![](/screenshots/9d92ba7a-9eaf-4431-99f6-b69aa718deb9.png)
alfursan.saudia.com
Open in
urlscan Pro
107.154.80.237
Public Scan
Effective URL: https://alfursan.saudia.com/ar/retro-claims
Submission: On December 10 via api from SA — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on November 14th 2023. Valid for: 6 months.
This is the only time alfursan.saudia.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 107.154.80.237 107.154.80.237 | 19551 (INCAPSULA) (INCAPSULA) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 43.159.107.100 43.159.107.100 | 139341 (ACE-AS-AP...) (ACE-AS-AP ACE) | |
3 | 2600:9000:225... 2600:9000:2250:d800:1:fa24:cf00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
19 | 5 |
ASN19551 (INCAPSULA, US)
PTR: 107.154.80.237.ip.incapdns.net
alfursan.saudia.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
saudia.com
1 redirects
alfursan.saudia.com |
189 KB |
5 |
geetest.com
api.geetest.com — Cisco Umbrella Rank: 80461 static.geetest.com — Cisco Umbrella Rank: 42247 |
93 KB |
1 |
gstatic.com
fonts.gstatic.com |
46 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
1 KB |
19 | 4 |
Domain | Requested by | |
---|---|---|
13 | alfursan.saudia.com |
1 redirects
alfursan.saudia.com
|
3 | static.geetest.com |
alfursan.saudia.com
static.geetest.com |
2 | api.geetest.com |
alfursan.saudia.com
static.geetest.com |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
alfursan.saudia.com
|
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4 |
2023-11-14 - 2024-05-12 |
6 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.geetest.com GeoTrust TLS RSA CA G1 |
2023-03-28 - 2024-04-26 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://alfursan.saudia.com/ar/retro-claims
Frame ID: AD03B55EF799666EF389FD510153A184
Requests: 6 HTTP requests in this frame
Frame:
https://alfursan.saudia.com/_Incapsula_Resource?CWUDNSAI=42&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%2021%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B10%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373241180497736&edet=10&cinfo=0e0000006a22&rpinfo=0&mth=GET
Frame ID: 045AEAF44C44005026519A361C8FC84E
Requests: 3 HTTP requests in this frame
Frame:
https://alfursan.saudia.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=8-97631049-0%20NNNN%20RT%281702230091907%20634%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=471001570313163489-477373571892979528&edet=12&cinfo=0e0000006a22&rpinfo=0&cts=Mtqlne6sXiVf9tEdNCZb%2f%2frF%2bU07D6nY1s%2f5U9SpLPLLh9AANQPOQn92nPH%2fWd%2ba&mth=GET
Frame ID: 91BCC14D8BA5F9213898923D7655E689
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/9d92ba7a-9eaf-4431-99f6-b69aa718deb9.png)
Page URL History Show full URLs
-
http://alfursan.saudia.com/ar/retro-claims
HTTP 301
https://alfursan.saudia.com/ar/retro-claims Page URL
- https://alfursan.saudia.com/ar/retro-claims Page URL
Detected technologies
Detected patterns
- /_Incapsula_Resource
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://alfursan.saudia.com/ar/retro-claims
HTTP 301
https://alfursan.saudia.com/ar/retro-claims Page URL
- https://alfursan.saudia.com/ar/retro-claims Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://alfursan.saudia.com/ar/retro-claims HTTP 301
- https://alfursan.saudia.com/ar/retro-claims
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
retro-claims
alfursan.saudia.com/ar/ Redirect Chain
|
863 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ |
142 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ |
1 B 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame 045A |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ Frame 045A |
227 KB 72 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ Frame 045A |
794 B 880 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
retro-claims
alfursan.saudia.com/ar/ |
916 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ |
227 KB 72 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame 91BC |
56 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ Frame 91BC |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame 91BC |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ddres-to-their-dyde-dare-pleance-and-suffe-She-s
alfursan.saudia.com/ |
794 B 853 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 91BC |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
alfursan.saudia.com/ Frame 91BC |
126 B 153 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gettype.php
api.geetest.com/ Frame 91BC |
465 B 762 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fullpage.9.1.9-r8k4eq.js
static.geetest.com/static/js/ Frame 91BC |
300 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get.php
api.geetest.com/ Frame 91BC |
949 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style_https.1.5.8.css
static.geetest.com/static/wind/ Frame 91BC |
40 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.1.5.8.png
static.geetest.com/static/wind/ Frame 91BC |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| a1_0x324b function| a1_0xfe96 object| reese84 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.saudia.com/ | Name: visid_incap_2766175 Value: LTfZLFhZRP+JMPoMT4E4Lkv4dWUAAAAAQUIPAAAAAADT0LQGJ1o6HzI/m/UeLdK3 |
|
.saudia.com/ | Name: incap_ses_471_2766175 Value: saNdQq0yLUzh0irHblWJBkv4dWUAAAAAQG/b9jnbCpjpBQltysgj/A== |
|
.saudia.com/ | Name: reese84 Value: 3:Yd34M5KTmMfF/LrEvqmWRw==:ZktuSBsA435mB1LLRTWCzMTXcKYJsBPQs3i0ZWaSAn0bTE+X3buuX0hE2n3x4V22KZOBCN8B5Us7PaQcgiQhZPIgcZTkU6FAGJ41+jyzoU2eTzxSkn1Auv2/6cXykxMFQltEUIvlTMURBZiIyNj3NwVpjZ7MlW++4sGZRe4BuiRWmKNgL7qIsjALGh/e+jZmh76TVPzO/57E4O6PaFzVX4B1SY8PuIbRR9sR/rr9YYbtL5NMDZ3XMflIfSZONue9J7gavhOZOYfz70cAy5Lq3AFcrHSE+MViCuWpYM/WlxFxbRjA53CYSE+bO9W2Y65mCkZf0X02uIQDWxP/bnZWTGr1Iy1WXWu5lqaF/rS3QIpG/Q5gw2VLqIdRW1huZMv2gYrv3cnMvsRBeHOYcEbd+7Hj6GTxt7rTBAYU8HnL1RKsLTaj+YN4D241WMDRKAdH40n+YbC7obPEI9qolUD3LdronHn44kRokZRBmWILaJFmxNfXzcq1dfruAv4FNA2iqweCqG4XW3EexCLpL//rq8orPZEJ1WyJnFW1GwEHLU6plETlVcN1mz2z8yUqIJ1PKFBPql4+yBtlFEbMw4GdpIOc2ZWIehz+gZC5X1i8GIzhhUA7DoCJ9ikknp2R8BFlPF9mqa5Z0RQ7KplXfAugiA==:lK67smWxRi5ssFno87fTI1lY64OJc/GG/BWdtMT5t/s= |
|
alfursan.saudia.com/ | Name: incap_sh_2766175 Value: TPh1ZQAAAAAqJ8wdBgAQzPDXqwY19BljceyedsLEJP4stHgD |
|
.saudia.com/ | Name: nlbi_2766175_2147483392 Value: 9mXiUNbFHBlBayKaDVUmrQAAAADyon9XBB8E5HKIHC3mk3/f |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alfursan.saudia.com
api.geetest.com
fonts.googleapis.com
fonts.gstatic.com
static.geetest.com
107.154.80.237
2600:9000:2250:d800:1:fa24:cf00:93a1
2a00:1450:4001:813::200a
2a00:1450:4001:830::2003
43.159.107.100
0b38e7766e8268dd45be2ca0fb9c749b1b9aa79ee2a3c457d6c36ccd6613fed2
0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93
17ca32753494d3b38f3ed739665bbac027952892571f8ada82f44c88ed7ff965
6c7d99fae32e4d300e6e07ccb6769db59b3bf088d19cf9acb7cbf942f28b2dff
6da71578dbee8279e780c8dd442651959beeb04fdef288ecc1bb83b06030ed92
6deadfa5c75bdc4c5f2ac240d29c2703eb358bdebc699b32059b95c58796d6b8
6fed8c675558304245621695feb3d23ae0e7ad4693777e738c11c90ac4bc231b
7354545172f33960020d69c3db2f8cad2dfce391fd3815f358bfe596ce1505cc
84ed0b4f86ca7108896bac08bf651ab35eab6fa78f0747e383de5348312573b2
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
aa86b858ef16e1ed5cf510e4442f6f4ac819f853617f21973cad82a3758e574b
add1840190041b98d2c3facdfc43ac873a2e7c759fe62034e5d984172acee5bb
aed62e02d7cf314b52799e9d909fa86b2d2edd2946774395daf139cd491a2a37
b8c329fdbea92cf57ba1b6825745e5f4f0c22c8ad41bc99e38a7a5fba2a54d4c
c77a4c655c888d86232dbe779b103872a1fe9d9bd02e20d259842ee6acca90d2
e1c9acee60b6a6e1a9057dc282daa4a00a16041414802a834e6f9278091556a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855