urlscan.io logo urlscan.io
SecurityTrails logo

apim-test.zain.sa Open in urlscan Pro
2606:4700:20::681a:2c2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apim-test.zain.sa/publisher/services/auth/login
Effective URL: https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Fo...
Submission: On May 07 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700:20::681a:2c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is apim-test.zain.sa.
TLS certificate: Issued by GTS CA 1P5 on April 21st 2024. Valid for: 3 months.
This is the only time apim-test.zain.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 2606:4700:20:... 13335 (CLOUDFLAR...)
7 1
Apex Domain
Subdomains		 Transfer
9 zain.sa
apim-test.zain.sa
318 KB
7 1
Domain Requested by
9 apim-test.zain.sa 2 redirects apim-test.zain.sa
7 1

This site contains no links.

Subject Issuer Validity Valid
zain.sa
GTS CA 1P5		 2024-04-21 -
2024-07-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Frame ID: 0715460CE2D26606AB26B106782AE565
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WSO2 API Manager

Page URL History Show full URLs

  1. https://apim-test.zain.sa/publisher/services/auth/login HTTP 302
    https://apim-test.zain.sa/oauth2/authorize?response_type=code&client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&s... HTTP 302
    https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /semantic(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

315 kB
Transfer

1295 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apim-test.zain.sa/publisher/services/auth/login HTTP 302
    https://apim-test.zain.sa/oauth2/authorize?response_type=code&client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&scope=apim:admin%20apim:api_create%20apim:api_delete%20apim:api_generate_key%20apim:api_import_export%20apim:api_product_import_export%20apim:api_publish%20apim:api_view%20apim:app_import_export%20apim:client_certificates_add%20apim:client_certificates_update%20apim:client_certificates_view%20apim:comment_view%20apim:comment_write%20apim:document_create%20apim:document_manage%20apim:ep_certificates_add%20apim:ep_certificates_update%20apim:ep_certificates_view%20apim:mediation_policy_create%20apim:mediation_policy_manage%20apim:mediation_policy_view%20apim:pub_alert_manage%20apim:publisher_settings%20apim:shared_scope_manage%20apim:subscription_block%20apim:subscription_view%20apim:threat_protection_policy_create%20apim:threat_protection_policy_manage%20openid%20service_catalog:service_view%20service_catalog:service_write&state=&redirect_uri=https://apim-test.zain.sa/publisher/services/auth/callback/login HTTP 302
    https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.do
apim-test.zain.sa/authenticationendpoint/
Redirect Chain
  • https://apim-test.zain.sa/publisher/services/auth/login
  • https://apim-test.zain.sa/oauth2/authorize?response_type=code&client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&scope=apim:admin%20apim:api_create%20apim:api_delete%20apim:api_generate_key%20apim:api_import_e...
  • https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2...
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4135088558aa7018c15a87c1ebd62e8fbd41eb6452ca7251cf02e7685dbe98cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
8800ac1be9b71c05-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 07 May 2024 10:54:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=*, microphone=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXwhZF3toPnKsM7iDLQyWAhZRrlHICIhD9nyKEZNCvQTY6v5jBYV6QG7PyggE7fU4MhIJJSHcIU6HEfRzzr4NXf8GYDgzqFh%2FL53%2Bl%2FVx2%2F4YLTh3qjQEZDii2kAqMC65Sweo0j1pVmDG8M7BH%2F5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
accept-encoding
x-content-type-options
nosniff nosniff
x-frame-options
DENY DENY
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8800ac1a1f521c05-FRA
content-length
0
date
Tue, 07 May 2024 10:54:29 GMT
location
https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=*, microphone=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkSqVw8ipKZVRffG29XLJdhIgX31AM%2F8hFwB1cOFo4Vzuq7zYaROL2%2FvukVXLBuqqApjEwDY08j88d6pdYXiDyz2Qr0Nf97I75fsr6k14lNsXyw9snpgD2tO83nFXCsGKPSj8pYFVayz1dlpDter"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff nosniff
x-frame-options
DENY DENY
x-xss-protection
1; mode=block
theme.min.css
apim-test.zain.sa/authenticationendpoint/libs/themes/default/ 		685 KB
117 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apim-test.zain.sa/authenticationendpoint/libs/themes/default/theme.min.css
Requested by
Host: apim-test.zain.sa
URL: https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7bacdb95ba86e7d52ac730610d67cdde19fd969ea41fa1eedb5bf4aedc4bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:54:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 14 Nov 2020 03:49:52 GMT
server
cloudflare
etag
W/"701899-1605325792000"
vary
accept-encoding
x-frame-options
DENY, DENY
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EasImwXgTHcPhul%2F406rTVix8oLlv6ktqpb7TQp61H0xM3YGp1YnwBLujAfM3ARN6d96EG4y7Qmt5EftleNac83qW%2F%2BffBot5dA57V1L8gmrXcoTA6ckdWWFHjpjxjMPL4z9%2FraLo69mPU4ZVEoX"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
geolocation=*, microphone=()
cf-ray
8800ac1dac0d1c05-FRA
jquery-3.4.1.js
apim-test.zain.sa/authenticationendpoint/libs/jquery_3.4.1/ 		286 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apim-test.zain.sa/authenticationendpoint/libs/jquery_3.4.1/jquery-3.4.1.js
Requested by
Host: apim-test.zain.sa
URL: https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f80e8e5e1945b57180397b363fb0a747e1e99cf492d59b4f8cd09bfb239f2b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:54:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 14 Nov 2020 03:48:18 GMT
server
cloudflare
etag
W/"292564-1605325698000"
vary
accept-encoding
x-frame-options
DENY, DENY
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HJF8fDvMTLNU2oF9pwbgTddOwzAUNaMZgPi1zA7y5ilhzSANgfhS5yW8b4vRontD%2BfVKgzvj0DMlhttSV0X9hVgsG4iKz2pc0ZpBkcjbwCQ2i99g0lfVR4YW6dAaIe9CapCf8dDUMHZWm4fe3vmJ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
geolocation=*, microphone=()
cf-ray
8800ac1dac0e1c05-FRA
semantic.min.js
apim-test.zain.sa/authenticationendpoint/libs/themes/default/ 		269 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apim-test.zain.sa/authenticationendpoint/libs/themes/default/semantic.min.js
Requested by
Host: apim-test.zain.sa
URL: https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7c19ea67c8f9b0f6df9fa0c87798a36f728aea3476a648ab4a471c695048052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:54:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 14 Nov 2020 03:49:52 GMT
server
cloudflare
etag
W/"275730-1605325792000"
vary
accept-encoding
x-frame-options
DENY, DENY
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p9fOi1fGXcj0XlJRfPrSA9bfqZO9xbIxiXofxE%2BXFH0bpi%2FxQYVBrAF00AReEVzVWTT53%2B20WltMiipRy2dkVuq%2F53xC1BBeLHr3H%2FlTnXgm%2FtMzrk7soLa%2Fj8EBpXE08no3QAzcrSxRDK47jeq1"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
geolocation=*, microphone=()
cf-ray
8800ac1dac101c05-FRA
icons.woff2
apim-test.zain.sa/authenticationendpoint/libs/themes/default/assets/fonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apim-test.zain.sa/authenticationendpoint/libs/themes/default/assets/fonts/icons.woff2
Requested by
Host: apim-test.zain.sa
URL: https://apim-test.zain.sa/authenticationendpoint/libs/themes/default/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://apim-test.zain.sa/authenticationendpoint/libs/themes/default/theme.min.css
Origin
https://apim-test.zain.sa
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:54:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
40148
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 14 Nov 2020 03:49:52 GMT
server
cloudflare
etag
W/"40148-1605325792000"
x-frame-options
DENY, DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pL3ktrRWKOjicDc3plEE4Ehj8Br7dcIh9uT5nYHPYqX67nLsTQex6xH6H8skvDBQEQuVBJemMcW4k3zZZ2VP%2BSKOZha3v6UM5CCHAstDLFoAvXKc4XPvsxMD%2F10%2FzN%2FBH%2F8SZrhq56vzIsZTGwUx"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
cache-control
max-age=14400
permissions-policy
geolocation=*, microphone=()
accept-ranges
bytes
cf-ray
8800ac2189b51c05-FRA
logincontext
apim-test.zain.sa/ 		20 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apim-test.zain.sa/logincontext?sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&tenantDomain=carbon.super&_=1715079270600
Requested by
Host: apim-test.zain.sa
URL: https://apim-test.zain.sa/authenticationendpoint/libs/jquery_3.4.1/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:54:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHUv0NDkNwzTm0tFuOi43nwqlr39F8Uq8TnWyCnmO%2FeBaBoT%2BFS3jryLt7E5dedImYD%2BHo%2FxSbIs%2BsErZ8I7Qwo6hzx6ZiLFslvkFmhcSfHGXZb%2B%2BRfUWrcHrJwFp8hjQT8vavleOQNvCVTL%2FLPH"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
permissions-policy
geolocation=*, microphone=()
cf-ray
8800ac24be721c05-FRA
content-length
20
x-xss-protection
1; mode=block
favicon.ico
apim-test.zain.sa/authenticationendpoint/libs/themes/default/assets/images/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://apim-test.zain.sa/authenticationendpoint/libs/themes/default/assets/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35f0c7b1ce10fc081d8d6f513f8ee55128b914f67bd530ba1ad82b74f01d0436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://apim-test.zain.sa/authenticationendpoint/login.do?client_id=AO_pUZjhv17Sj8gNjoYsg24FkUAa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=https%3A%2F%2Fapim-test.zain.sa%2Fpublisher%2Fservices%2Fauth%2Fcallback%2Flogin&response_type=code&scope=apim%3Aadmin+apim%3Aapi_create+apim%3Aapi_delete+apim%3Aapi_generate_key+apim%3Aapi_import_export+apim%3Aapi_product_import_export+apim%3Aapi_publish+apim%3Aapi_view+apim%3Aapp_import_export+apim%3Aclient_certificates_add+apim%3Aclient_certificates_update+apim%3Aclient_certificates_view+apim%3Acomment_view+apim%3Acomment_write+apim%3Adocument_create+apim%3Adocument_manage+apim%3Aep_certificates_add+apim%3Aep_certificates_update+apim%3Aep_certificates_view+apim%3Amediation_policy_create+apim%3Amediation_policy_manage+apim%3Amediation_policy_view+apim%3Apub_alert_manage+apim%3Apublisher_settings+apim%3Ashared_scope_manage+apim%3Asubscription_block+apim%3Asubscription_view+apim%3Athreat_protection_policy_create+apim%3Athreat_protection_policy_manage+openid+service_catalog%3Aservice_view+service_catalog%3Aservice_write&state=&tenantDomain=carbon.super&sessionDataKey=c8834f41-d27a-4ee9-bd76-e343848088c5&relyingParty=AO_pUZjhv17Sj8gNjoYsg24FkUAa&type=oidc&sp=apim_publisher&isSaaSApp=true&authenticators=BasicAuthenticator%3ALOCAL
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 10:54:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
1150
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 14 Nov 2020 03:49:52 GMT
server
cloudflare
etag
W/"1150-1605325792000"
x-frame-options
DENY, DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGN%2Fiz2bPNNdvwF80BWApzzJ1dyo6MnbeQZsbOkTsMN%2FhuglApwkgZ%2B2DY4ynTKSChbuVKWBE7A%2F7VSACHnLVkJm78cosHlF%2BbRtISwmXIrSoWnA2%2FNzrnXV1yzI2pDZasd4w8xGGjjkGpEPRLh6"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
cache-control
max-age=14400
permissions-policy
geolocation=*, microphone=()
accept-ranges
bytes
cf-ray
8800ac24be751c05-FRA

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| goBack function| checkSessionKey function| getParameterByName function| myFunction function| handleNoDomain function| changeUsername

3 Cookies

Domain/Path Name / Value
apim-test.zain.sa/authenticationendpoint Name: JSESSIONID
Value: C92487803E78FFAC42A1C3DDEB350EAB4062AB046125A83CFD41C563CB991FC4B012995154CB4FB78E01330EF89B01E2A9AB917923372129B436672046390FF09BFBAC28001E1490B66EABEB2C74CF7C2B9A87CC55B361D0E365D9DF7C1E470B790FADD71415417BB1653C04FB0D057105699C0729023AA1E97490A38EA5AFBC
apim-test.zain.sa/publisher/ Name: CLIENT_ID
Value: AO_pUZjhv17Sj8gNjoYsg24FkUAa
apim-test.zain.sa/ Name: sessionNonceCookie-c8834f41-d27a-4ee9-bd76-e343848088c5
Value: 0641a0c2-32cb-4802-84c4-f134316c5bb9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY DENY
X-Xss-Protection 1; mode=block