1.5.js
static.geetest.com/static/js/ Frame 2E4B |
330 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get.php
api.geetest.com/ Frame 2E4B |
951 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style_https.1.5.8.css
static.geetest.com/static/wind/ Frame 2E4B |
40 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.1.5.8.png
static.geetest.com/static/wind/ Frame 2E4B |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| reese84 function| a1_0x2749 function| a1_0x821d function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.saudia.com/ | Name: visid_incap_2766175 Value: 2cREkW2QSFO4euhQbfgjfao75WQAAAAAQUIPAAAAAABVXO1KHtDN8iqiim3gM5sq |
|
.saudia.com/ | Name: incap_ses_108_2766175 Value: s5w1FaHxZGxpciwoHLJ/Aao75WQAAAAA6UPHDp1VAs0dqcPq4Ivm5A== |
|
.saudia.com/ | Name: reese84 Value: 3:cHLEnEbq1i9I7/KFIw0lTQ==:1CAc2zwuSLOLNqTXuAf9bgnNZc2nYIZAVkrnmuNrOuoWnU/Ph//w2vNeNfn4N1dngNjCbSwRql1sYKjzHUdwWTCzU7sSJ8Fmv2gRj1ZApZstoAn5ZaCJNYtbrm2rWEkPDJMnyo/G0KiV0iZHiDmaX9r8jdpT2HffK/pXsz7m80ZHb082ZV0ZXfzdbY9pF+uPJz/dIcETkWxb1CR3v6punP0hztKCd18lZl/tTnDi5DzFivYFdbDo9USft6vZ1BPolc4G+Tp/8VCLZSOJ6KviR1v7YFW3W3klTdQssukqvhSyG6RzCKf24HfCvrx5DfM4iSx15wA2u8WxAh9JhqANQDpH/NsUOBWzv6KILTgvxZ7Wk/is5Bobnq/vSeCQDw5dXvqfExdBt5MO/UnzJkkM4H3lagpuQ5NW5aXd1MgzjsFNkwJICgBdHqorkYoc72jeNdL0bVVuhwBAV+DThT6q0AhIfGgaWPqavUC8fJAYPfOMnQ94tZgH4D8pLqHNQbsi4qwQkENLI6Pxg5bOWSBTuo5ZSr2xd5oZlcbSA5miMscyv6z9uM63E4lc9qGDt2+DyiXLXHhWN0dvRpB6nE5nVkIe8oe1jAGmBVmWY8xAGuk=:u3UgmnahdcidewDz+1P1P8H1XRxwJnoIPWiHRU0v0B0= |
|
alfursan.saudia.com/ | Name: incap_sh_2766175 Value: qjvlZAAAAABFf9w2BgAQqveUpwa3pffyBdRUZoRvk+AVGPC7 |
|
.saudia.com/ | Name: nlbi_2766175_2147483392 Value: sSPwWWYvMX+ezlnzxbBhtAAAAABkZLfZycP+hBpPAxX8ELpO |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alfursan.saudia.com
api.geetest.com
static.geetest.com
107.154.80.237
2600:9000:2250:a200:1:fa24:cf00:93a1
43.152.44.80
005eed10740e9d81627693973ee7ed8294fcd7cb94b3bfff40b7aa200b564471
0b064022b53bf41a1efecda19559194090352aa0a4db26d2bb59eaaca8c6d62b
0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93
1e07dcd9cc300c7bf04de5a11ffa96d042417d5eb570686648b72ae39d0b4757
255b34e13f61cdea1bf5b633689a77f1115baf96ea9238648d1a961fe5f35304
319e64e17fc7abe48cf91f1ca2ad7c30ae19ba567c4bc485aa9b2c0ebaa82ba7
38464b6726872235ec7178bf6c16a66a778c406d780190f1b7dd8518d3aa2bf8
385a8794916319b7234888f8deaa7ffcb9c1c1bc48e0b394e01876db078be5e8
452a666d82d463e59f05508364cc2b8f7c6c042da14a5a5537cd7623d75119e0
78ea3e971b7f389be85d5dceb9bc3101bfba06dc812ea55d65a5abc34b7b6b46
7b50694451592ee45ab4426afb035555eb0d3d927c49e9a403e0f5f714dc179d
7fdb61b6a70f01823f6da515679ad8d00d1fef967a8d91b587dcbc95fc918d9b
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
9896478a5cd5b0690914815d92b291a60b081a505ea7de10b6fdaeac1c66b2a7
aac7b569b129c6926b140c9aa0c567c81a4d3d80eeb0a4809eef85f78f097841
add1840190041b98d2c3facdfc43ac873a2e7c759fe62034e5d984172acee5bb
bc798131096684be5441feb2411a608938f2d6eedcd98bd4bbe678007eedfb2b
d1ebed536cbc4d09768d87195f1ed994d2ff37a8cdada8ad31c968f15a2aedf6
ddf0a64768ed985e3c4ae04c273f401890040359ee80df0df5d6741c847b0037
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855