urlscan.io logo urlscan.io
SecurityTrails logo

test.benefit-gateway.bh Open in urlscan Pro
2606:4700:4400::ac40:9548  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pay.targetsports.bh/
Effective URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Submission: On May 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 2606:4700:4400::ac40:9548, located in United States and belongs to CLOUDFLARENET, US. The main domain is test.benefit-gateway.bh.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 14th 2024. Valid for: a year.
This is the only time test.benefit-gateway.bh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.139.59.226 134286 (NETFORCHO...)
18 2606:4700:440... 13335 (CLOUDFLAR...)
18 2
Apex Domain
Subdomains		 Transfer
18 benefit-gateway.bh
test.benefit-gateway.bh
205 KB
1 targetsports.bh
pay.targetsports.bh
342 B
18 2
Domain Requested by
18 test.benefit-gateway.bh test.benefit-gateway.bh
1 pay.targetsports.bh 1 redirects
18 2

This site contains no links.

Subject Issuer Validity Valid
benefit-gateway.bh
Cloudflare Inc ECC CA-3		 2024-01-14 -
2024-12-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Frame ID: 1E9D4DA8B18867E8EC269E48322751EA
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payment Interface

Page URL History Show full URLs

  1. https://pay.targetsports.bh/ HTTP 302
    https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

205 kB
Transfer

757 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pay.targetsports.bh/ HTTP 302
    https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request paymentpage.htm
test.benefit-gateway.bh/payment/
Redirect Chain
  • https://pay.targetsports.bh/
  • https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
219 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60995b458790c7ba73d0a891408f2cae372c7f177ee0f74cb648502c33852e14
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
POST
cache-control
no-cache,no-store,must-revalidate,pre-check=0,post-check=0,max-age=0
cf-cache-status
DYNAMIC
cf-ray
88be69024bee383a-FRA
content-encoding
gzip
content-language
de-DE
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 11:33:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache,no-store
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
deny
x-oracle-dms-ecid
deny 0066Qcwo^BVFw00Fzzx0g0007KRK0000CW
x-oracle-dms-rid
deny 0:1
x-xss-protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 May 2024 11:33:34 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
location
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
jquery.min.js
test.benefit-gateway.bh/payment/gui-v3/js/ 		292 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/gui-v3/js/jquery.min.js?ver=1.33
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec1c8799a6f8991d81b319cd0a659cc9f526f7959bee0f9c7e307d5e789cbc4
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
REVALIDATED
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
DENY
x-oracle-dms-ecid
0066N0u0j7hFw00Fzzx0g0002Im70000NT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6905d988383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
paypage.css
test.benefit-gateway.bh/payment/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/css/paypage.css?ver=1.33
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1a08b0cb383324cbcac56e702a3ab669f4199c86c5780c765cdf7fcaa47a7b
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
DENY
x-oracle-dms-ecid
0066QcwqkGzFw00Fzzx0g0007KRK0000CY
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6905d976383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
paypage-action.js
test.benefit-gateway.bh/payment/js/ 		36 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/js/paypage-action.js?ver=1.33
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07acbcd2aeb15a0761196f74fdda65959249d7a639ae4262a47456d31018a573
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
DENY
x-oracle-dms-ecid
0066QcwqivzFw00Fzzx0g0007KRW00003q
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6905d98b383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
checkSum.js
test.benefit-gateway.bh/payment/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/js/checkSum.js?ver=1.33
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
253fa4fc84a47ae6536b4d11b41116954ac583218248b42d0e39854afb38444e
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
REVALIDATED
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
deny
x-oracle-dms-ecid
0066N0u0k61Fw00Fzzx0g0001cWn0000NK
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6905d992383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
paypage-responsive.css
test.benefit-gateway.bh/payment/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/css/paypage-responsive.css?ver=1.33
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020306128a0995b12490e7526edacf96565ba3186c83191f42117146f39ee3de
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
REVALIDATED
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
deny
x-oracle-dms-ecid
0066N0u0k2NFw00Fzzx0g0001cWn0000NJ
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6905d980383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
combobox.css
test.benefit-gateway.bh/payment/gui-v3/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/gui-v3/css/combobox.css?ver=1.33
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ce6f1669336dd2f723c6d45e0a6383a15c8ec3b5742c5a5f7d2cd29e1bd4cbc
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
REVALIDATED
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
deny
x-oracle-dms-ecid
0066N0u0glJFw00Fzzx0g0001cWn0000NI
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6905d985383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
combobox.js
test.benefit-gateway.bh/payment/gui-v3/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/gui-v3/js/combobox.js?ver=1.33
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8ddee1d9b7943f3c586ac8333048cf53a0d28a360a62aa30681b4697c14f806
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
REVALIDATED
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
DENY
x-oracle-dms-ecid
0066PH^21fAFw00Fzzx0g0003e^N0000jY
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6905e996383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
jquery.cookie.js
test.benefit-gateway.bh/payment/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/js/jquery.cookie.js?ver=1.33
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
deny
x-oracle-dms-ecid
0066QcwqlFeFw00Fzzx0g0007KRW00003t
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6905e999383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
APMValidations.js
test.benefit-gateway.bh/payment/js/ 		97 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/js/APMValidations.js
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
428d48b435f3025904824b48e108986fc2310072d1a7451c2c4a36b15a868f5d
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
REVALIDATED
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
DENY
x-oracle-dms-ecid
0066PH^23kZFw00Fzzx0g0005TiP000028
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6905e99d383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
AuthValidation.js
test.benefit-gateway.bh/payment/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/js/AuthValidation.js
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08c8beb5c3dee30bdd5a01ba48b75503bbd2bcd1ae746dfd7ce303f3c95b149
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
deny
x-oracle-dms-ecid
0066Qcwql9gFw00Fzzx0g0007KRW00003s
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6905e9a1383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
line1.jpg
test.benefit-gateway.bh/payment/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://test.benefit-gateway.bh/payment/images/line1.jpg
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9f19fe1354f540371a764e2c8369665d752dfe39334615601f387dd0985774
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
REVALIDATED
x-oracle-dms-rid
0:1
content-length
1136
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
h2pri
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
deny
x-oracle-dms-ecid
0066N0u4faqFw00Fzzx0g0001cWn0000NM
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
88be69070b70383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
help.jpg
test.benefit-gateway.bh/payment/images/paypage-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://test.benefit-gateway.bh/payment/images/paypage-images/help.jpg
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451f5aae3d932bbd97e21db64b5c73552c73e2857b53d47e5fcc3c9156d46c2d
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
x-oracle-dms-rid
0:1
content-length
1932
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
deny
x-oracle-dms-ecid
0066QcwrVUfFw00Fzzx0g0007KRK0000C^
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
88be69070b71383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
processing.gif
test.benefit-gateway.bh/payment/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://test.benefit-gateway.bh/payment/images/processing.gif
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d133ee007f728b15bf50cf67b5d344a85c360325ba5c0bc1e62af113dca6bf86
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
DENY
x-oracle-dms-ecid
0066Qcwr_p_Fw00Fzzx0g0007KRK0000C_
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be69074be6383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
BENEFIT_logo.png
test.benefit-gateway.bh/payment/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://test.benefit-gateway.bh/payment/images/BENEFIT_logo.png?ver=1.33
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936c5c49b5d8e22ba4e6f442caa29fc28527ca4f40be5b5387bb2cec5e018b6d
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
REVALIDATED
x-oracle-dms-rid
0:1
content-length
3816
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
deny
x-oracle-dms-ecid
0066PH^6L_CFw00Fzzx0g0003wkS0000Vr
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
88be69074bee383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
BENEFIT_a_with_items.js
test.benefit-gateway.bh/payment/js/ 		1 KB
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/js/BENEFIT_a_with_items.js?ver=1.33
Requested by
Host: test.benefit-gateway.bh
URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9591f1d677231bd5b55744d91493251ef024fa46d0e91c595b9a302da5b4fb8a
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
REVALIDATED
content-encoding
gzip
x-oracle-dms-rid
0:1
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Apr 2024 13:42:44 GMT
server
cloudflare
x-frame-options
deny
x-oracle-dms-ecid
0066PH^4bApFw00Fzzx0g0003e^N0000j_
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be69074bed383a-FRA
expires
Thu, 30 May 2024 15:33:36 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8308b238058a6f6be1c44eb8dcf85ee2ab611c92b7b2273fad0a405f8d6d820

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
img1.png
test.benefit-gateway.bh/payment/images/ 		0
137 B 		Other
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/images/img1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
EXPIRED
x-oracle-dms-rid
0:1
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
x-oracle-dms-ecid
0066QcwtAQ0Fw00Fzzx0g0007KRl00007h
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be6909df74383a-FRA
expires
Thu, 30 May 2024 15:33:37 GMT
favicon.ico
test.benefit-gateway.bh/payment/ 		0
235 B 		Other
General
Check archive.org
Download Go to
Full URL
https://test.benefit-gateway.bh/payment/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy 'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:33:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
'default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
EXPIRED
x-oracle-dms-rid
0:1
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
x-oracle-dms-ecid
0066Qcwtvb3Fw00Fzzx0g0007KRK0000Cc
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
88be690b2938383a-FRA
expires
Thu, 30 May 2024 15:33:37 GMT

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| fieldClr function| switch_to_AR function| switch_to_EN function| show_AR function| show_EN function| cookie_check function| change_text_submit_button_PIN_page object| CryptoJS function| formParameterValue string| keyStr function| encode64 function| cuselScrollToCurent function| cuselShowList function| cuSelRefresh function| cuSel function| checkValid function| validateMobile function| validMobileChar function| fnValidateIPAddress function| fnValidateIPV6Address function| isNotSelected function| validateCheckbox function| validateFees function| validateInvoiceAmount function| validateFees3Decimals function| validateFees2Decimals function| checkNumeric function| checkAmount function| checkNumericHipenPlus function| checkNumericWithComma function| checkNumericandspace function| checkAlphanumeric function| checkAlphanumericWithSpace function| checkBraces function| checkInvoiceEmailId function| checkAlphanumericWithSpaceAndDot function| checkWebsiteName function| checkMrchContactName function| checkAlphanumericWithCommaAndSlashAndHyphen function| checkvalidAddress function| checkvalidAddressNoSpace function| checkvalidMerchAddressSpecChar function| checkvalidAddressSpecChar function| checkMax function| checkMin function| checkAllZero function| checkAlphabetic function| checkAlphabeticWithSpace function| checkNumericAndInvalidSpecialChar function| checkAlphabeticWithSpaceDot function| checkAlphanumericWithSpaceAndHypen function| ltrim function| rtrim function| trim function| isWhitespace function| checkWebAddress function| checkEmail function| checkEmailId function| checkMerchantEmailId function| Is_Phone function| Is_Fax function| checkFees function| checkFees3Decimals function| validateZeroNumber function| validateZeroForMobileNumber function| validateStrOnly function| validateSplCharAndSpace function| validateSplChar function| validateSplCharWithSingleHyphenAndPlus function| validateMrchStrSpcl function| myTrim function| validateNumber function| validateAlphaNumeric function| validateAlphaNumericwithdotandcomma function| validateAlphaNumericwithspace function| validateAlphanumericWithSpaceAndHypen function| validateNumberwithZero function| validateNumberwithSingleHyphenPlus function| validateEmailId function| isAlphabetic function| validateStrSpclSpace function| validateSplChars function| validateMenuURL function| validatePwdSpecialChar function| isNumeric function| isNumericOnly function| validateContentType function| noSplCharsName function| noSplCharsNameForUserDetails function| noSplCharsNameExceptDot function| isAlphabeticAllowSpace function| isAlphabeticAllowSpaceAndDot function| getFrmName function| focusOnFirstElement function| validateSpace function| validateSpaceandSpecialChar function| validateSplSpaceStartEnd function| getFocus function| lostFocus function| initRequest function| checkKeyValue function| validateStrSpcl function| isAlphaNumeric function| FilePathValidation function| FilePathValidationLinuxWindow function| isNumericAllowZero function| checkAlphaWithSpace function| ValidateWebSiteAddress function| ValidateMerchantWebSiteAddress function| ValidateExternalConnURL function| externalConnURLforFSSConnect function| URLforIssuerBin function| ValidateMrchConnURL function| ValidateMerchantConnURL function| ValidateConnURL function| isNumericForFees function| isNumericFees function| checkDecimalValue function| checkMinorDigit function| checkZero function| checkDecimalAmount function| validateDbUrl function| validateDate function| checkUDF function| checkUDF6 function| checkAlphanumericWithSpaceForCert function| checkAlphanumericWithSpaceForStaticURL function| checkAlphanumericWithValidSpecialChar function| checkAlphanumericWithSpecialCharAndSingleSpace function| checkAlphanumericWithSomeSpclChar function| checkAlphanumericWithdotcomma function| validateNotStartWithZero function| validateInvalidSpclChar function| checkdoublespace function| checkAlphanumericWithSpaceHyphenAndCommaAndDot function| validateNumberwithSingleHyphenPlusandNumber function| checkTrackId function| checkAlphanumericWithSpaceForUserDetails function| validateSplCharsMrchUsrID function| checkAlphanumericWithSpaceForUserDetailsUserId function| noSplCharsNameMrchUsrId function| checkAlphanumericWithSpaceForUserName function| isValidCardName number| BS number| BB object| RA object| SO object| RC object| SB object| SBI function| cSL number| Nk number| Nb number| Nr function| XT function| GF function| bS function| sR function| mC function| aRK function| YE function| Rd function| iRd function| FRd function| iFRd function| encrypt function| decrypt function| byteArrayToString function| byteArrayToHex function| hexToByteArray function| pB function| uPB function| fPT function| gRB function| rijndaelEncrypt function| rijndaelDecrypt function| stringToByteArray function| genkey object| errorMsgBlock function| showCardExpiry undefined| keys function| getCookie function| showPayemntSheet function| performValidation function| removeSpaces function| sendPaymentToken function| selectPayInstr function| setCardDetail function| onProceed_buttonClicked function| deleteSavedCardFn function| callDeleteSavedCardFn function| callSavedCardSave function| callSave function| callAmexCardSave function| callDebitSave function| callPrepaidSave function| callAmexSave function| callimpsSave function| performMaestroRupayCheck function| performgccCheck function| performscgccCheck number| historyCount function| showKeyPad function| hideKeyPad function| loadKeyboard function| clearPin function| input function| del function| onback function| onRefresh function| hideSavedCard function| showSavedCard function| callRupayAjax function| accu_FunctionResponse function| onclckCancel function| cancelPage function| cptchaMsg function| cvvMsg function| rupayCVVMsg function| amexCvvMsg function| expMsg function| pinMsg function| amtMsg function| reloadCaptcha function| disableCnvrtFields function| getConvrtDet function| getOtherCrncy function| getOtherCnvrt function| showDetails function| hideDetails function| continue_buttonClicked function| editdetail function| showInvoiceTab undefined| selected_language function| hide_keypad function| show_savedcardkeypad function| hide_savedcardkeypad

6 Cookies

Domain/Path Name / Value
test.benefit-gateway.bh/payment Name: SameSite
Value: strict
test.benefit-gateway.bh/ Name: JSESSIONID
Value: C9DJRt3FhmJRPhElOO3sayz15bpUAw0bpQeUqo9X79TwIIKWeHKk!-1372511025
test.benefit-gateway.bh/ Name: PG
Value: !43ShxHV6lD1cXye/SXoJOs1UH5dwXHz3PyOwZU5F548K3G5gCPciuNW5vz/j2bbCUZuv5kzpqYH3
.test.benefit-gateway.bh/ Name: TS01dc49f9
Value: 0184549b3e469c36e58cfc7ede49a8a2a3ab50f2502ffe14da75c35244cb5237d72925ac03b04a4775242b7958f5085ba07b158d422ca327afd12f6074787a2ee8956de4d088d39cdd7a95a2811e556f07f8351b6a45332cddf3433f4037672a44f0d3b409
.benefit-gateway.bh/ Name: __cf_bm
Value: 6ScZgcPTvd0F7i2X5ISdNDn91qsKTPqMWEl63rdmMqY-1717068816-1.0.1.1-z5tJGRugogoAGDqbW2gqH89KD2cfzpQ7cfZ4uBBMzK3Te9R3glz3BO1QnuPI_CfN_1GMd9hsoE3z30rQ8.wNfQ
test.benefit-gateway.bh/ Name: selected_language
Value: EN

5 Console Messages

Source Level URL
Text
recommendation warning URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Message:
[DOM] Found 2 elements with non-unique id #cardPinbtnDel: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Message:
[DOM] Found 2 elements with non-unique id #cardPinbtnRef: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://test.benefit-gateway.bh/payment/paymentpage.htm?PaymentID=301202415134407678
Message:
[DOM] Found 2 elements with non-unique id #cardPinbtnRef1: (More info: https://goo.gl/9p2vKq) %o %o
network error URL: https://test.benefit-gateway.bh/payment/images/img1.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://test.benefit-gateway.bh/payment/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block