urlscan.io logo urlscan.io
SecurityTrails logo

eservices.sagia.gov.sa Open in urlscan Pro
37.216.240.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://eservices.sagia.gov.sa:8443/survey/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN...
Effective URL: https://eservices.sagia.gov.sa:8443/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=...
Submission: On November 23 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 37.216.240.196, located in Jeddah, Saudi Arabia and belongs to MOBILY-AS Etihad Etisalat Company (Mobily), SA. The main domain is eservices.sagia.gov.sa.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 29th 2020. Valid for: a year.
This is the only time eservices.sagia.gov.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 37.216.240.196 35819 (MOBILY-AS...)
3 1
Apex Domain
Subdomains		 Transfer
4 sagia.gov.sa
eservices.sagia.gov.sa
321 KB
3 1
Domain Requested by
4 eservices.sagia.gov.sa 1 redirects eservices.sagia.gov.sa
3 1

This site contains no links.

Subject Issuer Validity Valid
eservices.misa.gov.sa
DigiCert SHA2 Secure Server CA		 2020-09-29 -
2021-10-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://eservices.sagia.gov.sa:8443/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML
Frame ID: B629ACBFFF5E09EFCE5B722EAED8D8A5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://eservices.sagia.gov.sa:8443/survey/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&ver... HTTP 302
    https://eservices.sagia.gov.sa:8443/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PER... Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

320 kB
Transfer

526 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eservices.sagia.gov.sa:8443/survey/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML HTTP 302
    https://eservices.sagia.gov.sa:8443/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request survey.htm
eservices.sagia.gov.sa/survey(bD1lbiZjPTMwMA==)/
Redirect Chain
  • https://eservices.sagia.gov.sa:8443/survey/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML
  • https://eservices.sagia.gov.sa:8443/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML
209 KB
209 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eservices.sagia.gov.sa:8443/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.216.240.196 Jeddah, Saudi Arabia, ASN35819 (MOBILY-AS Etihad Etisalat Company (Mobily), SA),
Reverse DNS
eservices.sagia.gov.sa
Software
/
Resource Hash
fc3b96d447ea74b75b14bbf2b2e83a2cfdfb4e7e932c69fb4b64fbe77beeaec3

Request headers

Host
eservices.sagia.gov.sa:8443
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
sap-usercontext=sap-client=300
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

set-cookie
sap-appcontext=c2FwLXNlc3Npb25pZD1TSUQlM2FBTk9OJTNhU0FHQ1JQQVAwMV9DUlBfMDAlM2Fxd3ZDaXYtLVBzOXBHZFJ0WDdJZllLU0haZEVjTnhueEk0NFRPYkMtLUFUVA%3d%3d; path=/survey(bD1lbiZjPTMwMA==)
content-type
text/html; charset=UTF-8
content-length
213576
expires
-1
cache-control
no-cache, no-store, private, must-revalidate
pragma
no-cache
sap-server
true
sap-perf-fesrec
235606.000000

Redirect headers

set-cookie
sap-usercontext=sap-client=300; path=/
content-type
text/html; charset=utf-8
content-length
25
location
/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML
sap-server
true
sap-perf-fesrec
8977.000000
moi.png
eservices.sagia.gov.sa/sap/public/bc/ur/Login/simple/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eservices.sagia.gov.sa:8443/sap/public/bc/ur/Login/simple/moi.png
Requested by
Host: eservices.sagia.gov.sa
URL: https://eservices.sagia.gov.sa:8443/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.216.240.196 Jeddah, Saudi Arabia, ASN35819 (MOBILY-AS Etihad Etisalat Company (Mobily), SA),
Reverse DNS
eservices.sagia.gov.sa
Software
/
Resource Hash
8c160ce3578e2deedf6187b66385117ca44424375942724f989b999bcf20bc69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://eservices.sagia.gov.sa:8443/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 05:22:05 GMT
ms-author-via
DAV
last-modified
Mon, 30 Mar 2020 07:45:17 GMT
content-type
image/png
cache-control
max-age=3600
connection
Keep-Alive
sap-dms
KW
content-length
18000
x-content-type-options
nosniff
sap-server
true
TheSans.ttf
eservices.sagia.gov.sa/sap/public/bc/UI2/logon/img/ 		300 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eservices.sagia.gov.sa:8443/sap/public/bc/UI2/logon/img/TheSans.ttf
Requested by
Host: eservices.sagia.gov.sa
URL: https://eservices.sagia.gov.sa:8443/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.216.240.196 Jeddah, Saudi Arabia, ASN35819 (MOBILY-AS Etihad Etisalat Company (Mobily), SA),
Reverse DNS
eservices.sagia.gov.sa
Software
/
Resource Hash
1f9671e1074e2986a99a0485f4946c16086d0bcca5f26c37aa0335891ef3d0ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://eservices.sagia.gov.sa:8443
Referer
https://eservices.sagia.gov.sa:8443/survey(bD1lbiZjPTMwMA==)/survey.htm?applid=CRM_SURVEY_EIC&svyid=INVESTOR_PERCEPTION_SURVEY&vers=0000000004&lang=EN&parid=CRM_SVY_BSP_SYSTEMPARAM_CRP_300.XML
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 05:22:05 GMT
content-encoding
gzip
ms-author-via
DAV
last-modified
Mon, 06 Apr 2020 11:05:10 GMT
content-type
application/octet-stream
cache-control
max-age=31536000
connection
Keep-Alive
sap-dms
KW
content-length
95391
x-content-type-options
nosniff
sap-server
true

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| splitText function| splitIt function| check function| isValidDate function| checkDate function| checkTime function| checkNumberNegative function| checkNumber function| phoneNumber function| mobileNumber function| validateEmail function| checkPercent function| myTrim function| totalDebtDIValidation object| compareRevenuArr object| compareTaxArr function| taxonIncomeValidation object| compareRevenuField object| compareTaxField function| interestPaidValidation object| compareReinvestedArr object| salesAndGoodsArr function| salesGoodsValidation function| revenueIncomeValidation function| realEstateActivity function| importExportValidation function| condFellowEnterprise function| financialIntermediatory function| balanceSheetValidation function| findParentNode function| sumNumber function| grandTotalNumber function| productNumber function| productTotalNumber function| residenceList function| regionList function| cityFilter function| countryList function| sectionFilter function| divisionFilter function| groupFilter function| factorRankingFilter function| jumpScroll function| tabNext function| tabPrevious function| tabs function| callInitialLoad function| PopUp function| PopUpFinSection function| alertMessageFinSecton function| alertMessageToSave object| calendar

2 Cookies

Domain/Path Name / Value
eservices.sagia.gov.sa/ Name: sap-usercontext
Value: sap-client=300
eservices.sagia.gov.sa/survey(bD1lbiZjPTMwMA==) Name: sap-appcontext
Value: c2FwLXNlc3Npb25pZD1TSUQlM2FBTk9OJTNhU0FHQ1JQQVAwMV9DUlBfMDAlM2Fxd3ZDaXYtLVBzOXBHZFJ0WDdJZllLU0haZEVjTnhueEk0NFRPYkMtLUFUVA%3d%3d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eservices.sagia.gov.sa
37.216.240.196
1f9671e1074e2986a99a0485f4946c16086d0bcca5f26c37aa0335891ef3d0ba
8c160ce3578e2deedf6187b66385117ca44424375942724f989b999bcf20bc69
fc3b96d447ea74b75b14bbf2b2e83a2cfdfb4e7e932c69fb4b64fbe77beeaec3