secure.paytabs.sa Open in urlscan Pro
2606:4700:10::6816:4ad1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-eu.mimecast.com/s/xLm_C0Vojf2ZQWKUwDWWB?domain=url5533.paytabs.com
Effective URL:
https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
Submission: On January 12 via manual (January 12th 2022, 4:51:48 pm UTC) from LB — Scanned from GB

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2606:4700:10::6816:4ad1, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.paytabs.sa.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 7th 2021. Valid for: a year.

This is the only time secure.paytabs.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	195.130.217.73 195.130.217.73	42427 (MIMECAST-UK) (MIMECAST-UK)
1 1	167.89.115.56 167.89.115.56	11377 (SENDGRID) (SENDGRID)
1 1	2606:4700:303... 2606:4700:3032::6815:5c7b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:10:... 2606:4700:10::6816:4ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

2 195.130.217.73 (United Kingdom) 2 redirects

ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com

protect-eu.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.89.115.56 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net

url5533.paytabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5c7b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pytb.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:4ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.paytabs.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	paytabs.sa secure.paytabs.sa	114 KB
2	mimecast.com 2 redirects protect-eu.mimecast.com — Cisco Umbrella Rank: 30374	2 KB
1	pytb.io 1 redirects pytb.io	1 KB
1	paytabs.com 1 redirects url5533.paytabs.com	229 B
11	4

	Domain	Requested by
11	secure.paytabs.sa	secure.paytabs.sa
2	protect-eu.mimecast.com	2 redirects
1	pytb.io	1 redirects
1	url5533.paytabs.com	1 redirects
11	4

This site contains no links.

Subject Issuer	Validity	Valid
*.paytabs.sa Sectigo RSA Domain Validation Secure Server CA	`2021-10-07` - `2022-10-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
Frame ID: 2D8E967669FD35E438D7028865A8B0C7
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Four Seasons- RIY | Invoice

Page URL History Show full URLs

https://protect-eu.mimecast.com/s/xLm_C0Vojf2ZQWKUwDWWB?domain=url5533.paytabs.com HTTP 307
https://protect-eu.mimecast.com/redirect/eNqtVGlv4kgQ_SuRPwfSp49ojyE3Owm5YBJYVqiPMnbwhbudQEb579uGZCeTGWm_DAL... HTTP 307
http://url5533.paytabs.com/ls/click?upn=x4Kgj9kOP4L85G59rtzk4UJWZmqABqBhYbYT9EY-2F-2Fen13uvf3AoHyyTgC0c... HTTP 302
https://pytb.io/l/8k3mNXNw HTTP 302
https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

1
IPs

2
Countries

114 kB
Transfer

491 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-eu.mimecast.com/s/xLm_C0Vojf2ZQWKUwDWWB?domain=url5533.paytabs.com HTTP 307
https://protect-eu.mimecast.com/redirect/eNqtVGlv4kgQ_SuRPwfSp49ojyE3Owm5YBJYVqiPMnbwhbudQEb579uGZCeTGWm_DALJVdVVvH6u9756taqst--JJAfd1aJ-Sk3yySYQp7Wx87psqq4qc2_Xy0rl7eNdrwYFaWVtmoOLfYYjFEUoQAi5mhtFdj1hrVBJWsSlm_x1-hrnUFgz9fb_dpk4zWAgcnDh1JOlXncTm0-93alnEoG3WRZAFAaUSYIJRyQWECmKIYIAgDIVhL7AktO3LsL9TR9wLTRlIYeAEeZT4cuI-ICAYvcJsNREagE6EjTCQaT9iEVCSyxioiihaDMv13wzDMc-xTFDPtdBGBCCY6QlcBohIbQSsDlcl6W9_dUAHL3DdbUlyMLKTvccQ9n2sulzmw9Cgl52P5Jpa1GYPDUmLYsuvHW8kcoFUgyITyFAkSIgiApkpClm3NexrxzbIddUfSSVUh4TBzKOOdeglQJBGRU8pFwKRRggTonSIZKhABlroWSMASQKCYsQqO9IjSkD3w0LpABMhVJSMscsx4RR9w_hz0j9NQDek5qDMWIO0706ViEhHWMbKUG_Z5i4mS__vLjl16lb-1Yn_cJFVaq9fT90D8Jpwjv0cQ_73BXE5sxhAmoxujnfJtx7cLmeUi40uTCJiyIRxEEgQiEDIlDs1iMQJA6A-1HkMxUTHmKmmWxbCl27jqKsocrWnyqxtkKaV02aRj5sQD2WqYL9nZOyqXduQZiyMJ2dm_7YnbG5vSibwiH2moWFOm-Btqr_pk93t7RK38mzeNumXmsLO0dbW9hQA7lIs03tfyxjc1qX7nixXcwfD2y5BdPS6RTOqY9payPtnb-h-w_MD7f7AOgnHH0E8bGUVluZs6gbkG6AuhHb5JPS2E2lxN3K1k5qfve73pcts4NSOxf0EApcnFbu8f0ol8vNvL2d95vsNwcTItnt1R0Lkss7Ns4u73uf5lBWpe6kJreV7uAO-qNt2q6mNa6RIEJQaxzOhBghYejqTZ25SmJttT_dm-65kHNKvwO4l5npnspStfizqYrfV-zz_CFaXF6x85Cf8qi2zws2-utuki97B8uDZCzHw-h43CEn7gsFps1jTHvl2Xo9nB8iFT7frOmgKdTsS3KEhmCWh1-adI3TFS7Ow_7tw_FypOhtvLo_qynQx4GM759U0piDsglPJ-LZTWWoOC7jJz0-H100FxNqcH1xckvL8XFZL_PT3vOjuRs4MVwNV-cT6tPsYVVcn_YfED9PaTGn99qghOf6xs2au99NwPRBLxw1kyPLHsWqz1N2cOHfDGlzjRcl-iLWx2Rw3xw_gnlSlWwxXA9vwucTkqbqqkCjo5P0adQhB_D54SQNTbMGlg0ueX2W-TqYZPPhYtk3ZCnnHXrU7mmr7flMdWDWLBCecT571Jx3wtmrAcy278qVMJq9aq3jVqPDGXPlMAqxGzNvNgtx3TeD1V2fDiZwdLHM2NlqlrG5q6vG2DKHWm1X65u51DDfeklVl9a5UQeabutoShi78YOXfwFZ3Wt4 HTTP 307
http://url5533.paytabs.com/ls/click?upn=x4Kgj9kOP4L85G59rtzk4UJWZmqABqBhYbYT9EY-2F-2Fen13uvf3AoHyyTgC0c8zRy3Nunc_VhD0TesqCVuiy1ix1nL8ISjEqUc3SfxXHr3e3vNbfXwchusBou8GZaz-2F40nEofwdYLUMuMZ3s1rMFS3oYEorqmGAzvsWNa0fPTxLZ363ljxnQGIj05Li3ng3Xds0h5mdR-2Fg-2FR74dBA8UuZDt4vaxI5i4BM6RT3uQ1ko0VayE2NXuEveswcpbz-2FQTR8zF2iicPn0UDFiwU-2BeKjFi8suye4lNO5rHl6d7ZlgTkqIs2qbg-3D HTTP 302
https://pytb.io/l/8k3mNXNw HTTP 302
https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 131F8F7647BB4F61A5501FC169AFD29C Show response
secure.paytabs.sa/payment/request/invoice/1260538/
Redirect Chain

https://protect-eu.mimecast.com/s/xLm_C0Vojf2ZQWKUwDWWB?domain=url5533.paytabs.com
https://protect-eu.mimecast.com/redirect/eNqtVGlv4kgQ_SuRPwfSp49ojyE3Owm5YBJYVqiPMnbwhbudQEb579uGZCeTGWm_DALJVdVVvH6u9756taqst--JJAfd1aJ-Sk3yySYQp7Wx87psqq4qc2_Xy0rl7eNdrwYFaWVtmoOLfYYjFEUoQAi5mhtF...
http://url5533.paytabs.com/ls/click?upn=x4Kgj9kOP4L85G59rtzk4UJWZmqABqBhYbYT9EY-2F-2Fen13uvf3AoHyyTgC0c8zRy3Nunc_VhD0TesqCVuiy1ix1nL8ISjEqUc3SfxXHr3e3vNbfXwchusBou8GZaz-2F40nEofwdYLUMuMZ3s1rMFS3oYE...
https://pytb.io/l/8k3mNXNw
https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C

6 KB
2 KB

642ms
459ms

Document
text/html

2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79276a73a817222bd7c09f7b2ee76b719db65fdde90a644f6c79552ad492dd3b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src ; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Wed, 12 Jan 2022 16:51:42 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.paytabs.sa; img-src https: data:; style-src 'self' *.paytabs.sa 'unsafe-inline'; script-src 'self' *.paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.paytabs.sa; frame-src *; child-src 'self' *.paytabs.sa;
permissions-policy: interest-cohort=()
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cc7e41def787741-LHR
content-encoding: gzip

Redirect headers

date: Wed, 12 Jan 2022 16:51:42 GMT
content-type: text/html; charset=UTF-8
location: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
cache-control: no-cache, private
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBiQcdxet5uZ6G5v3XBMNRJoQVOX8b2d9c20SNTBH26t1n4kCRqUe5DfMrnoFq8mpwyh6jsSUVqB5xjks9cl0kOPnaVM2tBoIxSO%2FbL7VsU7OFr%2B%2BLOaKaUgPVSMuD73XW%2BRQ2D5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cc7e417ab7d76c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 font-awesome.min.css
secure.paytabs.sa/hpp/css/ 58 KB
13 KB 598ms
598ms Stylesheet
text/css 2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.paytabs.sa/hpp/css/font-awesome.min.css

Requested by

Host: secure.paytabs.sa
URL: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src 'self' .paytabs.sa; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 23 Nov 2021 02:50:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
cache-control: private, max-age=3600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' *.paytabs.sa; img-src https: data:; style-src 'self' *.paytabs.sa 'unsafe-inline'; script-src 'self' *.paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.paytabs.sa; frame-src 'self' *.paytabs.sa; child-src 'self' *.paytabs.sa;
cf-ray: 6cc7e420ef567741-LHR
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 paytabs-paypage.min.css
secure.paytabs.sa/hpp/css/ 171 KB
27 KB 691ms
690ms Stylesheet
text/css 2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.paytabs.sa/hpp/css/paytabs-paypage.min.css

Requested by

Host: secure.paytabs.sa
URL: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9ec7a0422ca2a555183d86c29b6a307bfff47ac189dca46486badc0a3fbaf30

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src 'self' .paytabs.sa; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 11 Jan 2022 15:05:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
cache-control: private, max-age=3600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' *.paytabs.sa; img-src https: data:; style-src 'self' *.paytabs.sa 'unsafe-inline'; script-src 'self' *.paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.paytabs.sa; frame-src 'self' *.paytabs.sa; child-src 'self' *.paytabs.sa;
cf-ray: 6cc7e420ef5a7741-LHR
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 paylib.js Show response
secure.paytabs.sa/payment/ 42 KB
8 KB 603ms
602ms Script
application/javascript 2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.paytabs.sa/payment/paylib.js?v=

Requested by

Host: secure.paytabs.sa
URL: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4893b91ef53539845224e86b205f38a289dc1f014ca72a3a5f25e5314c1b9ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src ; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: private, max-age=3600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' *.paytabs.sa; img-src https: data:; style-src 'self' *.paytabs.sa 'unsafe-inline'; script-src 'self' *.paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.paytabs.sa; frame-src *; child-src 'self' *.paytabs.sa;
cf-ray: 6cc7e420ef5c7741-LHR
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 hpp.js Show response
secure.paytabs.sa/payment/ 34 KB
6 KB 511ms
510ms Script
application/javascript 2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.paytabs.sa/payment/hpp.js?v=

Requested by

Host: secure.paytabs.sa
URL: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ed6f200de7f0fb5cf66566f543302d98ff92f45892a123b8a82a30351aa741

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src ; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: private, max-age=3600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' *.paytabs.sa; img-src https: data:; style-src 'self' *.paytabs.sa 'unsafe-inline'; script-src 'self' *.paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.paytabs.sa; frame-src *; child-src 'self' *.paytabs.sa;
cf-ray: 6cc7e420ef5d7741-LHR
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 logo-default.png
secure.paytabs.sa/hpp/images/ 2 KB
2 KB 422ms
422ms Image
image/png 2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.paytabs.sa/hpp/images/logo-default.png

Requested by

Host: secure.paytabs.sa
URL: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76f32e93b901db2baf2eb6a076e06538993a11f00ccef643b0eef12abcefa652

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src 'self' .paytabs.sa; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:51:43 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 1772
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Nov 2021 02:50:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: private, max-age=3600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' *.paytabs.sa; img-src https: data:; style-src 'self' *.paytabs.sa 'unsafe-inline'; script-src 'self' *.paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.paytabs.sa; frame-src 'self' *.paytabs.sa; child-src 'self' *.paytabs.sa;
accept-ranges: bytes
cf-ray: 6cc7e4254aa37741-LHR

GET
H2 200 email-decode.min.js Show response
secure.paytabs.sa/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
808 B 25ms
25ms Script
application/javascript 2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.paytabs.sa/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: secure.paytabs.sa
URL: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 Jan 2022 15:17:54 GMT
server: cloudflare
etag: W/"61d5b6a2-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6cc7e424b91b7741-LHR
vary: Accept-Encoding
expires: Fri, 14 Jan 2022 16:51:43 GMT

GET
H2 200 jquery.min.js Show response
secure.paytabs.sa/hpp/js/ 87 KB
30 KB 589ms
589ms Script
application/javascript 2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.paytabs.sa/hpp/js/jquery.min.js

Requested by

Host: secure.paytabs.sa
URL: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src 'self' .paytabs.sa; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Thu, 09 Dec 2021 14:35:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: private, max-age=3600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' *.paytabs.sa; img-src https: data:; style-src 'self' *.paytabs.sa 'unsafe-inline'; script-src 'self' *.paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.paytabs.sa; frame-src 'self' *.paytabs.sa; child-src 'self' *.paytabs.sa;
cf-ray: 6cc7e424d96b7741-LHR
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.bundle.min.js Show response
secure.paytabs.sa/hpp/js/ 81 KB
22 KB 633ms
632ms Script
application/javascript 2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.paytabs.sa/hpp/js/bootstrap.bundle.min.js

Requested by

Host: secure.paytabs.sa
URL: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src 'self' .paytabs.sa; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://secure.paytabs.sa/payment/request/invoice/1260538/131F8F7647BB4F61A5501FC169AFD29C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 11 Jan 2022 15:05:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: private, max-age=3600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' *.paytabs.sa; img-src https: data:; style-src 'self' *.paytabs.sa 'unsafe-inline'; script-src 'self' *.paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.paytabs.sa; frame-src 'self' *.paytabs.sa; child-src 'self' *.paytabs.sa;
cf-ray: 6cc7e4254a707741-LHR
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 header.svg
secure.paytabs.sa/hpp/images/ 4 KB
2 KB 453ms
453ms Image
image/svg+xml 2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.paytabs.sa/hpp/images/header.svg

Requested by

Host: secure.paytabs.sa
URL: https://secure.paytabs.sa/hpp/css/paytabs-paypage.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82d2468ef8052a1beae571e81bbaf75a5664233f0d6605cf688da7bbb3405dfb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src 'self' .paytabs.sa; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://secure.paytabs.sa/hpp/css/paytabs-paypage.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 23 Nov 2021 02:50:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: private, max-age=3600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' *.paytabs.sa; img-src https: data:; style-src 'self' *.paytabs.sa 'unsafe-inline'; script-src 'self' *.paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.paytabs.sa; frame-src 'self' *.paytabs.sa; child-src 'self' *.paytabs.sa;
cf-ray: 6cc7e4255ab37741-LHR
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 paytabs-logo.svg
secure.paytabs.sa/hpp/images/ 3 KB
1 KB 424ms
424ms Image
image/svg+xml 2606:4700:10::6816:4ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.paytabs.sa/hpp/images/paytabs-logo.svg

Requested by

Host: secure.paytabs.sa
URL: https://secure.paytabs.sa/hpp/css/paytabs-paypage.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf61877ffc77425e3e330e0c1cfb9899fa16c00c7012f90df0a0d99d4e8949f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src 'self' .paytabs.sa; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://secure.paytabs.sa/hpp/css/paytabs-paypage.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 23 Nov 2021 02:50:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: private, max-age=3600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' *.paytabs.sa; img-src https: data:; style-src 'self' *.paytabs.sa 'unsafe-inline'; script-src 'self' *.paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.paytabs.sa; frame-src 'self' *.paytabs.sa; child-src 'self' *.paytabs.sa;
cf-ray: 6cc7e4255abb7741-LHR
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pytb.io/	1970-01-20 00:06:53	Name: XSRF-TOKEN Value: eyJpdiI6IkpwenBcL25qSTNDU2VhMmlBUThaY3RBPT0iLCJ2YWx1ZSI6IkxOSVA4Z1F1dE83Q1FFNVZ0TWZRRE1jTXc4TnM0a0g3Q1NRUkFVc1FYM0Q3STdxWXJzUzgrYnE4M0hJMUk3azIiLCJtYWMiOiI0NWNhNTRlMmRjODJhZjBkY2FmNTYzMDI0ZjEwOGZiM2QzMTE1MTU0N2MzYjg0MjMxMDNiNzliZjhmMGNmYTk5In0%3D
			pytb.io/	1970-01-20 00:06:53	Name: paytabs_su_session Value: eyJpdiI6IkNmaFhwMWFHMHJcL0FRWFFBMVNoT2hBPT0iLCJ2YWx1ZSI6Im5vVmJjSEpyVVVhaSszTUNtYlBvWUkrbUp5QXEyT2xNZ1VTNGRlRVJxek5LMWRlWTRuaFZSYk1qTmNYTmdvaEUiLCJtYWMiOiI5OWM4NDhmNTY4MzQ2OGUyMDc3NzJjN2ZlYjNkZmRjNDE1ODM0N2JkZTMyOTk2MTY4MDM2M2E2ZTQzNWI5ODU3In0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .paytabs.sa; img-src https: data:; style-src 'self' .paytabs.sa 'unsafe-inline'; script-src 'self' .paytabs.sa 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .paytabs.sa; frame-src ; child-src 'self' .paytabs.sa;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

protect-eu.mimecast.com
pytb.io
secure.paytabs.sa
url5533.paytabs.com
167.89.115.56
195.130.217.73
2606:4700:10::6816:4ad1
2606:4700:3032::6815:5c7b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28ed6f200de7f0fb5cf66566f543302d98ff92f45892a123b8a82a30351aa741
76f32e93b901db2baf2eb6a076e06538993a11f00ccef643b0eef12abcefa652
79276a73a817222bd7c09f7b2ee76b719db65fdde90a644f6c79552ad492dd3b
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
82d2468ef8052a1beae571e81bbaf75a5664233f0d6605cf688da7bbb3405dfb
a4893b91ef53539845224e86b205f38a289dc1f014ca72a3a5f25e5314c1b9ca
abf61877ffc77425e3e330e0c1cfb9899fa16c00c7012f90df0a0d99d4e8949f
c9ec7a0422ca2a555183d86c29b6a307bfff47ac189dca46486badc0a3fbaf30
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

secure.paytabs.sa Open in urlscan Pro 2606:4700:10::6816:4ad1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

1 IPs

2 Countries

114 kBTransfer

491 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

secure.paytabs.sa Open in urlscan Pro
2606:4700:10::6816:4ad1 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

1
IPs

2
Countries

114 kB
Transfer

491 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions