bicpay.bahraingp.com Open in urlscan Pro
89.148.55.218 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bicpay.bahraingp.com/
Submission: On March 19 via automatic, source certstream-suspicious (March 19th 2021, 8:42:38 am UTC)

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 89.148.55.218, located in Bahrain and belongs to Internet Service Provider, BH. The main domain is bicpay.bahraingp.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 2nd 2019. Valid for: 2 years.

This is the only time bicpay.bahraingp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	89.148.55.218 89.148.55.218	5416 (Internet ...) (Internet Service Provider)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
24	2

22 89.148.55.218 (Bahrain)

ASN5416 (Internet Service Provider, BH)
PTR: static.ip.89.148.55.218.batelco.com.bh

bicpay.bahraingp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	bahraingp.com bicpay.bahraingp.com	1 MB
2	gstatic.com fonts.gstatic.com	40 KB
24	2

	Domain	Requested by
22	bicpay.bahraingp.com	bicpay.bahraingp.com
2	fonts.gstatic.com	bicpay.bahraingp.com
24	2

This site contains no links.

Subject Issuer	Validity	Valid
*.bahraingp.com DigiCert SHA2 Secure Server CA	`2019-10-02` - `2021-10-06`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bicpay.bahraingp.com/
Frame ID: F395A7656B3C2BCEA4FADA093A6521CB
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1494 kB
Transfer

1488 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bicpay.bahraingp.com/ 10 KB
4 KB 371ms
132ms Document
text/html 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

9037a03f1db731f4e4f937b954b82ef8148ac73950c400f1b67cfebc1bacbd38

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: bicpay.bahraingp.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Fri, 19 Mar 2021 08:42:17 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IjFrb1FsNlJ0TEpvd3dCTG5jTk1jSHc9PSIsInZhbHVlIjoicHRtaDNPeGllTE1pSjBWNjFudVhPU3hOV0V1eU5mZDhDcmlBZlVkR1U3T3NUNTBmXC9zZUtZaW1jSWxwSm5zbFkiLCJtYWMiOiJkMzc3NGY2OTBkOTA2YzU2Y2VmZTdiODBkNmZhZWE3ZTJlNWZlOThjZGE5YjIzNDU5OGNmNjMwNjlkODc0MTkxIn0%3D; expires=Fri, 19-Mar-2021 10:42:17 GMT; Max-Age=7200; path=/ bahrain_international_circuit_session=eyJpdiI6IkhiVEFqbDF0STVLV2hOakFmeXZyRFE9PSIsInZhbHVlIjoiejdDUXQ0VGJ0ZDhwTnZUNVpzM2VkWFRQT1lnaUk4am9WaDRTTnpuamY5eGhuOGtqQWx5ZUYxQU9zRHlSU3VucSIsIm1hYyI6ImQ5MmUzMjNhN2UxZWVlMzc3MDcxMjZhMzkxZTI4OTAxMzE1NzMzM2FkZTIxMDEyNmQwY2RhYjA2MjNlYjJiOGMifQ%3D%3D; expires=Fri, 19-Mar-2021 10:42:17 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block
x-content-type-options: nosniff nosniff
referrer-policy: no-referrer-when-downgrade no-referrer-when-downgrade
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
content-encoding: gzip

GET
H2 200 bootstrap.min.css
bicpay.bahraingp.com/assets/css/ 113 KB
114 KB 224ms
220ms Stylesheet
text/css 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/css/bootstrap.min.css

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

441729559f5aee093fb8fd4437e2c8c3641b67d9461b407df7cc9c1c736d3e78

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:17 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:57 GMT
server: nginx
etag: "5eeb9e7d-1c465"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 115813
x-content-type-options: nosniff, nosniff

GET
H2 200 font-awesome.min.css
bicpay.bahraingp.com/assets/font-awesome/4.5.0/css/ 27 KB
27 KB 334ms
330ms Stylesheet
text/css 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:17 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:04:01 GMT
server: nginx
etag: "5eeb9e81-6b4a"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 27466
x-content-type-options: nosniff, nosniff

GET
H2 200 jquery-ui.custom.min.css
bicpay.bahraingp.com/assets/css/ 3 KB
4 KB 334ms
330ms Stylesheet
text/css 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/css/jquery-ui.custom.min.css

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

806dbf009d37228caecd99f1232a407b0e9243a2fd8edddbad4a3c28b37cea05

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:17 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:58 GMT
server: nginx
etag: "5eeb9e7e-be2"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 3042
x-content-type-options: nosniff, nosniff

GET
H2 200 fullcalendar.min.css
bicpay.bahraingp.com/assets/css/ 12 KB
12 KB 334ms
331ms Stylesheet
text/css 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/css/fullcalendar.min.css

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

1d40e18d1f4a3f0d1a385b97f5465b4b8ba351025c26ebb68777bf8af779d1ca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:17 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:58 GMT
server: nginx
etag: "5eeb9e7e-2f69"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 12137
x-content-type-options: nosniff, nosniff

GET
H2 200 fonts.googleapis.com.css
bicpay.bahraingp.com/assets/css/ 496 B
1 KB 334ms
331ms Stylesheet
text/css 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/css/fonts.googleapis.com.css

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

6d2349eeecf14841547bb51f6883d6f5e23af5f4cb17dbd12f4ef63e4676f4e7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:17 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:58 GMT
server: nginx
etag: "5eeb9e7e-1f0"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 496
x-content-type-options: nosniff, nosniff

GET
H2 200 ace.min.css
bicpay.bahraingp.com/assets/css/ 388 KB
389 KB 334ms
331ms Stylesheet
text/css 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/css/ace.min.css

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

9c846a1f207d42c221c1d629db2a7d056c94edd9f59ca9c84af30ecd07cb39d8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:17 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:57 GMT
server: nginx
etag: "5eeb9e7d-60f76"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 397174
x-content-type-options: nosniff, nosniff

GET
H2 200 ace-skins.min.css
bicpay.bahraingp.com/assets/css/ 76 KB
77 KB 334ms
331ms Stylesheet
text/css 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/css/ace-skins.min.css

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

cae7459b2c9cf1645f63d939231e9be52d77bf4a9d646aef6ae61e50b3cd8b64

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:17 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:57 GMT
server: nginx
etag: "5eeb9e7d-13080"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 77952
x-content-type-options: nosniff, nosniff

GET
H2 200 ace-rtl.min.css
bicpay.bahraingp.com/assets/css/ 114 KB
115 KB 334ms
332ms Stylesheet
text/css 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/css/ace-rtl.min.css

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

6a54d650d1be4cb0c55999dcbb698456f48c102352bdd20ee5c3f7cb2525711a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:17 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:57 GMT
server: nginx
etag: "5eeb9e7d-1c846"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 116806
x-content-type-options: nosniff, nosniff

GET
H2 200 jquery-2.1.4.min.js Show response
bicpay.bahraingp.com/assets/js/ 82 KB
83 KB 334ms
332ms Script
application/javascript 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/js/jquery-2.1.4.min.js

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:17 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:04:00 GMT
server: nginx
etag: "5eeb9e80-1499c"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 84380
x-content-type-options: nosniff, nosniff

GET
H2 200 logo.png
bicpay.bahraingp.com/assets/images/skin/ 154 KB
155 KB 129ms
128ms Image
image/png 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bicpay.bahraingp.com/assets/images/skin/logo.png

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

6e214ff54de46cc7d183604cfc1dfaeecfa0fe8ca09c389cb848f5feda25d16a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:04:01 GMT
server: nginx
etag: "5eeb9e81-26755"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 157525
x-content-type-options: nosniff, nosniff

GET
H2 200 bootstrap.min.js Show response
bicpay.bahraingp.com/assets/js/ 36 KB
37 KB 114ms
114ms Script
application/javascript 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/js/bootstrap.min.js

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:59 GMT
server: nginx
etag: "5eeb9e7f-9004"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 36868
x-content-type-options: nosniff, nosniff

GET
H2 200 jquery-ui.custom.min.js Show response
bicpay.bahraingp.com/assets/js/ 99 KB
100 KB 113ms
113ms Script
application/javascript 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/js/jquery-ui.custom.min.js

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

349c031fabf02bd07c32416fff5b9cc0b5b581cc5fef8513bf437ac6a2a04b78

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:04:00 GMT
server: nginx
etag: "5eeb9e80-18b93"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 101267
x-content-type-options: nosniff, nosniff

GET
H2 200 jquery.ui.touch-punch.min.js Show response
bicpay.bahraingp.com/assets/js/ 1 KB
2 KB 115ms
113ms Script
application/javascript 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/js/jquery.ui.touch-punch.min.js

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

9fe696094b5ad34a528a051d01b5bf4b2554777e1c7c74c38bc57a323cc290ce

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:04:00 GMT
server: nginx
etag: "5eeb9e80-50b"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 1291
x-content-type-options: nosniff, nosniff

GET
H2 200 moment.min.js Show response
bicpay.bahraingp.com/assets/js/ 40 KB
40 KB 116ms
113ms Script
application/javascript 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/js/moment.min.js

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

f8588465b27351d169b57eff6606b6f4f6d9858c1a36a50307fcb3af641f44d3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:04:00 GMT
server: nginx
etag: "5eeb9e80-9efc"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 40700
x-content-type-options: nosniff, nosniff

GET
H2 200 fullcalendar.min.js Show response
bicpay.bahraingp.com/assets/js/ 105 KB
106 KB 116ms
114ms Script
application/javascript 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/js/fullcalendar.min.js

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

a94c5dad3d40c19182d41e889869f57f0cb7dcf11ccfc9cf4ca35a972ca9db70

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:59 GMT
server: nginx
etag: "5eeb9e7f-1a3c8"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 107464
x-content-type-options: nosniff, nosniff

GET
H2 200 bootbox.js Show response
bicpay.bahraingp.com/assets/js/ 10 KB
10 KB 118ms
116ms Script
application/javascript 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/js/bootbox.js

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

04eb46d2e4ca9892aaaf9d74e2188d2aa0143cdc0e1622131bf9e7fdf3b7c829

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:59 GMT
server: nginx
etag: "5eeb9e7f-2702"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 9986
x-content-type-options: nosniff, nosniff

GET
H2 200 ace-elements.min.js Show response
bicpay.bahraingp.com/assets/js/ 40 KB
41 KB 118ms
116ms Script
application/javascript 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/js/ace-elements.min.js

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

a373d65257123153e816e485bddefa6bf99e4c4fe70d756aecfb0d4d00dd9678

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:59 GMT
server: nginx
etag: "5eeb9e7f-a075"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 41077
x-content-type-options: nosniff, nosniff

GET
H2 200 ace.min.js Show response
bicpay.bahraingp.com/assets/js/ 54 KB
55 KB 125ms
124ms Script
application/javascript 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/js/ace.min.js

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

f353de05e10a1abf63094e06d25b93b08deb2bbd748300d93e028c881fb96bf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:03:59 GMT
server: nginx
etag: "5eeb9e7f-d9e9"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 55785
x-content-type-options: nosniff, nosniff

GET
H2 200 pattern.png
bicpay.bahraingp.com/assets/images/skin/ 14 KB
15 KB 353ms
352ms Image
image/png 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bicpay.bahraingp.com/assets/images/skin/pattern.png

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/assets/css/ace.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

eb193b4de4fc5a6a49d414aca3b4e0879efae48f6d1617194ab4c1c4cb356379

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/assets/css/ace.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:04:01 GMT
server: nginx
etag: "5eeb9e81-38e9"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 14569
x-content-type-options: nosniff, nosniff

GET
H2 200 bg-pattern-1.png
bicpay.bahraingp.com/assets/images/skin/ 4 KB
4 KB 353ms
353ms Image
image/png 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bicpay.bahraingp.com/assets/images/skin/bg-pattern-1.png

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/assets/css/ace.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

c56184182e016f595dd45a4034a0a5bf7e80c2df8f2e991471aff4962b501d5c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://bicpay.bahraingp.com/assets/css/ace.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:04:01 GMT
server: nginx
etag: "5eeb9e81-e2f"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 3631
x-content-type-options: nosniff, nosniff

GET
H2 200 cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
fonts.gstatic.com/s/opensans/v13/ 20 KB
20 KB 6ms
6ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/assets/css/fonts.googleapis.com.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

819747b05df4938922997e60e199603ecb04f4d987331ba5c3f7db30a835c3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bicpay.bahraingp.com
Referer: https://bicpay.bahraingp.com/assets/css/fonts.googleapis.com.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 05:53:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
server: sffe
age: 10126
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20248
x-xss-protection: 0
expires: Sat, 19 Mar 2022 05:53:32 GMT

GET
H2 200 fontawesome-webfont.woff2
bicpay.bahraingp.com/assets/font-awesome/4.5.0/fonts/ 65 KB
66 KB 352ms
351ms Font
application/octet-stream 89.148.55.218
Internet Service ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bicpay.bahraingp.com/assets/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/assets/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

89.148.55.218 , Bahrain, ASN5416 (Internet Service Provider, BH),

Reverse DNS

static.ip.89.148.55.218.batelco.com.bh

Software

nginx /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Origin: https://bicpay.bahraingp.com
Referer: https://bicpay.bahraingp.com/assets/font-awesome/4.5.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:42:18 GMT
referrer-policy: no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified: Thu, 18 Jun 2020 17:04:01 GMT
server: nginx
etag: "5eeb9e81-10440"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/octet-stream
x-xss-protection: 1; mode=block, 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline', default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 66624
x-content-type-options: nosniff, nosniff

GET
H2 200 DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff
fonts.gstatic.com/s/opensans/v13/ 20 KB
20 KB 7ms
6ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff

Requested by

Host: bicpay.bahraingp.com
URL: https://bicpay.bahraingp.com/assets/css/fonts.googleapis.com.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5d937d8ccd079f0088d8095ac27f8387ac099382a8201ab903962a37a41ca1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bicpay.bahraingp.com
Referer: https://bicpay.bahraingp.com/assets/css/fonts.googleapis.com.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:40:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Apr 2015 23:46:43 GMT
server: sffe
age: 133302
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20848
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:40:36 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bicpay.bahraingp.com/	1970-01-19 16:55:50	Name: bahrain_international_circuit_session Value: eyJpdiI6IkhiVEFqbDF0STVLV2hOakFmeXZyRFE9PSIsInZhbHVlIjoiejdDUXQ0VGJ0ZDhwTnZUNVpzM2VkWFRQT1lnaUk4am9WaDRTTnpuamY5eGhuOGtqQWx5ZUYxQU9zRHlSU3VucSIsIm1hYyI6ImQ5MmUzMjNhN2UxZWVlMzc3MDcxMjZhMzkxZTI4OTAxMzE1NzMzM2FkZTIxMDEyNmQwY2RhYjA2MjNlYjJiOGMifQ%3D%3D
			bicpay.bahraingp.com/	1970-01-19 16:55:50	Name: XSRF-TOKEN Value: eyJpdiI6IjFrb1FsNlJ0TEpvd3dCTG5jTk1jSHc9PSIsInZhbHVlIjoicHRtaDNPeGllTE1pSjBWNjFudVhPU3hOV0V1eU5mZDhDcmlBZlVkR1U3T3NUNTBmXC9zZUtZaW1jSWxwSm5zbFkiLCJtYWMiOiJkMzc3NGY2OTBkOTA2YzU2Y2VmZTdiODBkNmZhZWE3ZTJlNWZlOThjZGE5YjIzNDU5OGNmNjMwNjlkODc0MTkxIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bicpay.bahraingp.com
fonts.gstatic.com
2a00:1450:4001:811::2003
89.148.55.218
04eb46d2e4ca9892aaaf9d74e2188d2aa0143cdc0e1622131bf9e7fdf3b7c829
1d40e18d1f4a3f0d1a385b97f5465b4b8ba351025c26ebb68777bf8af779d1ca
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
349c031fabf02bd07c32416fff5b9cc0b5b581cc5fef8513bf437ac6a2a04b78
441729559f5aee093fb8fd4437e2c8c3641b67d9461b407df7cc9c1c736d3e78
6a54d650d1be4cb0c55999dcbb698456f48c102352bdd20ee5c3f7cb2525711a
6d2349eeecf14841547bb51f6883d6f5e23af5f4cb17dbd12f4ef63e4676f4e7
6e214ff54de46cc7d183604cfc1dfaeecfa0fe8ca09c389cb848f5feda25d16a
806dbf009d37228caecd99f1232a407b0e9243a2fd8edddbad4a3c28b37cea05
819747b05df4938922997e60e199603ecb04f4d987331ba5c3f7db30a835c3bd
9037a03f1db731f4e4f937b954b82ef8148ac73950c400f1b67cfebc1bacbd38
9c846a1f207d42c221c1d629db2a7d056c94edd9f59ca9c84af30ecd07cb39d8
9fe696094b5ad34a528a051d01b5bf4b2554777e1c7c74c38bc57a323cc290ce
a373d65257123153e816e485bddefa6bf99e4c4fe70d756aecfb0d4d00dd9678
a5d937d8ccd079f0088d8095ac27f8387ac099382a8201ab903962a37a41ca1d
a94c5dad3d40c19182d41e889869f57f0cb7dcf11ccfc9cf4ca35a972ca9db70
c56184182e016f595dd45a4034a0a5bf7e80c2df8f2e991471aff4962b501d5c
cae7459b2c9cf1645f63d939231e9be52d77bf4a9d646aef6ae61e50b3cd8b64
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
eb193b4de4fc5a6a49d414aca3b4e0879efae48f6d1617194ab4c1c4cb356379
f353de05e10a1abf63094e06d25b93b08deb2bbd748300d93e028c881fb96bf9
f8588465b27351d169b57eff6606b6f4f6d9858c1a36a50307fcb3af641f44d3
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

bicpay.bahraingp.com Open in urlscan Pro 89.148.55.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1494 kBTransfer

1488 kBSize

2 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

bicpay.bahraingp.com Open in urlscan Pro
89.148.55.218 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1494 kB
Transfer

1488 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions