partner-test.bigbank.ee Open in urlscan Pro
2606:4700::6812:186f  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response partner-test.bigbank.ee/	1 KB 2 KB	201ms 170ms	Document text/html	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partner-test.bigbank.ee/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b179af812e2d0951fbd494fdf5377a5a6fb5676964b8dd89c7f9f291f472c60e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority partner-test.bigbank.ee :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 08:52:40 GMT content-type text/html last-modified Wed, 11 Aug 2021 10:18:33 GMT strict-transport-security max-age=31536000; includeSubdomains x-xss-protection 1; mode=block x-frame-options SAMEORIGIN x-content-type-options nosniff referrer-policy no-referrer-when-downgrade content-security-policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; set-cookie be70f9bd09d566e8b05905ee932a42c2=1042c1f181e3203a5dad63baa30f4ae2; path=/; HttpOnly; Secure cache-control private cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 685410a9bac1dfbb-FRA content-encoding gzip
GET H2	200	app.6a5bd9d4.css partner-test.bigbank.ee/css/	928 B 478 B	161ms 160ms	Stylesheet text/css	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partner-test.bigbank.ee/css/app.6a5bd9d4.css Requested by Host: partner-test.bigbank.ee URL: https://partner-test.bigbank.ee/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35b8b81d9b288a448f35d80adbbbc6e80e3eda6e75645d0e1f74c5375a8f9b7e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /css/app.6a5bd9d4.css pragma no-cache cookie be70f9bd09d566e8b05905ee932a42c2=1042c1f181e3203a5dad63baa30f4ae2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority partner-test.bigbank.ee referer https://partner-test.bigbank.ee/ :scheme https sec-fetch-site same-origin :method GET Referer https://partner-test.bigbank.ee/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 08:52:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS vary Accept-Encoding content-length 326 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Wed, 11 Aug 2021 10:18:33 GMT server cloudflare x-frame-options SAMEORIGIN etag "6113a3f9-146" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubdomains content-type text/css cache-control public, max-age=14400 content-security-policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; accept-ranges bytes cf-ray 685410aacc17dfbb-FRA expires Fri, 27 Aug 2021 12:52:40 GMT
GET H2	200	chunk-vendors.c615e76e.css partner-test.bigbank.ee/css/	246 KB 31 KB	246ms 245ms	Stylesheet text/css	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partner-test.bigbank.ee/css/chunk-vendors.c615e76e.css Requested by Host: partner-test.bigbank.ee URL: https://partner-test.bigbank.ee/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20f5dd8b5d0c5deb4205821d5f23faa6c8861cb0b06d1c54a3b9f713b4cfd7a0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /css/chunk-vendors.c615e76e.css pragma no-cache cookie be70f9bd09d566e8b05905ee932a42c2=1042c1f181e3203a5dad63baa30f4ae2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority partner-test.bigbank.ee referer https://partner-test.bigbank.ee/ :scheme https sec-fetch-site same-origin :method GET Referer https://partner-test.bigbank.ee/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 08:52:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS vary Accept-Encoding content-length 31300 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Wed, 11 Aug 2021 10:18:33 GMT server cloudflare x-frame-options SAMEORIGIN etag "6113a3f9-7a44" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubdomains content-type text/css cache-control public, max-age=14400 content-security-policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; accept-ranges bytes cf-ray 685410aacc1adfbb-FRA expires Fri, 27 Aug 2021 12:52:40 GMT
GET H2	200	app.4c7d17c5.js Show response partner-test.bigbank.ee/js/	160 KB 43 KB	231ms 231ms	Script application/javascript	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partner-test.bigbank.ee/js/app.4c7d17c5.js Requested by Host: partner-test.bigbank.ee URL: https://partner-test.bigbank.ee/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 287b52020fb5177a56a06fd3cab02fb5a7b12b263dc26653b2ef647a632ce488 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors origin https://partner-test.bigbank.ee accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest script cookie be70f9bd09d566e8b05905ee932a42c2=1042c1f181e3203a5dad63baa30f4ae2 :path /js/app.4c7d17c5.js pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept */* cache-control no-cache :authority partner-test.bigbank.ee referer https://partner-test.bigbank.ee/ :scheme https sec-fetch-site same-origin :method GET Origin https://partner-test.bigbank.ee Referer https://partner-test.bigbank.ee/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 08:52:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS vary Accept-Encoding content-length 44000 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Wed, 11 Aug 2021 10:18:33 GMT server cloudflare x-frame-options SAMEORIGIN etag "6113a3f9-abe0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubdomains content-type application/javascript cache-control public, max-age=14400 content-security-policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; accept-ranges bytes cf-ray 685410aacc1cdfbb-FRA expires Fri, 27 Aug 2021 12:52:40 GMT
GET H2	200	chunk-vendors.af78ae74.js Show response partner-test.bigbank.ee/js/	3 MB 665 KB	281ms 280ms	Script application/javascript	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partner-test.bigbank.ee/js/chunk-vendors.af78ae74.js Requested by Host: partner-test.bigbank.ee URL: https://partner-test.bigbank.ee/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b2e5721f30d6e9a40c97b91521de1f394823cd7f1e3e911da25110b8117bf8e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors origin https://partner-test.bigbank.ee accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest script cookie be70f9bd09d566e8b05905ee932a42c2=1042c1f181e3203a5dad63baa30f4ae2 :path /js/chunk-vendors.af78ae74.js pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept */* cache-control no-cache :authority partner-test.bigbank.ee referer https://partner-test.bigbank.ee/ :scheme https sec-fetch-site same-origin :method GET Origin https://partner-test.bigbank.ee Referer https://partner-test.bigbank.ee/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 08:52:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS vary Accept-Encoding content-length 679667 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Wed, 11 Aug 2021 10:18:33 GMT server cloudflare x-frame-options SAMEORIGIN etag "6113a3f9-a5ef3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubdomains content-type application/javascript cache-control public, max-age=14400 content-security-policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; accept-ranges bytes cf-ray 685410aacc1edfbb-FRA expires Fri, 27 Aug 2021 12:52:40 GMT
GET H2	200	env Show response partner-test.bigbank.ee/	435 B 309 B	48ms 47ms	XHR application/json	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partner-test.bigbank.ee/env Requested by Host: partner-test.bigbank.ee URL: https://partner-test.bigbank.ee/js/chunk-vendors.af78ae74.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e8c014eae0ea6808fa7f956b81dfe24e9478fab4e24fd4babe4ef274766b070 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /env pragma no-cache cookie be70f9bd09d566e8b05905ee932a42c2=1042c1f181e3203a5dad63baa30f4ae2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept application/json, text/plain, */* cache-control no-cache sec-fetch-dest empty :authority partner-test.bigbank.ee referer https://partner-test.bigbank.ee/ :scheme https sec-fetch-site same-origin :method GET Accept application/json, text/plain, */* Referer https://partner-test.bigbank.ee/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 08:52:41 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/json x-content-type-options nosniff content-security-policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; strict-transport-security max-age=31536000; includeSubdomains cf-ray 685410ae58e3dfbb-FRA x-xss-protection 1; mode=block
GET H2	200	env Show response partner-test.bigbank.ee/	435 B 297 B	169ms 169ms	XHR application/json	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partner-test.bigbank.ee/env Requested by Host: partner-test.bigbank.ee URL: https://partner-test.bigbank.ee/js/chunk-vendors.af78ae74.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e8c014eae0ea6808fa7f956b81dfe24e9478fab4e24fd4babe4ef274766b070 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /env pragma no-cache cookie be70f9bd09d566e8b05905ee932a42c2=1042c1f181e3203a5dad63baa30f4ae2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept application/json, text/plain, */* cache-control no-cache sec-fetch-dest empty :authority partner-test.bigbank.ee referer https://partner-test.bigbank.ee/ :scheme https sec-fetch-site same-origin :method GET Accept application/json, text/plain, */* Referer https://partner-test.bigbank.ee/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 08:52:41 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/json x-content-type-options nosniff content-security-policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content; strict-transport-security max-age=31536000; includeSubdomains cf-ray 685410aea93edfbb-FRA x-xss-protection 1; mode=block

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackJsonp object| core object| elasticApm

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			partner-test.bigbank.ee/	1969-12-31 23:59:59	Name: be70f9bd09d566e8b05905ee932a42c2 Value: 1042c1f181e3203a5dad63baa30f4ae2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://insights.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.google-analytics.com; font-src 'self' http://static.hotjar.com https://static.hotjar.com; connect-src 'self' ws: wss: http://*.hotjar.com:* https://apm.bigbank.eu:* https://*.hotjar.com:* wss://*.hotjar.com; frame-src 'self' 'unsafe-inline' https://vars.hotjar.com; frame-ancestors 'none'; form-action 'none'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

partner-test.bigbank.ee
2606:4700::6812:186f
20f5dd8b5d0c5deb4205821d5f23faa6c8861cb0b06d1c54a3b9f713b4cfd7a0
287b52020fb5177a56a06fd3cab02fb5a7b12b263dc26653b2ef647a632ce488
2b2e5721f30d6e9a40c97b91521de1f394823cd7f1e3e911da25110b8117bf8e
35b8b81d9b288a448f35d80adbbbc6e80e3eda6e75645d0e1f74c5375a8f9b7e
5e8c014eae0ea6808fa7f956b81dfe24e9478fab4e24fd4babe4ef274766b070
b179af812e2d0951fbd494fdf5377a5a6fb5676964b8dd89c7f9f291f472c60e