urlscan.io logo urlscan.io
SecurityTrails logo

selfservice.beta.openbanking.sa Open in urlscan Pro
193.122.67.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://selfservice.beta.openbanking.sa/
Effective URL: https://selfservice.beta.openbanking.sa/perry/user/index
Submission Tags: hades
Submission: On May 15 via api from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 193.122.67.77, located in Saudi Arabia and belongs to ORACLE-BMC-31898, US. The main domain is selfservice.beta.openbanking.sa.
TLS certificate: Issued by R3 on February 20th 2024. Valid for: 3 months.
This is the only time selfservice.beta.openbanking.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 193.122.67.77 31898 (ORACLE-BM...)
18 2
Apex Domain
Subdomains		 Transfer
17 openbanking.sa
selfservice.beta.openbanking.sa
5 MB
0 googleapis.com Failed
fonts.googleapis.com Failed
18 2
Domain Requested by
17 selfservice.beta.openbanking.sa selfservice.beta.openbanking.sa
0 fonts.googleapis.com Failed selfservice.beta.openbanking.sa
18 2

This site contains links to these domains. Also see Links.

Domain
ksaob.atlassian.net
Subject Issuer Validity Valid
admin.beta.openbanking.sa
R3		 2024-02-20 -
2024-05-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://selfservice.beta.openbanking.sa/perry/user/index
Frame ID: 20FAC5E13C3782734445AE9E846C08D0
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Self Service - Login

Page URL History Show full URLs

  1. http://selfservice.beta.openbanking.sa/ HTTP 307
    https://selfservice.beta.openbanking.sa/ Page URL
  2. https://selfservice.beta.openbanking.sa/perry/user/index Page URL

Page Statistics

18
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

5066 kB
Transfer

5048 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://selfservice.beta.openbanking.sa/ HTTP 307
    https://selfservice.beta.openbanking.sa/ Page URL
  2. https://selfservice.beta.openbanking.sa/perry/user/index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://selfservice.beta.openbanking.sa/ HTTP 307
  • https://selfservice.beta.openbanking.sa/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
selfservice.beta.openbanking.sa/
Redirect Chain
  • http://selfservice.beta.openbanking.sa/
  • https://selfservice.beta.openbanking.sa/
64 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
fe5331d1feebda04b7df73f5886c108f93e0c858a2c16945188379cd8558783f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Length
64
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Content-Type
text/html; charset=UTF-8
Cross-Origin-Embedder-Policy
require-corp
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Wed, 15 May 2024 12:31:22 GMT
ETag
W/"40-18dc173e718"
Expect-CT
max-age=0
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-ID
63a82818ce02773e37043e0a011ca827
X-XSS-Protection
0

Redirect headers

Location
https://selfservice.beta.openbanking.sa/
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
selfservice.beta.openbanking.sa/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
f7d6d5fabb37a12aad817c744b651f4c2454297b927b760951d4ace95f203524
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:22 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
1311
X-XSS-Protection
0
X-Request-ID
d296034657c366fcc9c0fee4faedb92f
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"51f-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Primary Request index
selfservice.beta.openbanking.sa/perry/user/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/perry/user/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
5437e535f7ad483af5b2b41e4bb6c4401b5aa62938c522724fb6e306e257b700
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Length
2900
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Cross-Origin-Embedder-Policy
require-corp
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Wed, 15 May 2024 12:31:23 GMT
ETag
W/"b54-E42B3iNpZfarR3FJTgUpHPD3wZ0"
Expect-CT
max-age=0
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-ID
4a372eb1fd36f851dc5305158e873cef
X-XSS-Protection
0
o3-cool.css
selfservice.beta.openbanking.sa/css/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/css/o3-cool.css
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/perry/user/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
6c09123a1bec7cce51af984308b7924d9eb682968c3b58bdc6ce0c3010137e57
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:23 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
1299732
X-XSS-Protection
0
X-Request-ID
5d784bd2f409b1431b6095d894593bc1
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"13d514-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
app.css
selfservice.beta.openbanking.sa/css/ 		114 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/css/app.css
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/perry/user/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
ed9ba8a2f0fb937c9abb19312107df81d7957f8d9c8690d3a39b899121f94145
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
117056
X-XSS-Protection
0
X-Request-ID
1769c1a385af55c0e10c513f8490d4be
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"1c940-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
branding.css
selfservice.beta.openbanking.sa/connector-pub/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/connector-pub/branding.css
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/perry/user/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
7c512e83eda922c064eff250c1b82ac5f13d0549fbeb690c8aab42cf8694fcda
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
3466
X-XSS-Protection
0
X-Request-ID
b54a0425e7d69a98c3e81f1d5bb493f4
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Feb 2024 08:55:03 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"d8a-18dc5b9c658"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
login-self-service.svg
selfservice.beta.openbanking.sa/img/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selfservice.beta.openbanking.sa/img/login-self-service.svg
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/perry/user/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
f653ea3838132942aa7992f78c4f40b55d9119e1c50f7dcdc31466a8d65d9723
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
48316
X-XSS-Protection
0
X-Request-ID
45636311d85014a4538b543e54be0d60
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"bcbc-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
libs.js
selfservice.beta.openbanking.sa/js/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/js/libs.js
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/perry/user/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
011a2d8236de50a026c8a3d337724c977e5b0f4349ba0fe63d7c16339f9ed7e2
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
3480244
X-XSS-Protection
0
X-Request-ID
d4a84990abb88655f23af6d1a6d478e5
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"351ab4-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
o3.js
selfservice.beta.openbanking.sa/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/js/o3.js
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/perry/user/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
4d65466592dfaca8556a23d05f50a45089e072dbcac3b74a3b65ac8afba603f0
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
3370
X-XSS-Protection
0
X-Request-ID
9232adf3bf3d6e6619ba0db695766c54
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"d2a-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
ozone.js
selfservice.beta.openbanking.sa/js/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/js/ozone.js
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/perry/user/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
b83c1ebbff0453c51f370a6d3b2108c987f263a640dbe6031eb5a4e38e3938da
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
20560
X-XSS-Protection
0
X-Request-ID
40db0489d0d5f2bad19bf61d0fa5450b
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"5050-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
css2
fonts.googleapis.com/ 		0
0
auth-bg.jpg
selfservice.beta.openbanking.sa/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selfservice.beta.openbanking.sa/images/auth-bg.jpg
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
f7d6d5fabb37a12aad817c744b651f4c2454297b927b760951d4ace95f203524
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
1311
X-XSS-Protection
0
X-Request-ID
c8c7c37292ec6b6bc8842d5193805bba
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"51f-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
sama-oci-logo.png
selfservice.beta.openbanking.sa/connector-pub/logo/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selfservice.beta.openbanking.sa/connector-pub/logo/sama-oci-logo.png
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/connector-pub/branding.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
cf8ab3454c9ea5d1078f0cfa7497e72ffe1c94f60f6fbc371e753fea482a72fc
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
10224
X-XSS-Protection
0
X-Request-ID
629eef2383ce3ea4cf990f42996bf34f
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Feb 2024 08:55:03 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"27f0-18dc5b9c658"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
IBMPlexSans-Medium-Latin1.woff2
selfservice.beta.openbanking.sa/fonts/ibm-plex-sans/split/woff2/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/fonts/ibm-plex-sans/split/woff2/IBMPlexSans-Medium-Latin1.woff2
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/css/o3-cool.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
e0c8ebe383ce65c702e6a6032212b97205d58393e6e53db89cc3eb3670e8e684
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://selfservice.beta.openbanking.sa
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
17204
X-XSS-Protection
0
X-Request-ID
09f091549b33f517dd6d8cd7b0095d5e
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"4334-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
IBMPlexSans-Regular-Latin1.woff2
selfservice.beta.openbanking.sa/fonts/ibm-plex-sans/split/woff2/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/fonts/ibm-plex-sans/split/woff2/IBMPlexSans-Regular-Latin1.woff2
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/css/o3-cool.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
4c307b8a6c94c602aa6bcb54ff46ef860f2dcd005eb17861fc25cec79bb8e4a7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://selfservice.beta.openbanking.sa
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
16668
X-XSS-Protection
0
X-Request-ID
2de8b0b88a1ac719725a0e11423fb68e
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"411c-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
IBMPlexSans-SemiBold-Latin1.woff2
selfservice.beta.openbanking.sa/fonts/ibm-plex-sans/split/woff2/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/fonts/ibm-plex-sans/split/woff2/IBMPlexSans-SemiBold-Latin1.woff2
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/css/o3-cool.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
d27a59267cd148520cc33d44b03e4da766767ad855bed77e800925b91cf7736a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://selfservice.beta.openbanking.sa
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:24 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
17536
X-XSS-Protection
0
X-Request-ID
37f189a0e5fcd465c8840a85ec2cf482
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"4480-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Inter-UI-Medium.woff2
selfservice.beta.openbanking.sa/fonts/inter-ui/ 		121 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/fonts/inter-ui/Inter-UI-Medium.woff2
Requested by
Host: selfservice.beta.openbanking.sa
URL: https://selfservice.beta.openbanking.sa/css/o3-cool.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
687538420625d748e16f00e198a8f39f5aee12dbd7fef085a866a10ce1ec8b56
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://selfservice.beta.openbanking.sa
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:25 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
124296
X-XSS-Protection
0
X-Request-ID
a064a035ce4d4c121ec96873655d1b82
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Feb 2024 13:00:15 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"1e588-18dc173e718"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
favicon-48x48.png
selfservice.beta.openbanking.sa/connector-pub/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://selfservice.beta.openbanking.sa/connector-pub/favicon-48x48.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
193.122.67.77 , Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
726bf05811f335957eacb14a153eb73aecb57d4a691f84b59499eab540ecfc1d
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 12:31:25 GMT
Content-Security-Policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
require-corp
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
5037
X-XSS-Protection
0
X-Request-ID
a6e5e492ac9a4f2ecf522f164ac3010b
Referrer-Policy
no-referrer
Last-Modified
Tue, 20 Feb 2024 08:55:03 GMT
Cross-Origin-Opener-Policy
same-origin
ETag
W/"13ad-18dc5b9c658"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Origin-Agent-Cluster
?1
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;500;600&display=swap

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| jsonlint function| _typeof function| $ function| jQuery function| Popper object| bootstrap object| feather function| PerfectScrollbar function| CodeMirror function| Dropzone function| default object| Flot function| Color function| Chart function| Vue function| moment function| Cleave function| daterangepicker function| _hookHandlebars function| _processUrlTemplate function| _loadDataTables function| _hookWizardNavigation function| doWizardNavigation function| _hookSelects function| _hookSelect function| _hookSelectWithFilter function| _populateSelect function| _hookModals function| _fetchDataFromUrl function| clearForm function| submitForm function| submitFormClassic function| _collectFormFields function| _collectSelect function| _collectInput function| _requiredGroupByType function| _requiredCheckboxGroup function| populateDataTable function| reloadDataTable function| deleteRows function| confirmDeleteRows function| _buildFilter function| _qs function| _resolve function| _showAlert function| _switchCSSFile function| setCookie function| getCookie function| eraseCookie function| deleteCookie

1 Cookies

Domain/Path Name / Value
selfservice.beta.openbanking.sa/ Name: connect.sid
Value: s%3AT20TaUGI6VrB0ITyx4FqI69fOo4V6dMf.kCVQD7jcamZdyG4jVVkINmowJK%2FBljkhlLIY49C96A0

3 Console Messages

Source Level URL
Text
network error URL: https://selfservice.beta.openbanking.sa/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://selfservice.beta.openbanking.sa/perry/user/index
Message:
Refused to load the stylesheet 'https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;500;600&display=swap' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-eval' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
network error URL: https://selfservice.beta.openbanking.sa/images/auth-bg.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googletagmanager.com;style-src 'self' 'unsafe-eval' 'unsafe-inline';font-src 'self' *.googletagmanager.com;default-src 'self';base-uri 'self';block-all-mixed-content;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0