alfursan.saudia.com
Open in
urlscan Pro
107.154.80.237
Public Scan
Effective URL: https://alfursan.saudia.com/ar/retro-claims
Submission: On August 23 via api from SA — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on July 13th 2023. Valid for: 6 months.
This is the only time alfursan.saudia.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 107.154.80.237 107.154.80.237 | 19551 (INCAPSULA) (INCAPSULA) | |
2 | 43.159.107.100 43.159.107.100 | 139341 (ACE-AS-AP...) (ACE-AS-AP ACE) | |
3 | 2600:9000:21a... 2600:9000:21a8:6c00:1:fa24:cf00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 4 |
ASN19551 (INCAPSULA, US)
PTR: 107.154.80.237.ip.incapdns.net
alfursan.saudia.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
saudia.com
1 redirects
alfursan.saudia.com |
186 KB |
5 |
geetest.com
api.geetest.com — Cisco Umbrella Rank: 77147 static.geetest.com — Cisco Umbrella Rank: 44354 |
100 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
13 | alfursan.saudia.com |
1 redirects
alfursan.saudia.com
|
3 | static.geetest.com |
alfursan.saudia.com
static.geetest.com |
2 | api.geetest.com |
alfursan.saudia.com
static.geetest.com |
17 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-07-13 - 2024-01-09 |
6 months | crt.sh |
*.geetest.com GeoTrust TLS RSA CA G1 |
2023-03-28 - 2024-04-26 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://alfursan.saudia.com/ar/retro-claims
Frame ID: 9985B64330B8A9E8C8456B783B1DABA9
Requests: 6 HTTP requests in this frame
Frame:
https://alfursan.saudia.com/_Incapsula_Resource?CWUDNSAI=42&xinfo=11-52763772-0%20NNNN%20RT%281692785620618%2028%29%20q%280%20-1%20-1%206%29%20r%280%20-1%29%20B10%2814%2c0%2c0%29%20U18&incident_id=259001280191662522-311407471396855819&edet=10&cinfo=0e0000005e22&rpinfo=0&mth=GET
Frame ID: 62C4CBE211647B9FBEF9822E729ED03B
Requests: 5 HTTP requests in this frame
Frame:
https://alfursan.saudia.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=11-52763772-0%20NNNY%20RT%281692785620618%20975%29%20q%280%20-1%20-1%20-1%29%20r%281%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=259001280191662522-311408536548745227&edet=12&cinfo=0e0000005e22&rpinfo=0&cts=bUOjF%2f6lWQ%2boMLQu2cE%2bpD7nu34rxfJEu%2fUmuNqKgTDrIDYG6iVuMDPJU6j1krIc&mth=GET
Frame ID: D85E8236FB0363B9DF4E29752B3B2584
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://alfursan.saudia.com/ar/retro-claims
HTTP 301
https://alfursan.saudia.com/ar/retro-claims Page URL
- https://alfursan.saudia.com/ar/retro-claims Page URL
Detected technologies
Imperva (Security) ExpandDetected patterns
- /_Incapsula_Resource
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://alfursan.saudia.com/ar/retro-claims
HTTP 301
https://alfursan.saudia.com/ar/retro-claims Page URL
- https://alfursan.saudia.com/ar/retro-claims Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://alfursan.saudia.com/ar/retro-claims HTTP 301
- https://alfursan.saudia.com/ar/retro-claims
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
retro-claims
alfursan.saudia.com/ar/ Redirect Chain
|
864 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ |
153 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ |
1 B 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame 62C4 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ Frame 62C4 |
231 KB 75 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 62C4 |
19 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 62C4 |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ Frame 62C4 |
750 B 847 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
retro-claims
alfursan.saudia.com/ar/ |
913 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ |
231 KB 75 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame D85E |
13 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame D85E |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ |
750 B 808 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame D85E |
126 B 153 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D85E |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D85E |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gettype.php
api.geetest.com/ Frame D85E |
460 B 758 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fullpage.9.1.5.js
static.geetest.com/static/js/ Frame D85E |
330 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get.php
api.geetest.com/ Frame D85E |
951 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style_https.1.5.8.css
static.geetest.com/static/wind/ Frame D85E |
40 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.1.5.8.png
static.geetest.com/static/wind/ Frame D85E |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| reese84 function| a1_0x2749 function| a1_0x821d function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.saudia.com/ | Name: visid_incap_2766175 Value: +O4UeLUZRUKCJrIbkkkwLNTb5WQAAAAAQUIPAAAAAAAIrp/Sz5FRGS7McRd++fwm |
|
.saudia.com/ | Name: incap_ses_259_2766175 Value: 3FXVG6TSKFC6CTLGSiiYA9Tb5WQAAAAAtRmb1dDlWYaUuDc460WX6Q== |
|
.saudia.com/ | Name: reese84 Value: 3:ATMI3XBEPUwW1KL24qAnVg==:i/+XMIYPIa3xtbroTvB3Mawtju4rPplbsJHLaBwi2tV5j2CNGQ7QZqsR+AjtoWwEXG1xG6ZzQY1t0UFtk8MebEkE/wrfplOEeartuSrUM/EtZ7nHW0sEwBZZU4HsGMncKD/gRG9tv20Q86exeJtjsESvcGzKie4PC2kzh//OlzNoxGDDqo4CouOOdVG+5vlZuuGzMFTi0b/pDU1iasbXAnAcb057BhO57+Y6Nu86YUGKimn1MwA3p7IEiyGsXgGGy08N7m9s432HRnR1na7YdiRf9egNF+Yf6jV4XLumKJ+VTATNuIzYusqnzMJCNblmaMx+47Cg1q3os4Bdv+VhXvtEH93zNRE+hssrI8nCpDwfuNNtrZEDR6zhaPPkxCkZYqpHwQk3K0SVsBtdh6+5MhoN4I2Wt6AtyM1P3/5Sz7YZgi/8f6n8RYjZfx2sPRdmmI28qOu7v8dK5D4CBWuUK6uzvm02CtIr6Q0g7U+WQoEAd6aI2Gi7TsQl1tBAwHgqappdFWP6DKZhxhp2HzJUvknrQpUOReGDDHHKFr4Ams5mOwClrL/khUdTy0zS/ALrwlSJKMwXdaN8UZ1CGULAzfpJjIFHgoWmq6hN5LPhA5o=:YmxkjtW9ttJFJSgVgpVUH/pDUIIQrAR5dW7KYDr9dlw= |
|
alfursan.saudia.com/ | Name: incap_sh_2766175 Value: 1dvlZAAAAAAbYtwLBgAQ1beXpwYzjGU944lP0PBO17NuqhbI |
|
.saudia.com/ | Name: nlbi_2766175_2147483392 Value: 2MW0DHvJckdL1VqKxbBhtAAAAABBh5Pe9n/dWLuW8JAFKoCc |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alfursan.saudia.com
api.geetest.com
static.geetest.com
107.154.80.237
2600:9000:21a8:6c00:1:fa24:cf00:93a1
43.159.107.100
0160a5f19ad957e1c55a4569c808d2e9de99d58e1a750a70d87264cb3768ac80
0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93
319e64e17fc7abe48cf91f1ca2ad7c30ae19ba567c4bc485aa9b2c0ebaa82ba7
38464b6726872235ec7178bf6c16a66a778c406d780190f1b7dd8518d3aa2bf8
385a8794916319b7234888f8deaa7ffcb9c1c1bc48e0b394e01876db078be5e8
4dcfcf97ceea0e2e07172fbf296e87208fbcd168b27a38a44ddb9946ddab9923
5cbc6f0d59ecc42f6a04c30ec8048cda8986499c50f6480c00caee8006d43d83
7b50694451592ee45ab4426afb035555eb0d3d927c49e9a403e0f5f714dc179d
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
9896478a5cd5b0690914815d92b291a60b081a505ea7de10b6fdaeac1c66b2a7
add1840190041b98d2c3facdfc43ac873a2e7c759fe62034e5d984172acee5bb
b28ae14585f1c141903d1b170b72923f1c67620d9935ac976f0938cbc0ca31ac
b7b37a48518a81d9b722723aa355fe34c30a8de262d92c7aa63a6f76291fbc72
bc798131096684be5441feb2411a608938f2d6eedcd98bd4bbe678007eedfb2b
ca9615641c0df11328e9050bc8c9e8f29c1d2263ae5ed41b20a4d22611f0b4f6
d0edfaa21960f9b7a8bf886fe33de96873b2a2d36c9780deb87df9820625ac84
df887242c4783252b70c63ec9fc30bc080724174313768743be19ecdd2570b32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6c7376190611977ac3c1a36827ef2fc5d3b6eece6d008bd92a95453e00b036d