urlscan.io logo urlscan.io
SecurityTrails logo

digi-sit.bicbank.com.kh Open in urlscan Pro
103.166.94.167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://digi-sit.bicbank.com.kh/
Effective URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Submission: On August 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 32 HTTP transactions. The main IP is 103.166.94.167, located in Cambodia and belongs to BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH. The main domain is digi-sit.bicbank.com.kh.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 9th 2024. Valid for: a year.
This is the only time digi-sit.bicbank.com.kh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 22 103.166.94.167 134136 (BICCAMBOD...)
1 142.250.186.132 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
32 7
22    103.166.94.167 (Cambodia)

ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH)
digi-sit.bicbank.com.kh
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
22 bicbank.com.kh
digi-sit.bicbank.com.kh
770 KB
4 googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 5014
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 420
1 KB
4 gstatic.com
www.gstatic.com
244 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
133 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 google.com
www.google.com — Cisco Umbrella Rank: 10
961 B
32 6
Domain Requested by
22 digi-sit.bicbank.com.kh 2 redirects digi-sit.bicbank.com.kh
4 www.gstatic.com digi-sit.bicbank.com.kh
www.google.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 firebase.googleapis.com www.gstatic.com
2 www.googletagmanager.com www.gstatic.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.com digi-sit.bicbank.com.kh
32 7

This site contains no links.

Subject Issuer Validity Valid
*.bicbank.com.kh
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-09 -
2025-06-09		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Frame ID: 283614C2C73E2CA1DD50F2842DD5BAF6
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - BICApp

Page URL History Show full URLs

  1. https://digi-sit.bicbank.com.kh/ HTTP 302
    https://digi-sit.bicbank.com.kh/web/admin HTTP 302
    https://digi-sit.bicbank.com.kh/web/admin/authentication/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

32
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

1147 kB
Transfer

1748 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://digi-sit.bicbank.com.kh/ HTTP 302
    https://digi-sit.bicbank.com.kh/web/admin HTTP 302
    https://digi-sit.bicbank.com.kh/web/admin/authentication/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
digi-sit.bicbank.com.kh/web/admin/authentication/
Redirect Chain
  • https://digi-sit.bicbank.com.kh/
  • https://digi-sit.bicbank.com.kh/web/admin
  • https://digi-sit.bicbank.com.kh/web/admin/authentication/login
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
557fa321b6b0522c0528ce9a2a6e159f9df5811a449f37d4c7b10b2ad63ddc82
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate, public
Connection
Keep-Alive
Content-Language
en-US
Content-Length
6414
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
text/html;charset=UTF-8
Date
Fri, 23 Aug 2024 09:58:21 GMT
Expires
0
Keep-Alive
timeout=5, max=98
Server
Web Server
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com DENY
X-XSS-Protection
1; mode=block
x-request-id
ba0a924940e54dad9a78528a557ccda3
x-response-id
b94bd659de4048c59189670f443564f0

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate, public
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Date
Fri, 23 Aug 2024 09:58:21 GMT
Expires
0
Keep-Alive
timeout=5, max=99
Location
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Server
Web Server
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com DENY
X-XSS-Protection
1; mode=block
bootstrap.min.css
digi-sit.bicbank.com.kh/webjars/bootstrap/3.4.1/css/ 		119 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/webjars/bootstrap/3.4.1/css/bootstrap.min.css
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
6c91eedbac244294b6ff302f0905447d
Connection
Keep-Alive
Content-Length
121457
X-XSS-Protection
1; mode=block
x-request-id
a9faf5323f0e43abab0353772de439fa
Last-Modified
Mon, 21 Aug 2023 02:29:44 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
core.css
digi-sit.bicbank.com.kh/assets/css/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/css/core.css
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
f180bf2d2e2657621cd223890fbd5fb319f0ac6736b2784fcd8b4986c27f3fae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
3b343306adc8441a8bde578cf1920a5d
Connection
Keep-Alive
Content-Length
18240
X-XSS-Protection
1; mode=block
x-request-id
8f98e808fc994883903aadaa9ec93b0d
Last-Modified
Tue, 05 May 2020 05:08:05 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
components.css
digi-sit.bicbank.com.kh/assets/css/ 		91 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/css/components.css
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
97dbf1085f897465c53f70c788d0283ff0cc837249e562314ca1275fac8770a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
6c1daa458f444d1487c2639a4aa0b9bf
Connection
Keep-Alive
Content-Length
93019
X-XSS-Protection
1; mode=block
x-request-id
83cfcdd9296849e9984718f4c5c92653
Last-Modified
Mon, 30 Nov 2020 22:21:21 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
icons.css
digi-sit.bicbank.com.kh/assets/css/ 		209 KB
210 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/css/icons.css
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
104019a8eb893070eba7ac139fc4ee715764818022360d438f8b57858f887efb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
8382d6d287d14b269ee764538638b625
Connection
Keep-Alive
Content-Length
214255
X-XSS-Protection
1; mode=block
x-request-id
73fcce52c5a24335b328d1de8b46cabc
Last-Modified
Tue, 05 May 2020 05:08:05 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
pages.css
digi-sit.bicbank.com.kh/assets/css/ 		20 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/css/pages.css
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
f5d099c48c083ad6668570417b0b9c0b40cc516e78ecee1c7df980dddcf512eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
3855731beb7f464ebc3654f5fae972ac
Connection
Keep-Alive
Content-Length
20421
X-XSS-Protection
1; mode=block
x-request-id
c8e632ae42194dacabcbd0d4223e6b72
Last-Modified
Tue, 05 May 2020 05:08:05 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
menu.css
digi-sit.bicbank.com.kh/assets/css/ 		12 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/css/menu.css
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
b9f60174e5cd6ebc46d84db3331a4ac1a18aa1cf75d8311e71201c392a312254
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
916b30378ef245b5be5f005101feebc2
Connection
Keep-Alive
Content-Length
12484
X-XSS-Protection
1; mode=block
x-request-id
530016fa8416455b8add52f56f0f3b4b
Last-Modified
Thu, 04 Mar 2021 03:19:08 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
responsive.css
digi-sit.bicbank.com.kh/assets/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/css/responsive.css
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
b8b3607ea088f9f6ee014d312fbd17c798515ca11365bde4df8b2209a5284987
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
b9916af424b7461f88d5854f6265a991
Connection
Keep-Alive
Content-Length
4473
X-XSS-Protection
1; mode=block
x-request-id
a2b5bf11d75c43b98780032430565bd2
Last-Modified
Tue, 05 May 2020 05:08:05 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
style.css
digi-sit.bicbank.com.kh/assets/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/css/style.css
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
88da7bd2ad34add27f0cdfcf50e5ea05ae64e810d0ce72afcdfc65454e8a3158
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
cf8f715bf1ec49eeac2c4e3406568d39
Connection
Keep-Alive
Content-Length
3058
X-XSS-Protection
1; mode=block
x-request-id
0ce771d16e974f95b6205bb56e86f43f
Last-Modified
Wed, 04 Jan 2023 01:54:26 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
modernizr.min.js
digi-sit.bicbank.com.kh/assets/js/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/js/modernizr.min.js
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
0390566aa8bc468f8cc158758f445ccf
Connection
Keep-Alive
Content-Length
11084
X-XSS-Protection
1; mode=block
x-request-id
50f5d1f4323e4bd2968100b6a359ce1b
Last-Modified
Tue, 05 May 2020 05:08:05 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
application/javascript;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
476dd34cc54442b0c8c3dec0ce3c59b546a2e1103116bcd8cb179b03f7eb83a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 09:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 23 Aug 2024 09:58:22 GMT
logo.png
digi-sit.bicbank.com.kh/assets/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digi-sit.bicbank.com.kh/assets/images/logo.png
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
c9eb76ae89793eb8f515331de43344f6c04d45d02a80bd7bbdcd91bcfef5c79e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
b6dcb81230cc4649865ec01dc3c3a047
Connection
Keep-Alive
Content-Length
9664
X-XSS-Protection
1; mode=block
x-request-id
585405af672d4deca32ba84e9516579a
Last-Modified
Fri, 15 May 2020 05:39:52 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
image/png;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
jquery-3.6.0.min.js
digi-sit.bicbank.com.kh/assets/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/js/jquery-3.6.0.min.js
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
f3082b66dd8240159b63ecd7b14b6d5f
Connection
Keep-Alive
Content-Length
89501
X-XSS-Protection
1; mode=block
x-request-id
0b04bd1b0feb47b298c46e3a8510663e
Last-Modified
Wed, 09 Feb 2022 01:52:02 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
application/javascript;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
bootstrap.min.js
digi-sit.bicbank.com.kh/webjars/bootstrap/3.4.1/js/ 		39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/webjars/bootstrap/3.4.1/js/bootstrap.min.js
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
a0f78f047fe04b9e9c2481c5e5e75afe
Connection
Keep-Alive
Content-Length
39680
X-XSS-Protection
1; mode=block
x-request-id
cebc4e29c7824accbf4acc932bc35266
Last-Modified
Mon, 21 Aug 2023 02:29:44 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
application/javascript;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
push.min.js
digi-sit.bicbank.com.kh/plugins/push/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/plugins/push/push.min.js
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
54fa706a73b5488a878791923a93198477e5440f3d0f22311c6cd58829163b0c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
049857f0b5104cd28b27f5ff7d292ab1
Connection
Keep-Alive
Content-Length
12917
X-XSS-Protection
1; mode=block
x-request-id
2cbbc16e9e7e4f17a6cdd07011c365fd
Last-Modified
Tue, 05 May 2020 05:08:06 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
application/javascript;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
firebase-app.js
www.gstatic.com/firebasejs/7.23.0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.23.0/firebase-app.js
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fbb9b0a6dd750be54d75b8eb16f6aea217aa36df2b4e3a4b80f960a1ca368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://digi-sit.bicbank.com.kh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:04:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6636
x-xss-protection
0
last-modified
Thu, 08 Oct 2020 20:48:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Aug 2025 14:04:44 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/7.23.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.23.0/firebase-messaging.js
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b090c352b4698d65d2d9fcd3c4b41e5f50d017e4caa48f2eef492c6a61adffb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://digi-sit.bicbank.com.kh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10930
x-xss-protection
0
last-modified
Thu, 08 Oct 2020 20:48:30 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Aug 2025 14:13:58 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/7.23.0/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.23.0/firebase-analytics.js
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
954201eeb1cac382fbf2a85d6023b581a75c1d58c618367851503ef696262e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://digi-sit.bicbank.com.kh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 18:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10857
x-xss-protection
0
last-modified
Thu, 08 Oct 2020 20:48:30 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Aug 2025 18:28:05 GMT
firebase-initialization.js
digi-sit.bicbank.com.kh/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/firebase-initialization.js
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
a3d92b66d7b642c7683e4ce3200545cf44cac360b0e984dd059b54ca2148f894
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
d2b8922591c143ac9b98e65c5ac62059
Connection
Keep-Alive
Content-Length
2311
X-XSS-Protection
1; mode=block
x-request-id
e935144b7200449091038d6eb96bfdeb
Last-Modified
Tue, 13 Oct 2020 02:10:18 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
application/javascript;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
core_font.css
digi-sit.bicbank.com.kh/assets/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/css/core_font.css
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/assets/css/core.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
a6bda323817443a9ae484cf93743af7b2aa66811ee5f4e8b0ecdfb5658afcbc3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/assets/css/core.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
df26a437759d4ca7b50ce8c3c898ea4d
Connection
Keep-Alive
Content-Length
4377
X-XSS-Protection
1; mode=block
x-request-id
cf286bb081634a9f8f30c3e1239ccecf
Last-Modified
Wed, 04 Jan 2023 01:54:26 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
w8gdH283Tvk__Lua32TysjIfp8uP.woff2
digi-sit.bicbank.com.kh/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/fonts/w8gdH283Tvk__Lua32TysjIfp8uP.woff2
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/assets/css/core_font.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
940bd4a564804ab577a9d374f205561fe77d98dfe612a6a14424d67ec1c10f69
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/assets/css/core_font.css
Origin
https://digi-sit.bicbank.com.kh
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
92650eef2965464a9664488a0d430b12
Connection
Keep-Alive
Content-Length
20072
X-XSS-Protection
1; mode=block
x-request-id
f33c096adcaa4fbca256be7a9ab7ef16
Last-Modified
Tue, 05 May 2020 05:08:05 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type
application/font-woff2;charset=UTF-8
Access-Control-Allow-Origin
https://digi-sit.bicbank.com.kh
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
recaptcha__de.js
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 		539 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://digi-sit.bicbank.com.kh/
Origin
https://digi-sit.bicbank.com.kh
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 08:28:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219509
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 04:00:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Aug 2025 08:28:31 GMT
f0Xu0e2p98ZvDXdZQIOcpqjfKaMXfsEp.woff2
digi-sit.bicbank.com.kh/assets/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/fonts/f0Xu0e2p98ZvDXdZQIOcpqjfKaMXfsEp.woff2
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/assets/css/core_font.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
c157136175a709c00bcb92dc4062ff21415ae49755ba9181c294a65c93ca3e8c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/assets/css/core_font.css
Origin
https://digi-sit.bicbank.com.kh
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
1a9f9ee5f203450eb9759cd863d6c642
Connection
Keep-Alive
Content-Length
14472
X-XSS-Protection
1; mode=block
x-request-id
7c9e36b6f978493b96a3321d2d8af97c
Last-Modified
Tue, 05 May 2020 05:08:05 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type
application/font-woff2;charset=UTF-8
Access-Control-Allow-Origin
https://digi-sit.bicbank.com.kh
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
fontawesome-webfont.woff2
digi-sit.bicbank.com.kh/assets/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: digi-sit.bicbank.com.kh
URL: https://digi-sit.bicbank.com.kh/assets/css/icons.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/assets/css/icons.css
Origin
https://digi-sit.bicbank.com.kh
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
95f540f0dda84f4e91cee5249846e4b7
Connection
Keep-Alive
Content-Length
71896
X-XSS-Protection
1; mode=block
x-request-id
2c7ee508966a4195a1d6e1f324ce9e66
Last-Modified
Tue, 05 May 2020 05:08:05 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type
application/font-woff2;charset=UTF-8
Access-Control-Allow-Origin
https://digi-sit.bicbank.com.kh
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
js
www.googletagmanager.com/gtag/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.23.0/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7aa204bad7cd4047034ff8f43eda1d9adb3a01bafbb01ce8d71658e14c7b465
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://digi-sit.bicbank.com.kh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 09:58:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50036
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Aug 2024 09:58:24 GMT
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:1036381386280:web:e86ac4a081b244887d671d/ 		335 B
423 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1036381386280:web:e86ac4a081b244887d671d/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.23.0/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ddadc98d6768d1472e3ea6306109d819836f23d5601561229f2d22c540d6c53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://digi-sit.bicbank.com.kh/
x-goog-api-key
AIzaSyBCqBguxEgZV1njyw74gbEsQS2zP-6aqiY
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 09:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://digi-sit.bicbank.com.kh
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:1036381386280:web:e86ac4a081b244887d671d/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1036381386280:web:e86ac4a081b244887d671d/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://digi-sit.bicbank.com.kh
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://digi-sit.bicbank.com.kh
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 23 Aug 2024 09:58:24 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/bic-orbv2/ 		627 B
689 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/bic-orbv2/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.23.0/firebase-messaging.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f96814aea805e9a657c57c95b6fb315a43f32a7c93a4d0a6cc2e73d6de7bc58f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://digi-sit.bicbank.com.kh/
x-goog-api-key
AIzaSyBCqBguxEgZV1njyw74gbEsQS2zP-6aqiY
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 23 Aug 2024 09:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://digi-sit.bicbank.com.kh
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
499
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/bic-orbv2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/bic-orbv2/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://digi-sit.bicbank.com.kh
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://digi-sit.bicbank.com.kh
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 23 Aug 2024 09:58:24 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
favicon.ico
digi-sit.bicbank.com.kh/ 		946 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://digi-sit.bicbank.com.kh/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.166.94.167 , Cambodia, ASN134136 (BICCAMBODIABANKPLC-AS-AP B.I.C Cambodia Bank PLC, KH),
Reverse DNS
Software
Web Server /
Resource Hash
a3fe67e3549fdbc5819762b43c7efd93b1caea734f87a33c909a4e4b2ba4e32b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digi-sit.bicbank.com.kh/web/admin/authentication/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 09:58:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
x-response-id
e2ad694a1e594b1f9fec3bde2a1b48f8
Connection
Keep-Alive
Content-Length
946
X-XSS-Protection
1; mode=block
x-request-id
3dffaa7d6ae64d29b6d08be3ecc5ea38
Last-Modified
Mon, 21 Aug 2023 02:20:41 GMT
Server
Web Server
X-Frame-Options
ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Content-Type
image/x-icon;charset=UTF-8
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
js
www.googletagmanager.com/gtag/ 		232 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CZWTKFMMXD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0251786ab0969a55bd32279369f044c0b452fecc6c6f84c5084450633ea5f276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://digi-sit.bicbank.com.kh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 09:58:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85716
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 23 Aug 2024 09:58:25 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CZWTKFMMXD&gtm=45je48l0v868500549za200&_p=1724407105445&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&_fid=cNr1_Hw-VOouMeidRFVYim&cid=2060768701.1724407106&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724407105&sct=1&seg=0&dl=https%3A%2F%2Fdigi-sit.bicbank.com.kh%2Fweb%2Fadmin%2Fauthentication%2Flogin&dt=Login%20-%20BICApp&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=4764
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CZWTKFMMXD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://digi-sit.bicbank.com.kh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 09:58:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://digi-sit.bicbank.com.kh
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha function| $ function| jQuery object| Push string| apiKey string| authDomain string| databaseURL string| projectId string| storageBucket string| messagingSenderId string| appId string| measurementId string| publicVapidKey string| profilePictureAllowedExtension string| profilePictureAllowedFileSize string| defaultProfilePicture object| firebase function| firebaseInitialization object| dataLayer function| gtag object| google_tag_manager object| google_tag_data object| gaGlobal

5 Cookies

Domain/Path Name / Value
digi-sit.bicbank.com.kh/ Name: ROUTEID
Value: .2
digi-sit.bicbank.com.kh/ Name: cookiesession1
Value: 678A3E1D4B8FAA72A5B640BC10FEC5A9
digi-sit.bicbank.com.kh/ Name: JSESSIONID
Value: 7E321E339E8AB76D51A250943583DB78
.bicbank.com.kh/ Name: _ga_CZWTKFMMXD
Value: GS1.1.1724407105.1.0.1724407105.0.0.0
.bicbank.com.kh/ Name: _ga
Value: GA1.1.2060768701.1724407106

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://digi-sit.bicbank.com.kh/web/admin/authentication/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://devwebpayment.kesspay.io https://uatbicmobile.page.link https://iframetester.com DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

digi-sit.bicbank.com.kh
firebase.googleapis.com
firebaseinstallations.googleapis.com
region1.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
103.166.94.167
142.250.186.132
2001:4860:4802:32::36
2a00:1450:4001:800::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
0251786ab0969a55bd32279369f044c0b452fecc6c6f84c5084450633ea5f276
104019a8eb893070eba7ac139fc4ee715764818022360d438f8b57858f887efb
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
476dd34cc54442b0c8c3dec0ce3c59b546a2e1103116bcd8cb179b03f7eb83a4
4ddadc98d6768d1472e3ea6306109d819836f23d5601561229f2d22c540d6c53
54fa706a73b5488a878791923a93198477e5440f3d0f22311c6cd58829163b0c
557fa321b6b0522c0528ce9a2a6e159f9df5811a449f37d4c7b10b2ad63ddc82
61fbb9b0a6dd750be54d75b8eb16f6aea217aa36df2b4e3a4b80f960a1ca368f
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
88da7bd2ad34add27f0cdfcf50e5ea05ae64e810d0ce72afcdfc65454e8a3158
940bd4a564804ab577a9d374f205561fe77d98dfe612a6a14424d67ec1c10f69
954201eeb1cac382fbf2a85d6023b581a75c1d58c618367851503ef696262e7d
97dbf1085f897465c53f70c788d0283ff0cc837249e562314ca1275fac8770a4
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a3d92b66d7b642c7683e4ce3200545cf44cac360b0e984dd059b54ca2148f894
a3fe67e3549fdbc5819762b43c7efd93b1caea734f87a33c909a4e4b2ba4e32b
a6bda323817443a9ae484cf93743af7b2aa66811ee5f4e8b0ecdfb5658afcbc3
b090c352b4698d65d2d9fcd3c4b41e5f50d017e4caa48f2eef492c6a61adffb7
b8b3607ea088f9f6ee014d312fbd17c798515ca11365bde4df8b2209a5284987
b9f60174e5cd6ebc46d84db3331a4ac1a18aa1cf75d8311e71201c392a312254
c157136175a709c00bcb92dc4062ff21415ae49755ba9181c294a65c93ca3e8c
c9eb76ae89793eb8f515331de43344f6c04d45d02a80bd7bbdcd91bcfef5c79e
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f180bf2d2e2657621cd223890fbd5fb319f0ac6736b2784fcd8b4986c27f3fae
f5d099c48c083ad6668570417b0b9c0b40cc516e78ecee1c7df980dddcf512eb
f7aa204bad7cd4047034ff8f43eda1d9adb3a01bafbb01ce8d71658e14c7b465
f96814aea805e9a657c57c95b6fb315a43f32a7c93a4d0a6cc2e73d6de7bc58f