urlscan.io logo urlscan.io
SecurityTrails logo

welcome-service-test.bigbank.bg Open in urlscan Pro
185.235.160.30  Public Scan

Go To Rescan Add Verdict Report
URL: https://welcome-service-test.bigbank.bg/
Submission: On September 07 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 185.235.160.30, located in Estonia and belongs to BIGBANK, EE. The main domain is welcome-service-test.bigbank.bg.
TLS certificate: Issued by R3 on September 7th 2021. Valid for: 3 months.
This is the only time welcome-service-test.bigbank.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 185.235.160.30 204411 (BIGBANK)
1 2a00:1450:400... 15169 (GOOGLE)
2 185.235.160.8 204411 (BIGBANK)
16 4
Domain Requested by
12 welcome-service-test.bigbank.bg welcome-service-test.bigbank.bg
2 apm.bigbank.eu welcome-service-test.bigbank.bg
1 www.google-analytics.com welcome-service-test.bigbank.bg
0 login-service-central-staging.dca.origin.big.local Failed welcome-service-test.bigbank.bg
16 4

This site contains links to these domains. Also see Links.

Domain
www.bigbank.bg
selfservice-bg-digital-channels-staging.dca.origin.big.local
www.instagram.com
Subject Issuer Validity Valid
welcome-service-test.bigbank.bg
R3		 2021-09-07 -
2021-12-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
apm.bigbank.eu
R3		 2021-06-30 -
2021-09-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://welcome-service-test.bigbank.bg/
Frame ID: E44F054135FEE5374402A4D40BDD2B47
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bigbank

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

16
Requests

94 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

3043 kB
Transfer

3051 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
welcome-service-test.bigbank.bg/ 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
35d1de869b72fa1a653c9fdbb69d0cba5ffa9a2d69bb48341fa7d0763085a506
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-0bb536709df41a3479df4b75d1149b75' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-0bb536709df41a3479df4b75d1149b75' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Host
welcome-service-test.bigbank.bg
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Powered-By
Express
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-0bb536709df41a3479df4b75d1149b75' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-0bb536709df41a3479df4b75d1149b75' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-XSS-Protection
0
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
X-Correlation-ID
e7090a12-3067-4361-a42b-3615b5918379
Set-Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; Path=/ 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43; path=/; HttpOnly; Secure
Accept-Ranges
bytes
Cache-Control
public, max-age=0
Last-Modified
Tue, 07 Sep 2021 07:49:47 GMT
ETag
W/"47e-17bbf3c0578"
Content-Type
text/html; charset=UTF-8
Content-Length
1150
Date
Tue, 07 Sep 2021 18:45:00 GMT
Keep-Alive
timeout=5
Cache-control
private
app.7a4be58b.css
welcome-service-test.bigbank.bg/css/ 		4 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/css/app.7a4be58b.css
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
1103faecc1c6b0d0b61fcf89e3d56956186268e4e7f1f7bee54be6cf15f1ec80
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-b60cc9f63830e9c30221eab1b2b0c3e0' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-b60cc9f63830e9c30221eab1b2b0c3e0' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
welcome-service-test.bigbank.bg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://welcome-service-test.bigbank.bg/
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43
Connection
keep-alive
Referer
https://welcome-service-test.bigbank.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
ea844558-ff0b-4cf3-af66-27f9e9a7ca34
X-Content-Type-Options
nosniff
X-Powered-By
Express
Date
Tue, 07 Sep 2021 18:45:00 GMT
Content-Length
4158
X-XSS-Protection
0
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 07:49:47 GMT
ETag
W/"103e-17bbf3c0578"
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-b60cc9f63830e9c30221eab1b2b0c3e0' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-b60cc9f63830e9c30221eab1b2b0c3e0' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Accept-Ranges
bytes
Keep-Alive
timeout=5
chunk-vendors.d1f52ec1.css
welcome-service-test.bigbank.bg/css/ 		202 KB
204 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/css/chunk-vendors.d1f52ec1.css
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
599c0039f75bf71b326bf77ed987b495944d8f44d3a3622979bcc5c0018475a2
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-d4b06b68a7e33cc2ec223c7b1e9328e3' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-d4b06b68a7e33cc2ec223c7b1e9328e3' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
welcome-service-test.bigbank.bg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://welcome-service-test.bigbank.bg/
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43
Connection
keep-alive
Referer
https://welcome-service-test.bigbank.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
63513628-01b9-4118-9b73-77c6f5dfbfcc
X-Content-Type-Options
nosniff
X-Powered-By
Express
Date
Tue, 07 Sep 2021 18:45:00 GMT
Content-Length
207045
X-XSS-Protection
0
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 07:49:47 GMT
ETag
W/"328c5-17bbf3c0578"
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-d4b06b68a7e33cc2ec223c7b1e9328e3' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-d4b06b68a7e33cc2ec223c7b1e9328e3' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Accept-Ranges
bytes
Keep-Alive
timeout=5
app.8184a1fc.js
welcome-service-test.bigbank.bg/js/ 		399 KB
401 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/js/app.8184a1fc.js
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
34a64f955a393cc3df3cb9655e9c435357734b82e3174a03e2f72ce5508d1852
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-efd7fd6033e6c9b686e1d642535d5e29' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-efd7fd6033e6c9b686e1d642535d5e29' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
welcome-service-test.bigbank.bg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://welcome-service-test.bigbank.bg/
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43
Connection
keep-alive
Referer
https://welcome-service-test.bigbank.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
b71a610d-8509-439e-91ee-ed8b96e65acf
X-Content-Type-Options
nosniff
X-Powered-By
Express
Date
Tue, 07 Sep 2021 18:45:00 GMT
Content-Length
408904
X-XSS-Protection
0
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 07:49:47 GMT
ETag
W/"63d48-17bbf3c0578"
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-efd7fd6033e6c9b686e1d642535d5e29' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-efd7fd6033e6c9b686e1d642535d5e29' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Accept-Ranges
bytes
Keep-Alive
timeout=5
chunk-vendors.6903af06.js
welcome-service-test.bigbank.bg/js/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/js/chunk-vendors.6903af06.js
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
264eac49d0c920e6848a9e5651567ae8c906fa18b9b6fbc660d24f891a3b1559
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-733c5b5e079dbd4189e1e1bd015b0021' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-733c5b5e079dbd4189e1e1bd015b0021' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
welcome-service-test.bigbank.bg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://welcome-service-test.bigbank.bg/
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43
Connection
keep-alive
Referer
https://welcome-service-test.bigbank.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
2021a640-17f8-4b49-8be0-4171856c2bd3
X-Content-Type-Options
nosniff
X-Powered-By
Express
Date
Tue, 07 Sep 2021 18:45:00 GMT
Content-Length
2037032
X-XSS-Protection
0
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 07:49:47 GMT
ETag
W/"1f1528-17bbf3c0578"
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-733c5b5e079dbd4189e1e1bd015b0021' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-733c5b5e079dbd4189e1e1bd015b0021' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Accept-Ranges
bytes
Keep-Alive
timeout=5
init
welcome-service-test.bigbank.bg/api/ 		0
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/api/init
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-cf209469e6e2f51f2eda0fcbd6fad0cc' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-cf209469e6e2f51f2eda0fcbd6fad0cc' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
welcome-service-test.bigbank.bg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://welcome-service-test.bigbank.bg/
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43
Connection
keep-alive
Referer
https://welcome-service-test.bigbank.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
4389af9c-aa6a-4d91-abcc-de3dd6877f2c
Referrer-Policy
strict-origin-when-cross-origin
x-powered-by
Express
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-store
date
Tue, 07 Sep 2021 18:45:00 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-cf209469e6e2f51f2eda0fcbd6fad0cc' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-cf209469e6e2f51f2eda0fcbd6fad0cc' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
set-cookie
welcome-service=s%3ARpziWHbQ38MQOEftBcQY6WddYB5btSwF.ycUPBhWDC6eRPHFSsBiRL3RWLmGMAAxwDGgVYdP0l8k; Path=/; HttpOnly; Secure
Content-Length
0
X-XSS-Protection
0
scripts.js
welcome-service-test.bigbank.bg/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/scripts.js
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
3b05326aeb77aa338b1ec587aad0363b0a680c228e587dda9c2cceefc153ca8d
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-34a822973c4000c5cfa4dca656b709a5' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-34a822973c4000c5cfa4dca656b709a5' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
welcome-service-test.bigbank.bg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://welcome-service-test.bigbank.bg/
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43
Connection
keep-alive
Referer
https://welcome-service-test.bigbank.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
141c2e04-e077-4f80-9a3c-09c11e9153bb
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
X-Powered-By
Express
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Date
Tue, 07 Sep 2021 18:45:00 GMT
ETag
W/"4da-oT00V1z440/3nK1pIS9SR2G2IoQ"
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-34a822973c4000c5cfa4dca656b709a5' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-34a822973c4000c5cfa4dca656b709a5' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Keep-Alive
timeout=5
Content-Length
1242
X-XSS-Protection
0
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://welcome-service-test.bigbank.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6780
date
Tue, 07 Sep 2021 16:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 07 Sep 2021 18:52:00 GMT
check
login-service-central-staging.dca.origin.big.local/v2/login/ 		0
0
countries
welcome-service-test.bigbank.bg/api/meta/ 		31 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/api/meta/countries
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/js/chunk-vendors.6903af06.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
75718f227c683e0da9f15d8c01e121bc6caa2007984c1f7aa59a7a4554d0d6cf
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-5bf4840b8ac9b47dcaec65ae1af3be56' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-5bf4840b8ac9b47dcaec65ae1af3be56' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
welcome-service-test.bigbank.bg
traceparent
00-49dfa9d25d326ece4cdd12fa0da4cf15-6b7ebdbaaac2d933-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
content-type
application/json
Accept-Language
en-US
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://welcome-service-test.bigbank.bg/
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43; welcome-service=s%3ARpziWHbQ38MQOEftBcQY6WddYB5btSwF.ycUPBhWDC6eRPHFSsBiRL3RWLmGMAAxwDGgVYdP0l8k; _ga=GA1.2.1924458349.1631040301; _gid=GA1.2.2038898670.1631040301
Connection
keep-alive
Referer
https://welcome-service-test.bigbank.bg/
traceparent
00-49dfa9d25d326ece4cdd12fa0da4cf15-6b7ebdbaaac2d933-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
0916b8f0-2dfe-4d90-bd2b-206ee85002c8
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
x-powered-by
Express
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
content-type
application/json; charset=utf-8
date
Tue, 07 Sep 2021 18:45:01 GMT
etag
W/"7d64-SifS7SD0Fry+wK6t2+3lB/el/JA"
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-5bf4840b8ac9b47dcaec65ae1af3be56' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-5bf4840b8ac9b47dcaec65ae1af3be56' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
set-cookie
welcome-service=s%3ARpziWHbQ38MQOEftBcQY6WddYB5btSwF.ycUPBhWDC6eRPHFSsBiRL3RWLmGMAAxwDGgVYdP0l8k; Path=/; HttpOnly; Secure
content-length
32100
X-XSS-Protection
0
GothamSSm-Bold.4efe66b7.otf
welcome-service-test.bigbank.bg/fonts/ 		125 KB
127 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/fonts/GothamSSm-Bold.4efe66b7.otf
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/css/chunk-vendors.d1f52ec1.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
0e0e1b11f791666161be1df51bf2c338d78de5fae98e9f1c7231dc5f02283cd5
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-f7b7d87379720848eeed8e79ad83ae33' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-f7b7d87379720848eeed8e79ad83ae33' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://welcome-service-test.bigbank.bg
Accept-Encoding
gzip, deflate, br
Host
welcome-service-test.bigbank.bg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://welcome-service-test.bigbank.bg/css/chunk-vendors.d1f52ec1.css
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43; welcome-service=s%3ARpziWHbQ38MQOEftBcQY6WddYB5btSwF.ycUPBhWDC6eRPHFSsBiRL3RWLmGMAAxwDGgVYdP0l8k; _ga=GA1.2.1924458349.1631040301; _gid=GA1.2.2038898670.1631040301
Connection
keep-alive
Origin
https://welcome-service-test.bigbank.bg
Referer
https://welcome-service-test.bigbank.bg/css/chunk-vendors.d1f52ec1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
ecfea129-878d-43fa-9b5d-3a06beb26615
X-Content-Type-Options
nosniff
X-Powered-By
Express
Date
Tue, 07 Sep 2021 18:45:01 GMT
Content-Length
128328
X-XSS-Protection
0
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 07:49:47 GMT
ETag
W/"1f548-17bbf3c0578"
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
Content-Type
font/otf
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-f7b7d87379720848eeed8e79ad83ae33' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-f7b7d87379720848eeed8e79ad83ae33' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Accept-Ranges
bytes
Keep-Alive
timeout=5
GothamSSm-Medium.f2afb4c3.otf
welcome-service-test.bigbank.bg/fonts/ 		126 KB
127 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/fonts/GothamSSm-Medium.f2afb4c3.otf
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/css/chunk-vendors.d1f52ec1.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
5613e4050d5f74507cedccde396912626e9bb945a5a95efc3ccd2e30b876c706
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-9e0de8270a8ea26f8f91c17d578c50f1' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-9e0de8270a8ea26f8f91c17d578c50f1' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://welcome-service-test.bigbank.bg
Accept-Encoding
gzip, deflate, br
Host
welcome-service-test.bigbank.bg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://welcome-service-test.bigbank.bg/css/chunk-vendors.d1f52ec1.css
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43; welcome-service=s%3ARpziWHbQ38MQOEftBcQY6WddYB5btSwF.ycUPBhWDC6eRPHFSsBiRL3RWLmGMAAxwDGgVYdP0l8k; _ga=GA1.2.1924458349.1631040301; _gid=GA1.2.2038898670.1631040301
Connection
keep-alive
Origin
https://welcome-service-test.bigbank.bg
Referer
https://welcome-service-test.bigbank.bg/css/chunk-vendors.d1f52ec1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
33a0b794-3958-4f8c-b7a8-fa3d5670293b
X-Content-Type-Options
nosniff
X-Powered-By
Express
Date
Tue, 07 Sep 2021 18:45:01 GMT
Content-Length
128516
X-XSS-Protection
0
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 07:49:47 GMT
ETag
W/"1f604-17bbf3c0578"
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
Content-Type
font/otf
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-9e0de8270a8ea26f8f91c17d578c50f1' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-9e0de8270a8ea26f8f91c17d578c50f1' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Accept-Ranges
bytes
Keep-Alive
timeout=5
GothamSSm-Book.5fd222f7.otf
welcome-service-test.bigbank.bg/fonts/ 		124 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/fonts/GothamSSm-Book.5fd222f7.otf
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/css/chunk-vendors.d1f52ec1.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
97bd09001c0dc97c7f47c4bd7a2ed2ef2efe3d6264fae21e3622bdf49228acb2
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-f7b94591cc811db8af34693e67ad9f72' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-f7b94591cc811db8af34693e67ad9f72' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://welcome-service-test.bigbank.bg
Accept-Encoding
gzip, deflate, br
Host
welcome-service-test.bigbank.bg
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://welcome-service-test.bigbank.bg/css/chunk-vendors.d1f52ec1.css
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43; welcome-service=s%3ARpziWHbQ38MQOEftBcQY6WddYB5btSwF.ycUPBhWDC6eRPHFSsBiRL3RWLmGMAAxwDGgVYdP0l8k; _ga=GA1.2.1924458349.1631040301; _gid=GA1.2.2038898670.1631040301
Connection
keep-alive
Origin
https://welcome-service-test.bigbank.bg
Referer
https://welcome-service-test.bigbank.bg/css/chunk-vendors.d1f52ec1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
333641a0-6975-42d5-bc27-cfb8da0f2d23
X-Content-Type-Options
nosniff
X-Powered-By
Express
Date
Tue, 07 Sep 2021 18:45:01 GMT
Content-Length
126564
X-XSS-Protection
0
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 07:49:47 GMT
ETag
W/"1ee64-17bbf3c0578"
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
Content-Type
font/otf
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-f7b94591cc811db8af34693e67ad9f72' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-f7b94591cc811db8af34693e67ad9f72' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Accept-Ranges
bytes
Keep-Alive
timeout=5
status
welcome-service-test.bigbank.bg/api/ 		100 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://welcome-service-test.bigbank.bg/api/status
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/js/chunk-vendors.6903af06.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.160.30 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
/ Express
Resource Hash
6a872517370fc48843ca7fa657805bbb04fa885fc5003cb6bd07aa15701a6c2c
Security Headers
Name Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-810b5bc1e87a60f2e61a9039ef737e39' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-810b5bc1e87a60f2e61a9039ef737e39' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Origin
https://welcome-service-test.bigbank.bg
Accept-Encoding
gzip, deflate, br
traceparent
00-49dfa9d25d326ece4cdd12fa0da4cf15-1e6149422df1144d-01
Accept-Language
en-US
Sec-Fetch-Dest
empty
Cookie
resourceCheck=0bb536709df41a3479df4b75d1149b75; 5a12295b0e43990bd680722287a0a94b=51bcdac9894db6633a3eafb05addcb43; welcome-service=s%3ARpziWHbQ38MQOEftBcQY6WddYB5btSwF.ycUPBhWDC6eRPHFSsBiRL3RWLmGMAAxwDGgVYdP0l8k; _ga=GA1.2.1924458349.1631040301; _gid=GA1.2.2038898670.1631040301
Connection
keep-alive
Content-Length
22
Pragma
no-cache
Host
welcome-service-test.bigbank.bg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://welcome-service-test.bigbank.bg/
Sec-Fetch-Site
same-origin
Referer
https://welcome-service-test.bigbank.bg/
traceparent
00-49dfa9d25d326ece4cdd12fa0da4cf15-1e6149422df1144d-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Correlation-ID
98be9a69-8784-46b9-a13d-a1d3f22b1ca1
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
x-powered-by
Express
Expect-CT
max-age=30, enforce, report-uri="https://bigbank.uriports.com/reports/report"
X-Frame-Options
SAMEORIGIN
content-type
application/json; charset=utf-8
date
Tue, 07 Sep 2021 18:45:01 GMT
etag
W/"64-TihAe7ofxCZYUsUStL9mS+Yccrs"
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-810b5bc1e87a60f2e61a9039ef737e39' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-810b5bc1e87a60f2e61a9039ef737e39' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
set-cookie
welcome-service=s%3ARpziWHbQ38MQOEftBcQY6WddYB5btSwF.ycUPBhWDC6eRPHFSsBiRL3RWLmGMAAxwDGgVYdP0l8k; Path=/; HttpOnly; Secure
content-length
100
X-XSS-Protection
0
events
apm.bigbank.eu/intake/v2/rum/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apm.bigbank.eu/intake/v2/rum/events
Requested by
Host: welcome-service-test.bigbank.bg
URL: https://welcome-service-test.bigbank.bg/js/chunk-vendors.6903af06.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.235.160.8 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Content-Encoding
gzip
Referer
https://welcome-service-test.bigbank.bg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-ndjson

Response headers

Access-Control-Allow-Origin
https://welcome-service-test.bigbank.bg
Date
Tue, 07 Sep 2021 18:45:01 GMT
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
Content-Length
0
events
apm.bigbank.eu/intake/v2/rum/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apm.bigbank.eu/intake/v2/rum/events
Protocol
HTTP/1.1
Server
185.235.160.8 , Estonia, ASN204411 (BIGBANK, EE),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-encoding,content-type
Origin
https://welcome-service-test.bigbank.bg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 07 Sep 2021 18:45:01 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Content-Encoding, Accept
Access-Control-Allow-Methods
POST, OPTIONS
Access-Control-Allow-Origin
https://welcome-service-test.bigbank.bg
Access-Control-Expose-Headers
Etag
Access-Control-Max-Age
3600
Vary
Origin
X-Content-Type-Options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login-service-central-staging.dca.origin.big.local
URL
https://login-service-central-staging.dca.origin.big.local/v2/login/check

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| APM_CONFIG string| GOOGLE_ANALYTICS_ID function| ga object| FEATURES string| LANG object| LANGS string| CHANNEL string| LOGIN_SERVICE_URL object| CHANNEL_CONFIG object| google_tag_data object| gaplugins object| webpackJsonp object| core function| _ object| elasticApm function| Vue object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.bigbank.bg/ Name: _gid
Value: GA1.2.2038898670.1631040301
.bigbank.bg/ Name: _ga
Value: GA1.2.1924458349.1631040301
welcome-service-test.bigbank.bg/ Name: 5a12295b0e43990bd680722287a0a94b
Value: 51bcdac9894db6633a3eafb05addcb43
welcome-service-test.bigbank.bg/ Name: welcome-service
Value: s%3ARpziWHbQ38MQOEftBcQY6WddYB5btSwF.ycUPBhWDC6eRPHFSsBiRL3RWLmGMAAxwDGgVYdP0l8k
welcome-service-test.bigbank.bg/ Name: resourceCheck
Value: 0bb536709df41a3479df4b75d1149b75

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';style-src 'self' 'unsafe-inline' *.google.com;script-src 'self' *.bigbank.eu www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.hotjar.com *.google.com 'nonce-0bb536709df41a3479df4b75d1149b75' 'report-sample';script-src-elem 'self' www.google-analytics.com *.google-analytics.com script.hotjar.com *.hotjar.com 'nonce-0bb536709df41a3479df4b75d1149b75' 'report-sample';img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.hotjar.com *.google.com;connect-src 'self' *.hotjar.com:* wss://*.hotjar.com:* *.hotjar.io *.google-analytics.com *.bigbank.eu *.bigbank.fi *.bigbank.nl *.bigbank.de *.bigbank.at *.bigbank.ee *.bigbank.se *.bigbank.lt *.bigbank.lv *.bigbank.bg *.dca.origin.big.local;worker-src 'self' *.hotjar.com *.google.com;frame-src 'self' *.hotjar.com *.google.com;object-src 'self' *.bigbank.eu *.hotjar.com;font-src 'self' data: *.hotjar.com;report-uri https://bigbank.uriports.com/reports/report;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0