Submitted URL: http://partner-test.bigbank.ee/
Effective URL: https://partner-test.bigbank.ee/
Submission: On May 21 via manual from US — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6812:186f, located in United States and belongs to CLOUDFLARENET, US. The main domain is partner-test.bigbank.ee.
TLS certificate: Issued by E1 on May 19th 2024. Valid for: 3 months.
This is the only time partner-test.bigbank.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:678:6a0:... 207647 (INTENTION-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
14 3
Apex Domain
Subdomains
Transfer
11 bigbank.ee
partner-test.bigbank.ee
994 KB
2 bigbank.eu
apm.bigbank.eu
37 B
1 uriports.com
bigbank.uriports.com
508 B
14 3
Domain Requested by
11 partner-test.bigbank.ee partner-test.bigbank.ee
2 apm.bigbank.eu partner-test.bigbank.ee
1 bigbank.uriports.com partner-test.bigbank.ee
14 3

This site contains no links.

Subject Issuer Validity Valid
bigbank.ee
E1
2024-05-19 -
2024-08-17
3 months crt.sh
*.uriports.com
R3
2024-04-18 -
2024-07-17
3 months crt.sh
bigbank.eu
GTS CA 1P5
2024-05-19 -
2024-08-17
3 months crt.sh

This page contains 1 frames:

Primary Page: https://partner-test.bigbank.ee/
Frame ID: 586258EC5671C2CFE1E04C083E0F9328
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

Partnersüsteem

Page URL History Show full URLs

  1. http://partner-test.bigbank.ee/ HTTP 307
    https://partner-test.bigbank.ee/ Page URL

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

994 kB
Transfer

3770 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://partner-test.bigbank.ee/ HTTP 307
    https://partner-test.bigbank.ee/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
partner-test.bigbank.ee/
Redirect Chain
  • http://partner-test.bigbank.ee/
  • https://partner-test.bigbank.ee/
901 B
2 KB
Document
General
Full URL
https://partner-test.bigbank.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d4d93fb8def1336937d143ae1332f9b28b1f141311517cef3fc39705bdd8680c
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0 private
cf-cache-status
DYNAMIC
cf-ray
88752337c9c69f2d-FRA
content-encoding
gzip
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 21 May 2024 14:08:16 GMT
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
last-modified
Mon, 13 May 2024 13:23:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Express
x-xss-protection
1; mode=block

Redirect headers

Location
https://partner-test.bigbank.ee/
Non-Authoritative-Reason
HttpsUpgrades
configuration.js
partner-test.bigbank.ee/
735 B
546 B
Script
General
Full URL
https://partner-test.bigbank.ee/configuration.js
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6833062ee1c16e084a1934a9cbcf91ad09e7db5317b20e2ada04fcfe7a9e83f6
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://partner-test.bigbank.ee/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:08:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status
HIT
age
27
x-powered-by
Express
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2df-N5IY6W6BYcuDE8yi1zInPB+U3t4"
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
887523392bd69f2d-FRA
expires
Tue, 21 May 2024 18:08:16 GMT
chunk-vendors.abe521e2.js
partner-test.bigbank.ee/js/
2 MB
492 KB
Script
General
Full URL
https://partner-test.bigbank.ee/js/chunk-vendors.abe521e2.js
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0dbd835139b57f04f613873c5790a10b96ee5ac16a9cf765ea7f0a0764b65f59
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://partner-test.bigbank.ee/
Origin
https://partner-test.bigbank.ee
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:08:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:23:54 GMT
server
cloudflare
etag
W/"20e6bf-18f721fbe10"
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
887523392bd79f2d-FRA
expires
Tue, 21 May 2024 18:08:16 GMT
app.6f1a2f71.js
partner-test.bigbank.ee/js/
1010 KB
266 KB
Script
General
Full URL
https://partner-test.bigbank.ee/js/app.6f1a2f71.js
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bcbe8d299b1b321468e14e633ebd42359a0f36659f929a2ae2f858ced1186c5b
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://partner-test.bigbank.ee/
Origin
https://partner-test.bigbank.ee
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:08:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:23:54 GMT
server
cloudflare
etag
W/"fc912-18f721fbe10"
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
887523392bd89f2d-FRA
expires
Tue, 21 May 2024 18:08:16 GMT
chunk-vendors.942ad2e6.css
partner-test.bigbank.ee/css/
260 KB
32 KB
Stylesheet
General
Full URL
https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
899fd83d955eb72ee30fac8ca4b43a1a12157931ffb7530a139de06e291ea5a8
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://partner-test.bigbank.ee/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:08:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:22:50 GMT
server
cloudflare
etag
W/"40fa7-18f721ec410"
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
887523392bd49f2d-FRA
expires
Tue, 21 May 2024 18:08:16 GMT
app.38c7237a.css
partner-test.bigbank.ee/css/
1 KB
720 B
Stylesheet
General
Full URL
https://partner-test.bigbank.ee/css/app.38c7237a.css
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
187750a9e77dc29ee1c6c954407d906ad2c1aa9ccd9525e399b3d5e9bf982b67
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://partner-test.bigbank.ee/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:08:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:22:50 GMT
server
cloudflare
etag
W/"5e6-18f721ec410"
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
887523392bda9f2d-FRA
expires
Tue, 21 May 2024 18:08:16 GMT
report
bigbank.uriports.com/reports/
0
508 B
Other
General
Full URL
https://bigbank.uriports.com/reports/report
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/js/chunk-vendors.abe521e2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:678:6a0::3:101 , Netherlands, ASN207647 (INTENTION-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://partner-test.bigbank.ee/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 21 May 2024 14:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://leemankuiper.uriports.com/reports"}],"include_subdomains":true}
permissions-policy
microphone=();report-to=default, camera=();report-to=default, fullscreen=(self);report-to=default, payment=(self);report-to=default
cross-origin-resource-policy
cross-origin
x-xss-protection
0
reporting-endpoints
default="https://leemankuiper.uriports.com/reports"
GothamSSm-Bold.cf9afa89.otf
partner-test.bigbank.ee/fonts/
125 KB
65 KB
Font
General
Full URL
https://partner-test.bigbank.ee/fonts/GothamSSm-Bold.cf9afa89.otf
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0e0e1b11f791666161be1df51bf2c338d78de5fae98e9f1c7231dc5f02283cd5
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Origin
https://partner-test.bigbank.ee
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:22:50 GMT
server
cloudflare
etag
W/"1f548-18f721ec410"
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary
Accept-Encoding
content-type
font/otf
cache-control
public, max-age=14400
cf-ray
887523447f699f2d-FRA
expires
Tue, 21 May 2024 18:08:18 GMT
GothamSSm-Medium.0e4c770a.otf
partner-test.bigbank.ee/fonts/
126 KB
65 KB
Font
General
Full URL
https://partner-test.bigbank.ee/fonts/GothamSSm-Medium.0e4c770a.otf
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5613e4050d5f74507cedccde396912626e9bb945a5a95efc3ccd2e30b876c706
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Origin
https://partner-test.bigbank.ee
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:22:50 GMT
server
cloudflare
etag
W/"1f604-18f721ec410"
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary
Accept-Encoding
content-type
font/otf
cache-control
public, max-age=14400
cf-ray
887523447f6f9f2d-FRA
expires
Tue, 21 May 2024 18:08:18 GMT
GothamSSm-Book.08303005.otf
partner-test.bigbank.ee/fonts/
124 KB
64 KB
Font
General
Full URL
https://partner-test.bigbank.ee/fonts/GothamSSm-Book.08303005.otf
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
97bd09001c0dc97c7f47c4bd7a2ed2ef2efe3d6264fae21e3622bdf49228acb2
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Origin
https://partner-test.bigbank.ee
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:22:50 GMT
server
cloudflare
etag
W/"1ee64-18f721ec410"
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary
Accept-Encoding
content-type
font/otf
cache-control
public, max-age=14400
cf-ray
887523447f719f2d-FRA
expires
Tue, 21 May 2024 18:08:18 GMT
build
partner-test.bigbank.ee/
10 B
215 B
XHR
General
Full URL
https://partner-test.bigbank.ee/build
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/js/chunk-vendors.abe521e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7d4b751e81fa192f762995dc8dcf1172d62885f77a771dae84a3dad13492de25
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-a2e3944d9dd3296158d9ba1acf47b005-f8556e8fe606dbf3-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-Request-Start
1716300498562
Referer
https://partner-test.bigbank.ee/log-in
buildVersion
master-706
X-BB-Organization
EEBIG
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status
DYNAMIC
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
content-encoding
gzip
x-powered-by
Express
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cf-ray
887523442ee79f2d-FRA
x-xss-protection
1; mode=block
favicon.ico
partner-test.bigbank.ee/
17 KB
6 KB
Other
General
Full URL
https://partner-test.bigbank.ee/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
61860b594e1b5b3a06a52ef17fbe68f0423e215b00b06c4f3dae6af6e991dc94
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://partner-test.bigbank.ee/log-in
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 14:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 13:23:54 GMT
server
cloudflare
etag
W/"423e-18f721fbe10"
expect-ct
enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=14400
cf-ray
88752345a94b9f2d-FRA
expires
Tue, 21 May 2024 18:08:18 GMT
events
apm.bigbank.eu/intake/v2/rum/
0
37 B
XHR
General
Full URL
https://apm.bigbank.eu/intake/v2/rum/events
Requested by
Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/js/chunk-vendors.abe521e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://partner-test.bigbank.ee/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-ndjson

Response headers

access-control-allow-origin
https://partner-test.bigbank.ee
date
Tue, 21 May 2024 14:08:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8875234ababc90e8-FRA
content-length
0
events
apm.bigbank.eu/intake/v2/rum/
0
0
Preflight
General
Full URL
https://apm.bigbank.eu/intake/v2/rum/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://partner-test.bigbank.ee
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://partner-test.bigbank.ee
access-control-expose-headers
Etag
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
8875234968f390e8-FRA
content-length
0
date
Tue, 21 May 2024 14:08:19 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| config object| webpackChunkpartner_backoffice function| _ object| elasticApm

2 Cookies

Domain/Path Name / Value
partner-test.bigbank.ee/ Name: be70f9bd09d566e8b05905ee932a42c2
Value: 23cd119d0d330ffb5c0c716c4cf6a9e6
partner-test.bigbank.ee/ Name: resourceCheck
Value: 6a3d30def42ccfd75917953ce0fe447b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block