urlscan.io logo urlscan.io
SecurityTrails logo

alfursan.saudia.com Open in urlscan Pro
107.154.80.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://alfursan.saudia.com/ar/retro-claims
Effective URL: https://alfursan.saudia.com/ar/retro-claims
Submission: On December 10 via api from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 107.154.80.237, located in United States and belongs to INCAPSULA, US. The main domain is alfursan.saudia.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on November 14th 2023. Valid for: 6 months.
This is the only time alfursan.saudia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 107.154.80.237 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 43.159.107.100 139341 (ACE-AS-AP...)
3 2600:9000:225... 16509 (AMAZON-02)
19 5
13    107.154.80.237 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.80.237.ip.incapdns.net
alfursan.saudia.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    43.159.107.100 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
api.geetest.com
3    2600:9000:2250:d800:1:fa24:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.geetest.com
Apex Domain
Subdomains		 Transfer
13 saudia.com
alfursan.saudia.com
189 KB
5 geetest.com
api.geetest.com — Cisco Umbrella Rank: 80461
static.geetest.com — Cisco Umbrella Rank: 42247
93 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
19 4
Domain Requested by
13 alfursan.saudia.com 1 redirects alfursan.saudia.com
3 static.geetest.com alfursan.saudia.com
static.geetest.com
2 api.geetest.com alfursan.saudia.com
static.geetest.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com alfursan.saudia.com
19 5

This site contains no links.

Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-14 -
2024-05-12		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.geetest.com
GeoTrust TLS RSA CA G1		 2023-03-28 -
2024-04-26		 a year crt.sh

This page contains 3 frames:

Primary Page: https://alfursan.saudia.com/ar/retro-claims
Frame ID: AD03B55EF799666EF389FD510153A184
Requests: 6 HTTP requests in this frame

Frame: https://alfursan.saudia.com/_Incapsula_Resource?CWUDNSAI=42&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%2021%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B10%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373241180497736&edet=10&cinfo=0e0000006a22&rpinfo=0&mth=GET
Frame ID: 045AEAF44C44005026519A361C8FC84E
Requests: 3 HTTP requests in this frame

Frame: https://alfursan.saudia.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%20634%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373571892979528&edet=12&cinfo=0e0000006a22&rpinfo=0&cts=Mtqlne6sXiVf9tEdNCZb%2f%2frF%2bU07D6nY1s%2f5U9SpLPLLh9AANQPOQn92nPH%2fWd%2ba&mth=GET
Frame ID: 91BCC14D8BA5F9213898923D7655E689
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://alfursan.saudia.com/ar/retro-claims HTTP 301
    https://alfursan.saudia.com/ar/retro-claims Page URL
  2. https://alfursan.saudia.com/ar/retro-claims Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

330 kB
Transfer

1067 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://alfursan.saudia.com/ar/retro-claims HTTP 301
    https://alfursan.saudia.com/ar/retro-claims Page URL
  2. https://alfursan.saudia.com/ar/retro-claims Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://alfursan.saudia.com/ar/retro-claims HTTP 301
  • https://alfursan.saudia.com/ar/retro-claims

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
retro-claims
alfursan.saudia.com/ar/
Redirect Chain
  • http://alfursan.saudia.com/ar/retro-claims
  • https://alfursan.saudia.com/ar/retro-claims
863 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/ar/retro-claims
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
/
Resource Hash
c77a4c655c888d86232dbe779b103872a1fe9d9bd02e20d259842ee6acca90d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
863
content-type
text/html
x-iinfo
8-97631049-0 NNNN RT(1702230091907 21) q(0 -1 -1 0) r(0 -1) B10(14,0,0) U18

Redirect headers

Connection
close
Content-Length
0
Location
https://alfursan.saudia.com/ar/retro-claims
_Incapsula_Resource
alfursan.saudia.com/ 		142 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/ar/retro-claims
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
/
Resource Hash
6deadfa5c75bdc4c5f2ac240d29c2703eb358bdebc699b32059b95c58796d6b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/ar/retro-claims
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20489
content-type
application/javascript
_Incapsula_Resource
alfursan.saudia.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alfursan.saudia.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8012863010328282
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/ar/retro-claims
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/ar/retro-claims
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
_Incapsula_Resource
alfursan.saudia.com/ Frame 045A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/_Incapsula_Resource?CWUDNSAI=42&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%2021%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B10%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373241180497736&edet=10&cinfo=0e0000006a22&rpinfo=0&mth=GET
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/ar/retro-claims
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
/
Resource Hash
84ed0b4f86ca7108896bac08bf651ab35eab6fa78f0747e383de5348312573b2

Request headers

Referer
https://alfursan.saudia.com/ar/retro-claims
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
1322
content-type
text/html
x-robots-tag
noindex
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ Frame 045A 		227 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/ddres-to-their-dyde-dare-pleance-and-suffe-She-s
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/_Incapsula_Resource?CWUDNSAI=42&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%2021%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B10%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373241180497736&edet=10&cinfo=0e0000006a22&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
bon /
Resource Hash
7354545172f33960020d69c3db2f8cad2dfce391fd3815f358bfe596ce1505cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/_Incapsula_Resource?CWUDNSAI=42&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%2021%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B10%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373241180497736&edet=10&cinfo=0e0000006a22&rpinfo=0&mth=GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 17:41:31 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
text/javascript
access-control-allow-origin
*
x-iinfo
8-97631049-97631066 NNNN CT(5 3 0) RT(1702230091907 172) q(0 0 0 -1) r(1 1)
cache-control
max-age=0
server-timing
bon, total;dur=20.848997
content-length
73584
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ Frame 045A 		794 B
880 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/ddres-to-their-dyde-dare-pleance-and-suffe-She-s?d=alfursan.saudia.com
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/ddres-to-their-dyde-dare-pleance-and-suffe-She-s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
bon /
Resource Hash
6c7d99fae32e4d300e6e07ccb6769db59b3bf088d19cf9acb7cbf942f28b2dff

Request headers

Accept
application/json; charset=utf-8
Referer
https://alfursan.saudia.com/_Incapsula_Resource?CWUDNSAI=42&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%2021%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B10%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373241180497736&edet=10&cinfo=0e0000006a22&rpinfo=0&mth=GET
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Sun, 10 Dec 2023 17:41:32 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
application/json
access-control-allow-origin
*
x-iinfo
8-97631049-97631066 PNYN RT(1702230091907 565) q(0 0 0 -1) r(1 1) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=40.576385
Primary Request retro-claims
alfursan.saudia.com/ar/ 		916 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/ar/retro-claims
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/_Incapsula_Resource?CWUDNSAI=42&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%2021%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B10%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373241180497736&edet=10&cinfo=0e0000006a22&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
/
Resource Hash
aed62e02d7cf314b52799e9d909fa86b2d2edd2946774395daf139cd491a2a37

Request headers

Referer
https://alfursan.saudia.com/ar/retro-claims
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
916
content-type
text/html
x-iinfo
8-97631049-0 NNNN RT(1702230091907 634) q(0 -1 -1 -1) r(0 -1) B12(14,0,0) U18
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ 		227 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/ddres-to-their-dyde-dare-pleance-and-suffe-She-s
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/ar/retro-claims
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
/
Resource Hash
7354545172f33960020d69c3db2f8cad2dfce391fd3815f358bfe596ce1505cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/ar/retro-claims
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 17:41:32 GMT
content-encoding
gzip
x-cdn
Imperva
etag
"04104b71"
content-type
text/javascript
x-iinfo
8-97631049-0 0CNN RT(1702230091907 675) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
73584
_Incapsula_Resource
alfursan.saudia.com/ Frame 91BC 		56 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%20634%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373571892979528&edet=12&cinfo=0e0000006a22&rpinfo=0&cts=Mtqlne6sXiVf9tEdNCZb%2f%2frF%2bU07D6nY1s%2f5U9SpLPLLh9AANQPOQn92nPH%2fWd%2ba&mth=GET
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/ar/retro-claims
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
/
Resource Hash
aa86b858ef16e1ed5cf510e4442f6f4ac819f853617f21973cad82a3758e574b

Request headers

Referer
https://alfursan.saudia.com/ar/retro-claims
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
17579
content-type
text/html
x-robots-tag
noindex
css2
fonts.googleapis.com/ Frame 91BC 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%20634%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373571892979528&edet=12&cinfo=0e0000006a22&rpinfo=0&cts=Mtqlne6sXiVf9tEdNCZb%2f%2frF%2bU07D6nY1s%2f5U9SpLPLLh9AANQPOQn92nPH%2fWd%2ba&mth=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17ca32753494d3b38f3ed739665bbac027952892571f8ada82f44c88ed7ff965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Dec 2023 17:41:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Dec 2023 15:51:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Dec 2023 17:41:32 GMT
_Incapsula_Resource
alfursan.saudia.com/ Frame 91BC 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/_Incapsula_Resource?NWFURVBO=js/gt.js
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%20634%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373571892979528&edet=12&cinfo=0e0000006a22&rpinfo=0&cts=Mtqlne6sXiVf9tEdNCZb%2f%2frF%2bU07D6nY1s%2f5U9SpLPLLh9AANQPOQn92nPH%2fWd%2ba&mth=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
/
Resource Hash
add1840190041b98d2c3facdfc43ac873a2e7c759fe62034e5d984172acee5bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%20634%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373571892979528&edet=12&cinfo=0e0000006a22&rpinfo=0&cts=Mtqlne6sXiVf9tEdNCZb%2f%2frF%2bU07D6nY1s%2f5U9SpLPLLh9AANQPOQn92nPH%2fWd%2ba&mth=GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 17:41:32 GMT
cache-control
max-age=86400
content-encoding
gzip
etag
"8a4c0d715e79b5ec"
content-length
2437
content-type
application/javascript
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ 		794 B
853 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/ddres-to-their-dyde-dare-pleance-and-suffe-She-s?d=alfursan.saudia.com
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/ddres-to-their-dyde-dare-pleance-and-suffe-She-s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
bon /
Resource Hash
0b38e7766e8268dd45be2ca0fb9c749b1b9aa79ee2a3c457d6c36ccd6613fed2

Request headers

Accept
application/json; charset=utf-8
Referer
https://alfursan.saudia.com/ar/retro-claims
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Sun, 10 Dec 2023 17:41:32 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
application/json
access-control-allow-origin
*
x-iinfo
8-97631049-97631066 PNYN RT(1702230091907 728) q(0 0 0 -1) r(0 0) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=0.38364699999999996
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 91BC 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://alfursan.saudia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:52:23 GMT
x-content-type-options
nosniff
age
172149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 17:52:23 GMT
_Incapsula_Resource
alfursan.saudia.com/ Frame 91BC 		126 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://alfursan.saudia.com/_Incapsula_Resource?SWCNGEEC=Mtqlne6sXiVf9tEdNCZb%2f%2frF%2bU07D6nY1s%2f5U9SpLPLLh9AANQPOQn92nPH%2fWd%2ba
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%20634%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373571892979528&edet=12&cinfo=0e0000006a22&rpinfo=0&cts=Mtqlne6sXiVf9tEdNCZb%2f%2frF%2bU07D6nY1s%2f5U9SpLPLLh9AANQPOQn92nPH%2fWd%2ba&mth=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.237 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.237.ip.incapdns.net
Software
/
Resource Hash
e1c9acee60b6a6e1a9057dc282daa4a00a16041414802a834e6f9278091556a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%20634%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373571892979528&edet=12&cinfo=0e0000006a22&rpinfo=0&cts=Mtqlne6sXiVf9tEdNCZb%2f%2frF%2bU07D6nY1s%2f5U9SpLPLLh9AANQPOQn92nPH%2fWd%2ba&mth=GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
126
content-type
application/json
gettype.php
api.geetest.com/ Frame 91BC 		465 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.geetest.com/gettype.php?gt=f2ae6cadcf7886856696502e1d55e00c&callback=geetest_1702230099215
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/_Incapsula_Resource?NWFURVBO=js/gt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.159.107.100 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
6da71578dbee8279e780c8dd442651959beeb04fdef288ecc1bb83b06030ed92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 17:41:36 GMT
server
nginx
eo-cache-status
MISS
etag
"1fc1a8acf6632099bbd38b31abb4670eab84f2b0"
content-type
text/javascript;charset=UTF-8
cache-control
must-revalidate, no-cache, no-store
eo-log-uuid
6156874238021145282
content-length
465
expires
0
fullpage.9.1.9-r8k4eq.js
static.geetest.com/static/js/ Frame 91BC 		300 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/static/js/fullpage.9.1.9-r8k4eq.js
Requested by
Host: alfursan.saudia.com
URL: https://alfursan.saudia.com/_Incapsula_Resource?NWFURVBO=js/gt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d800:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
6fed8c675558304245621695feb3d23ae0e7ad4693777e738c11c90ac4bc231b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-oss-object-type
Normal
date
Wed, 06 Dec 2023 15:05:53 GMT
content-encoding
gzip
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-oss-request-id
65708DD017DAE23339154FCD
last-modified
Wed, 06 Dec 2023 15:05:52 GMT
server
AliyunOSS
x-amz-cf-pop
FRA60-P2
age
354943
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-oss-storage-class
Standard
x-amz-cf-id
A-NO_djnyEZbUoIm4tTmCOSaoKFQ2sqEXR9RiolweTPem0RyXmMV8w==
x-oss-server-time
1333
get.php
api.geetest.com/ Frame 91BC 		949 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.geetest.com/get.php?gt=f2ae6cadcf7886856696502e1d55e00c&challenge=ebf9cba344be281f1ec1b3f69a9a33be&lang=de&pt=0&client_type=web&w=DJkNfyYCY9V5pajPilqyh8MDhH(xr8r78amF1MdfL5WWK(onzyWjeH4haInV5Mg6HLrF7lbZEg1pCRb)m6bo4VXxgr97yhouoEiYrSCRvkfb2vPwVxTuO9i5DYoVQS7FB6Rh6iJN3fiC0U9ferjf51SOAdzJu7ZwmkYrIb98gBSL57P47H16onuJCEDBdtLhEBkY)2zY8Sm4gGmvGwSZ82v8VVGO3m9XcFT90EkMJ3(PKuXag3pF6H5yJznZCnan7sBnUUMrKzqg3zZcCw7wBFzO3jzk28FGOR08lngOscOY3G21g5j)GyF6s7o)UCFbWcnwoBkVo5eor5yIp8Seva(VRJciaxDPfNlArMH6ItffNDSSBWYmAETxAYHrHR94l(xtU8EsPLvOf2DXVTuDQlwvhuOq8FaVfHH1kyh(1Gbkyq)Kd40m4ck9QLNCvZuNmyOtufgZtTQVthL5c2to4SAFOKjRKc5iJjf9pQfPQ)ElfIt)ef7Xkpi)3M30LWC0AaNgdTh4GNI(plnHaA8lYdt98))fl4PrnOZHGytRtPFOyTw0WiBl)EzBheCNX3LSEDtM9mFK7XmpONZzAmo1nTtlbkF844U1oo4d1FNtBF70p4vzucmjgjMqPbpVuLKeL3Bt7)t9k2AdRgyBBpTvLOo22BMkavJKa(Y4)0toLaImDqo28ATkYxLBHkg3tLpE(ChyjZDARnsbNpd7lh7OaW3eluXwkssjoBbjd)YvtYW9UBDmCIeWKITrSAxvwDOpw94KI5Bh6tKzieLI71O35o7JH170PSQJfV0VCjVnaMnzHKWALdQHhwF20VKRiPQgXkKqCbJqP3Syd7uKcGn6xfhR(aGuKEVflx1HxrNa2KWJqvpue0gOKCaNtRQmADaV1F(nPPW6FjtssksnIEjT4VfaRQAC2c8QvWxrABhGH5jdB7lmw8Zx75cXuMp6tNw7fJXicoMD4uM3x1xAkKLLBx9DofvYcDuUlCE)fL40YBKzP9SP0JeAC3yGHI1AstbJhoxptC013gjUC0yIdceDJCtfq9Rqqy30dI19YsgPYO)3ezyTSfosHW8x2KffUF3vQ5RHeV5xuT5o5LDUVYl4J0sCYlFPzpulpgTIdGb7ALJtDy8LKmQ2EBcCOCKJ(ilps5le(O9bZrwuZLbkYSbPG9q6YYSeqV0p08JIyxAHGG0.29400271ae6e9b36a2886eb91ef1020cb669bab08d4a27c7f25c8fbb3c41910ce74231f91ac35d08a0a3ecb7e2807c8a103bc188988a90e60794ea6c079279a537613f4b16e5be542d256727564e3d08ce60862ac22ad3e559fee6859ca2cc30efa990cf1af7bd784aa2226224613329b5f3dc712ae0eadf0b4d65fd696b75b9&callback=geetest_1702230096759
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/static/js/fullpage.9.1.9-r8k4eq.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.159.107.100 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
b8c329fdbea92cf57ba1b6825745e5f4f0c22c8ad41bc99e38a7a5fba2a54d4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 17:41:36 GMT
server
nginx
eo-cache-status
MISS
etag
"1612468af1df1abe99cdb2eefc9b3552c286e5dc"
content-type
text/javascript;charset=UTF-8
cache-control
must-revalidate, no-cache, no-store
eo-log-uuid
1991203767582454221
content-length
949
expires
0
style_https.1.5.8.css
static.geetest.com/static/wind/ Frame 91BC 		40 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/static/wind/style_https.1.5.8.css
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/static/js/fullpage.9.1.9-r8k4eq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d800:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://alfursan.saudia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:10:59 GMT
content-encoding
gzip
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Mar 2022 03:04:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
513039
etag
W/"3fb6aacfd5ae2d3894f2f00b0d5f3236"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
pt5527qiD_NYf5vM3YzoUFR-AbZfAkXKox2cMpp18K9fHtwCxiYG6w==
x-amz-meta-mtime
1585034197
sprite.1.5.8.png
static.geetest.com/static/wind/ Frame 91BC 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.geetest.com/static/wind/sprite.1.5.8.png
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/static/wind/style_https.1.5.8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d800:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.geetest.com/static/wind/style_https.1.5.8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 08:19:26 GMT
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Mar 2022 03:04:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
552137
etag
"b83c4eaebfa43a5d1c71d8fa4ccc6539"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3429
x-amz-cf-id
j4JYeTb9gM6IVWh5gLlXKOebEvJ-_qw-TKy7Lw4tJpZA2nFRM20-_w==
x-amz-meta-mtime
1585034201

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| a1_0x324b function| a1_0xfe96 object| reese84 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha

5 Cookies

Domain/Path Name / Value
.saudia.com/ Name: visid_incap_2766175
Value: LTfZLFhZRP+JMPoMT4E4Lkv4dWUAAAAAQUIPAAAAAADT0LQGJ1o6HzI/m/UeLdK3
.saudia.com/ Name: incap_ses_471_2766175
Value: saNdQq0yLUzh0irHblWJBkv4dWUAAAAAQG/b9jnbCpjpBQltysgj/A==
.saudia.com/ Name: reese84
Value: 3:Yd34M5KTmMfF/LrEvqmWRw==:ZktuSBsA435mB1LLRTWCzMTXcKYJsBPQs3i0ZWaSAn0bTE+X3buuX0hE2n3x4V22KZOBCN8B5Us7PaQcgiQhZPIgcZTkU6FAGJ41+jyzoU2eTzxSkn1Auv2/6cXykxMFQltEUIvlTMURBZiIyNj3NwVpjZ7MlW++4sGZRe4BuiRWmKNgL7qIsjALGh/e+jZmh76TVPzO/57E4O6PaFzVX4B1SY8PuIbRR9sR/rr9YYbtL5NMDZ3XMflIfSZONue9J7gavhOZOYfz70cAy5Lq3AFcrHSE+MViCuWpYM/WlxFxbRjA53CYSE+bO9W2Y65mCkZf0X02uIQDWxP/bnZWTGr1Iy1WXWu5lqaF/rS3QIpG/Q5gw2VLqIdRW1huZMv2gYrv3cnMvsRBeHOYcEbd+7Hj6GTxt7rTBAYU8HnL1RKsLTaj+YN4D241WMDRKAdH40n+YbC7obPEI9qolUD3LdronHn44kRokZRBmWILaJFmxNfXzcq1dfruAv4FNA2iqweCqG4XW3EexCLpL//rq8orPZEJ1WyJnFW1GwEHLU6plETlVcN1mz2z8yUqIJ1PKFBPql4+yBtlFEbMw4GdpIOc2ZWIehz+gZC5X1i8GIzhhUA7DoCJ9ikknp2R8BFlPF9mqa5Z0RQ7KplXfAugiA==:lK67smWxRi5ssFno87fTI1lY64OJc/GG/BWdtMT5t/s=
alfursan.saudia.com/ Name: incap_sh_2766175
Value: TPh1ZQAAAAAqJ8wdBgAQzPDXqwY19BljceyedsLEJP4stHgD
.saudia.com/ Name: nlbi_2766175_2147483392
Value: 9mXiUNbFHBlBayKaDVUmrQAAAADyon9XBB8E5HKIHC3mk3/f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alfursan.saudia.com
api.geetest.com
fonts.googleapis.com
fonts.gstatic.com
static.geetest.com
107.154.80.237
2600:9000:2250:d800:1:fa24:cf00:93a1
2a00:1450:4001:813::200a
2a00:1450:4001:830::2003
43.159.107.100
0b38e7766e8268dd45be2ca0fb9c749b1b9aa79ee2a3c457d6c36ccd6613fed2
0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93
17ca32753494d3b38f3ed739665bbac027952892571f8ada82f44c88ed7ff965
6c7d99fae32e4d300e6e07ccb6769db59b3bf088d19cf9acb7cbf942f28b2dff
6da71578dbee8279e780c8dd442651959beeb04fdef288ecc1bb83b06030ed92
6deadfa5c75bdc4c5f2ac240d29c2703eb358bdebc699b32059b95c58796d6b8
6fed8c675558304245621695feb3d23ae0e7ad4693777e738c11c90ac4bc231b
7354545172f33960020d69c3db2f8cad2dfce391fd3815f358bfe596ce1505cc
84ed0b4f86ca7108896bac08bf651ab35eab6fa78f0747e383de5348312573b2
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
aa86b858ef16e1ed5cf510e4442f6f4ac819f853617f21973cad82a3758e574b
add1840190041b98d2c3facdfc43ac873a2e7c759fe62034e5d984172acee5bb
aed62e02d7cf314b52799e9d909fa86b2d2edd2946774395daf139cd491a2a37
b8c329fdbea92cf57ba1b6825745e5f4f0c22c8ad41bc99e38a7a5fba2a54d4c
c77a4c655c888d86232dbe779b103872a1fe9d9bd02e20d259842ee6acca90d2
e1c9acee60b6a6e1a9057dc282daa4a00a16041414802a834e6f9278091556a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855