sso.holmbank.lv Open in urlscan Pro
18.153.84.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://klients.holmbank.lv/
Effective URL:
https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id...
Submission: On July 23 via automatic, source certstream-suspicious (July 23rd 2024, 7:55:52 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 1 domains to perform 12 HTTP transactions. The main IP is 18.153.84.218, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is sso.holmbank.lv.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on March 5th 2024. Valid for: 5 months.

This is the only time sso.holmbank.lv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	195.50.195.130 195.50.195.130	3249 (ESTPAK) (ESTPAK)
1 13	18.153.84.218 18.153.84.218	16509 (AMAZON-02) (AMAZON-02)
12	1

3 195.50.195.130 (Tallinn, Estonia) 3 redirects

ASN3249 (ESTPAK, EE)
PTR: krape.ml.ee

klients.holmbank.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.153.84.218 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

sso.holmbank.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	holmbank.lv 4 redirects klients.holmbank.lv sso.holmbank.lv	441 KB
12	1

	Domain	Requested by
13	sso.holmbank.lv	1 redirects sso.holmbank.lv
3	klients.holmbank.lv	3 redirects
12	2

This site contains no links.

Subject Issuer	Validity	Valid
holmbank.ee Sectigo RSA Organization Validation Secure Server CA	`2024-03-05` - `2024-08-09`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
Frame ID: ACC0AA29B163D86AFFC3ABADD7AE5207
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Holmbank LV autentifikācijas pakalpojums - Droša autentifikācija e-pakalpojumiem

Page URL History Show full URLs

https://klients.holmbank.lv/ HTTP 301
https://klients.holmbank.lv/client HTTP 302
https://klients.holmbank.lv/client/login/?next=/client HTTP 302
https://sso.holmbank.lv/cas/oidc/authorize?response_type=code&client_id=twist&redirect_uri=https%3A%... HTTP 302
https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackA... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

2
Countries

438 kB
Transfer

486 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://klients.holmbank.lv/ HTTP 301
https://klients.holmbank.lv/client HTTP 302
https://klients.holmbank.lv/client/login/?next=/client HTTP 302
https://sso.holmbank.lv/cas/oidc/authorize?response_type=code&client_id=twist&redirect_uri=https%3A%2F%2Fklients.holmbank.lv%2Fclient&state=y6HrzzSVmGg48VvEu95pUtInlYfXtf&locale=lv HTTP 302
https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request login Show response
sso.holmbank.lv/cas/
Redirect Chain

https://klients.holmbank.lv/
https://klients.holmbank.lv/client
https://klients.holmbank.lv/client/login/?next=/client
https://sso.holmbank.lv/cas/oidc/authorize?response_type=code&client_id=twist&redirect_uri=https%3A%2F%2Fklients.holmbank.lv%2Fclient&state=y6HrzzSVmGg48VvEu95pUtInlYfXtf&locale=lv
https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%...

7 KB
3 KB

64ms
63ms

Document
text/html

18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

6030de4d0f93556802e10a30860c45b92e9dcbcb8ccb2e307dda06871d9296f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Language: lv
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
Content-Type: text/html;charset=UTF-8
Date: Tue, 23 Jul 2024 07:55:46 GMT
Expires: 0
Keep-Alive: timeout=5, max=99
P3P: CP="This is not a P3P policy!"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
Date: Tue, 23 Jul 2024 07:55:46 GMT
Expires: 0
Keep-Alive: timeout=5, max=100
Location: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
P3P: CP="This is not a P3P policy!"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 cas.css
sso.holmbank.lv/cas/css/ 9 KB
10 KB 27ms
24ms Stylesheet
text/css 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/css/cas.css

Requested by

Host: sso.holmbank.lv
URL: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

a343dfc3ddf6af0409aeb69853b9af201f653cc9c75e43345fc2ce04f8de9c79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
Content-Length: 9442
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: text/css;charset=UTF-8
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200 jquery.js Show response
sso.holmbank.lv/cas/js/ 86 KB
32 KB 66ms
50ms Script
application/javascript 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/js/jquery.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Type: application/javascript;charset=UTF-8
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200 market-lv.js Show response
sso.holmbank.lv/cas/js/ 22 B
1 KB 67ms
50ms Script
application/javascript 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/js/market-lv.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

eebfe99e137305c55d3c2b8b000803ca0c64e3bd968133adba7c40ae22b24b7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
Content-Length: 22
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/javascript;charset=UTF-8
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200 main.js Show response
sso.holmbank.lv/cas/js/ 4 KB
3 KB 51ms
31ms Script
application/javascript 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/js/main.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4247331e8ff011a8602eb290396ecd9bd817a465ef255d4467a61b51c2c0a137

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Type: application/javascript;charset=UTF-8
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200 smart-id.js Show response
sso.holmbank.lv/cas/js/ 1 KB
2 KB 84ms
55ms Script
application/javascript 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/js/smart-id.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

7cf395647adf95797da8412cccd81eaadec863d92c0c43f8aa5ad65554be2aad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
Content-Length: 1160
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/javascript;charset=UTF-8
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200 eparaksts-eid-card-start.js Show response
sso.holmbank.lv/cas/js/ 1 KB
2 KB 80ms
52ms Script
application/javascript 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/js/eparaksts-eid-card-start.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

9e71c2c0ecb183d77132413faebc16f6191261d8a5661bb8eda2e8a701fd8240

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
Content-Length: 1042
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/javascript;charset=UTF-8
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200 eparaksts-mobile-start.js Show response
sso.holmbank.lv/cas/js/ 954 B
2 KB 91ms
63ms Script
application/javascript 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/js/eparaksts-mobile-start.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

3744d85fd15868ea0853e503a346257642573ee6b4cebeefaae3642669506ad2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
Content-Length: 954
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/javascript;charset=UTF-8
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200 loginform.js Show response
sso.holmbank.lv/cas/js/ 159 B
1 KB 35ms
35ms Script
application/javascript 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/js/loginform.js?v=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

751afaab5e74b6515fe5f188090feb2cd16325f58bb24a5ddb6f73f6e5fce141

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
Content-Length: 159
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/javascript;charset=UTF-8
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200 NotoSans-Bold.woff
sso.holmbank.lv/cas/fonts/ 172 KB
173 KB 26ms
26ms Font
application/font-woff 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/fonts/NotoSans-Bold.woff

Requested by

Host: sso.holmbank.lv
URL: https://sso.holmbank.lv/cas/css/cas.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1dc3a6298219c37ae5c50144af2cc88f5a56f966327388b7a067ed58d91ca806

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/css/cas.css
Origin: https://sso.holmbank.lv
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
Content-Length: 175828
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/font-woff;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: 0

GET
H/1.1 200 NotoSans-Regular.woff
sso.holmbank.lv/cas/fonts/ 173 KB
175 KB 35ms
34ms Font
application/font-woff 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/fonts/NotoSans-Regular.woff

Requested by

Host: sso.holmbank.lv
URL: https://sso.holmbank.lv/cas/css/cas.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

bd3c4f90a93c6fe474fcff25cce4a6c385479ba27e2bf5246eccf98fac44ec18

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/css/cas.css
Origin: https://sso.holmbank.lv
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
Content-Length: 177660
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/font-woff;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: 0

GET
H/1.1 200 favicon.ico
sso.holmbank.lv/cas/ 32 KB
33 KB 22ms
22ms Other
image/x-icon 18.153.84.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.holmbank.lv/cas/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.153.84.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-84-218.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e9e1fc55517414cce9a57ec96c56853450269aaea2256fe0593fd34850feff36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.holmbank.lv/cas/login?service=https%3A%2F%2Fsso.holmbank.lv%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_id%3Dtwist%26redirect_uri%3Dhttps%253A%252F%252Fklients.holmbank.lv%252Fclient%26response_type%3Dcode%26client_name%3DCasOAuthClient
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 07:55:46 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://*.holmbank.lv https://*.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; connect-src 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-ancestors 'self' https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://*.holmbank.ee https://*.holmbank.lv https://*.bestlizing.lv;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="This is not a P3P policy!"
Connection: Keep-Alive
Content-Length: 32655
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 09 May 2024 08:40:16 GMT
Server: Apache
X-Download-Options: noopen
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: image/x-icon;charset=UTF-8
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sso.holmbank.lv/cas/	1969-12-31 23:59:59	Name: SESSION Value: MTcxZTU1NDYtMjQ4Ny00ZjMxLWFiNDYtZTYyYTVlMzM2M2Zk
klients.holmbank.lv/	1969-12-31 23:59:59	Name: link-session-id Value: flpuo6ojckyu7nr3esi5qk9mik9kkibh
.sso.holmbank.lv/	1969-12-31 23:59:59	Name: pac4jCsrfToken Value: 484842f9-0be0-4928-947a-b21468328bf9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com; base-uri 'self'; form-action 'self' https://.holmbank.lv https://.bestlizing.lv; style-src 'unsafe-inline' 'self'; img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; connect-src 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-ancestors 'self' https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv; frame-src 'self' https://www.googletagmanager.com https://.holmbank.ee https://.holmbank.lv https://.bestlizing.lv;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

klients.holmbank.lv
sso.holmbank.lv
18.153.84.218
195.50.195.130
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1dc3a6298219c37ae5c50144af2cc88f5a56f966327388b7a067ed58d91ca806
3744d85fd15868ea0853e503a346257642573ee6b4cebeefaae3642669506ad2
4247331e8ff011a8602eb290396ecd9bd817a465ef255d4467a61b51c2c0a137
6030de4d0f93556802e10a30860c45b92e9dcbcb8ccb2e307dda06871d9296f7
751afaab5e74b6515fe5f188090feb2cd16325f58bb24a5ddb6f73f6e5fce141
7cf395647adf95797da8412cccd81eaadec863d92c0c43f8aa5ad65554be2aad
9e71c2c0ecb183d77132413faebc16f6191261d8a5661bb8eda2e8a701fd8240
a343dfc3ddf6af0409aeb69853b9af201f653cc9c75e43345fc2ce04f8de9c79
bd3c4f90a93c6fe474fcff25cce4a6c385479ba27e2bf5246eccf98fac44ec18
e9e1fc55517414cce9a57ec96c56853450269aaea2256fe0593fd34850feff36
eebfe99e137305c55d3c2b8b000803ca0c64e3bd968133adba7c40ae22b24b7f

sso.holmbank.lv Open in urlscan Pro 18.153.84.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

2 Countries

438 kBTransfer

486 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

sso.holmbank.lv Open in urlscan Pro
18.153.84.218 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

2
Countries

438 kB
Transfer

486 kB
Size

3
Cookies

12 HTTP transactions
0 data transactions