chatbot.zatca.gov.sa Open in urlscan Pro
185.117.130.98  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index_PROD.html Show response chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/	649 B 2 KB	737ms 121ms	Document text/html	185.117.130.98 DZIT
General Check archive.org Show headers Download Go to Full URL https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/index_PROD.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.117.130.98 , Saudi Arabia, ASN203378 (DZIT, SA), Reverse DNS chatbot.zatca.gov.sa Software / Resource Hash 6720637c9fb37dc515ab4692fdea73aebee7d19187489ecefbaed8ea8bcc603b Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control max-age=172800 Content-Encoding gzip Content-Length 566 Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/; Content-Type text/html Date Wed, 21 Sep 2022 13:20:18 GMT ETag "14611d8bcbd81:0" Feature-Policy vibrate 'self'; usermedia *; sync-xhr 'self' Last-Modified Sun, 16 Jan 2022 19:09:10 GMT Pragma no-cache Referrer-Policy strict-origin Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	bundle.js Show response chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/build/static/js/	2 MB 413 KB	121ms 121ms	Script application/javascript	185.117.130.98 DZIT
General Check archive.org Show headers Download Go to Full URL https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/build/static/js/bundle.js Requested by Host: chatbot.zatca.gov.sa URL: https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/index_PROD.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.117.130.98 , Saudi Arabia, ASN203378 (DZIT, SA), Reverse DNS chatbot.zatca.gov.sa Software / Resource Hash bc31b462f0bf550d605c5817a1a991ef2fa81ea8250678b897271bd59e1a6bb4 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://chatbot.zatca.gov.sa/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/; Content-Encoding gzip X-Content-Type-Options nosniff Content-Length 421970 X-Xss-Protection 1; mode=block Pragma no-cache Referrer-Policy strict-origin Last-Modified Wed, 22 Jun 2022 09:10:39 GMT X-Frame-Options SAMEORIGIN Date Wed, 21 Sep 2022 13:20:19 GMT Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=172800 Feature-Policy vibrate 'self'; usermedia *; sync-xhr 'self' ETag "8091d0f01786d81:0" Accept-Ranges bytes
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	375ms 27ms	Fetch text/css	172.64.203.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=a076d05399 Requested by Host: chatbot.zatca.gov.sa URL: https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/build/static/js/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.203.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers accept-language de-DE,de;q=0.9 Referer https://chatbot.zatca.gov.sa/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 21 Sep 2022 13:20:20 GMT via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 20445959 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxwnI8n8MWJMU1r3zPdmCdN%2BxtNGHs9eav90j5CTGfHmosAqXf3QwNjJDQrTdmlbte9bniZ%2F7ySFSChoWYdEqI5UZMe1e6WrcL820CyAb6ivxwGbMlN8Qj6DzyUOKrLxYwW2nhHVvg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 x-amz-cf-pop FRA50-C1 cf-ray 74e3190009d49183-FRA access-control-allow-headers fa-kit-token x-amz-cf-id hpjodjP91G4cnpEU_TM3Z8898Fl-B7-NPET-oAdgnRevM2c88e0-Vg==
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 81f0139417e94704c17b77bbec3dfec78f0466ab388a14eb98133369f2b244e0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f05b263e90dcf4f3722b07ee190126f3c7178fe3e9955802495d793c41ee89be Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	467 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1691066af10436821646d7b93c2bcde52f30cbd671d970e26bbe5cc43f1a5a4a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 23754a3dd0a0f7b1f849fd6e70f8473f5555e16fbb91a05fc544171db4dcac98 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	back-g.3f3deab3.png chatbot.zatca.gov.sa/livechat/chat-widget-sample/static/media/	6 KB 6 KB	126ms 126ms	Image text/html	185.117.130.98 DZIT
General Check archive.org Show headers Download Go to Show image Full URL https://chatbot.zatca.gov.sa/livechat/chat-widget-sample/static/media/back-g.3f3deab3.png Requested by Host: chatbot.zatca.gov.sa URL: https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/index_PROD.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.117.130.98 , Saudi Arabia, ASN203378 (DZIT, SA), Reverse DNS chatbot.zatca.gov.sa Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/index_PROD.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Pragma no-cache,no-cache Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/; Content-Encoding gzip X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN Date Wed, 21 Sep 2022 13:20:20 GMT Vary Accept-Encoding Content-Type text/html; charset=utf-8 Cache-Control no-store, no-cache Feature-Policy vibrate 'self'; usermedia *; sync-xhr 'self' Content-Length 2801 X-Xss-Protection 1; mode=block Referrer-Policy strict-origin Expires -1,-1
GET H/1.1	200 OK	alfont_com_SomarGX.89ecd99c.ttf chatbot.zatca.gov.sa/livechat/chat-widget-sample/static/media/	6 KB 4 KB	134ms 134ms	Font text/html	185.117.130.98 DZIT
General Check archive.org Show headers Download Go to Full URL https://chatbot.zatca.gov.sa/livechat/chat-widget-sample/static/media/alfont_com_SomarGX.89ecd99c.ttf Requested by Host: chatbot.zatca.gov.sa URL: https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/index_PROD.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.117.130.98 , Saudi Arabia, ASN203378 (DZIT, SA), Reverse DNS chatbot.zatca.gov.sa Software / Resource Hash 198035c16988f02860c543909cb9d3b613843e164144ea2d37dc91adbb160fa8 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/index_PROD.html Origin https://chatbot.zatca.gov.sa accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Pragma no-cache,no-cache Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/; Content-Encoding gzip X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN Date Wed, 21 Sep 2022 13:20:20 GMT Vary Accept-Encoding Content-Type text/html; charset=utf-8 Cache-Control no-store, no-cache Feature-Policy vibrate 'self'; usermedia *; sync-xhr 'self' Content-Length 2803 X-Xss-Protection 1; mode=block Referrer-Policy strict-origin Expires -1,-1
GET H/1.1	200 OK	ArbFONTS-Somar-Regular.ba698be4.otf chatbot.zatca.gov.sa/livechat/chat-widget-sample/static/media/	59 KB 60 KB	137ms 137ms	Font application/x-font-otf	185.117.130.98 DZIT
General Check archive.org Show headers Download Go to Full URL https://chatbot.zatca.gov.sa/livechat/chat-widget-sample/static/media/ArbFONTS-Somar-Regular.ba698be4.otf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.117.130.98 , Saudi Arabia, ASN203378 (DZIT, SA), Reverse DNS chatbot.zatca.gov.sa Software / Resource Hash 7a04f1b083a3358136d52fef96a48ab861a214500f667242ca38d744401a8be1 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/index_PROD.html Origin https://chatbot.zatca.gov.sa accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Pragma no-cache Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/; X-Content-Type-Options nosniff Last-Modified Wed, 20 Oct 2021 12:35:52 GMT ETag "89943e5afc5d71:0" X-Frame-Options SAMEORIGIN Content-Type application/x-font-otf X-Xss-Protection 1; mode=block Cache-Control no-store, no-cache Feature-Policy vibrate 'self'; usermedia *; sync-xhr 'self' Accept-Ranges bytes Content-Length 60664 Date Wed, 21 Sep 2022 13:20:20 GMT Referrer-Policy strict-origin Expires -1

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| setImmediate function| clearImmediate object| regeneratorRuntime string| baseURL object| FontAwesomeKitConfig object| __core-js_shared__ object| appComponent

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			chatbot.zatca.gov.sa/	1969-12-31 23:59:59	Name: GZ Value: !ut9rqD7E/reJ9sXqHtOvZgUiJdQpi3IHU6jKo1Jp4qAGZ+kUpKoYC6uGi2awLn9a7QD6rEPLdBZV7+Z7Tn9RjiJbAPVEU2Gd0FsCMMnCaj4=
			chatbot.zatca.gov.sa/	1970-01-20 06:10:52	Name: sessionId Value: 0.25647532348873137
			chatbot.zatca.gov.sa/	1970-01-20 06:09:26	Name: live Value: true
			chatbot.zatca.gov.sa/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: rtDotjyaaR4nG3j_aq84btKvrryxYqcd5CNDo-yugeshKxUN8-xpQcRbsjQCqC07LZFCydiaZgYyvvGJxdSdYQcZ6bc1
			.chatbot.zatca.gov.sa/	1969-12-31 23:59:59	Name: TS0106976f Value: 01bd12b6bd2a6ebd427dcc3c350a88eebb39392a622a06e0c78ee3029b58e91655df694b50c4bc35ac59e02fb40494d03f6e76103b44b81a56badb5ad8aed3dcf70a91ace4d931f8282ad4f116162c6163643ae7c72414365dd175ec610b340dcbeaa9bed7

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'usermedia'.
other	warning	URL: https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/index_PROD.html Message: Failed to decode downloaded font: https://chatbot.zatca.gov.sa/livechat/chat-widget-sample/static/media/alfont_com_SomarGX.89ecd99c.ttf
other	warning	URL: https://chatbot.zatca.gov.sa/maker/GaztProd/Main/ar/index_PROD.html Message: OTS parsing error: invalid sfntVersion: 1008813135

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';frame-ancestors 'self' https://login.gazt.gov.sa/ https://zatca.gov.sa/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chatbot.zatca.gov.sa
ka-f.fontawesome.com
172.64.203.28
185.117.130.98
1691066af10436821646d7b93c2bcde52f30cbd671d970e26bbe5cc43f1a5a4a
198035c16988f02860c543909cb9d3b613843e164144ea2d37dc91adbb160fa8
23754a3dd0a0f7b1f849fd6e70f8473f5555e16fbb91a05fc544171db4dcac98
6720637c9fb37dc515ab4692fdea73aebee7d19187489ecefbaed8ea8bcc603b
7a04f1b083a3358136d52fef96a48ab861a214500f667242ca38d744401a8be1
81f0139417e94704c17b77bbec3dfec78f0466ab388a14eb98133369f2b244e0
bc31b462f0bf550d605c5817a1a991ef2fa81ea8250678b897271bd59e1a6bb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f05b263e90dcf4f3722b07ee190126f3c7178fe3e9955802495d793c41ee89be
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda