partner-test.bigbank.ee Open in urlscan Pro
2606:4700::6812:186f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://partner-test.bigbank.ee/
Effective URL:
https://partner-test.bigbank.ee/
Submission: On May 21 via manual (May 21st 2024, 2:08:24 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6812:186f, located in United States and belongs to CLOUDFLARENET, US. The main domain is partner-test.bigbank.ee.
TLS certificate: Issued by E1 on May 19th 2024. Valid for: 3 months.

This is the only time partner-test.bigbank.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700::68... 2606:4700::6812:186f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:678:6a0:... 2001:678:6a0::3:101	207647 (INTENTION-AS) (INTENTION-AS)
2	2606:4700::68... 2606:4700::6812:13d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3

11 2606:4700::6812:186f (United States)

ASN13335 (CLOUDFLARENET, US)

partner-test.bigbank.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:6a0::3:101 (Netherlands)

ASN207647 (INTENTION-AS, NL)

bigbank.uriports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:13d6 (United States)

ASN13335 (CLOUDFLARENET, US)

apm.bigbank.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	bigbank.ee partner-test.bigbank.ee	994 KB
2	bigbank.eu apm.bigbank.eu	37 B
1	uriports.com bigbank.uriports.com	508 B
14	3

	Domain	Requested by
11	partner-test.bigbank.ee	partner-test.bigbank.ee
2	apm.bigbank.eu	partner-test.bigbank.ee
1	bigbank.uriports.com	partner-test.bigbank.ee
14	3

This site contains no links.

Subject Issuer	Validity	Valid
bigbank.ee E1	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.uriports.com R3	`2024-04-18` - `2024-07-17`	3 months	crt.sh
bigbank.eu GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://partner-test.bigbank.ee/
Frame ID: 586258EC5671C2CFE1E04C083E0F9328
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Partnersüsteem

Page URL History Show full URLs

http://partner-test.bigbank.ee/ HTTP 307
https://partner-test.bigbank.ee/ Page URL

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

994 kB
Transfer

3770 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://partner-test.bigbank.ee/ HTTP 307
https://partner-test.bigbank.ee/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
partner-test.bigbank.ee/
Redirect Chain

http://partner-test.bigbank.ee/
https://partner-test.bigbank.ee/

901 B
2 KB

386ms
208ms

Document
text/html

2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d4d93fb8def1336937d143ae1332f9b28b1f141311517cef3fc39705bdd8680c

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0 private
cf-cache-status: DYNAMIC
cf-ray: 88752337c9c69f2d-FRA
content-encoding: gzip
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 21 May 2024 14:08:16 GMT
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
last-modified: Mon, 13 May 2024 13:23:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Express
x-xss-protection: 1; mode=block

Redirect headers

Location: https://partner-test.bigbank.ee/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 configuration.js Show response
partner-test.bigbank.ee/ 735 B
546 B 63ms
61ms Script
application/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/configuration.js

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6833062ee1c16e084a1934a9cbcf91ad09e7db5317b20e2ada04fcfe7a9e83f6

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partner-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:08:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: HIT
age: 27
x-powered-by: Express
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2df-N5IY6W6BYcuDE8yi1zInPB+U3t4"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 887523392bd69f2d-FRA
expires: Tue, 21 May 2024 18:08:16 GMT

GET
H2 200 chunk-vendors.abe521e2.js Show response
partner-test.bigbank.ee/js/ 2 MB
492 KB 133ms
132ms Script
application/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/js/chunk-vendors.abe521e2.js

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0dbd835139b57f04f613873c5790a10b96ee5ac16a9cf765ea7f0a0764b65f59

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partner-test.bigbank.ee/
Origin: https://partner-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:08:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 13:23:54 GMT
server: cloudflare
etag: W/"20e6bf-18f721fbe10"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 887523392bd79f2d-FRA
expires: Tue, 21 May 2024 18:08:16 GMT

GET
H2 200 app.6f1a2f71.js Show response
partner-test.bigbank.ee/js/ 1010 KB
266 KB 375ms
374ms Script
application/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/js/app.6f1a2f71.js

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bcbe8d299b1b321468e14e633ebd42359a0f36659f929a2ae2f858ced1186c5b

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partner-test.bigbank.ee/
Origin: https://partner-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 13:23:54 GMT
server: cloudflare
etag: W/"fc912-18f721fbe10"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 887523392bd89f2d-FRA
expires: Tue, 21 May 2024 18:08:16 GMT

GET
H2 200 chunk-vendors.942ad2e6.css
partner-test.bigbank.ee/css/ 260 KB
32 KB 420ms
420ms Stylesheet
text/css 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

899fd83d955eb72ee30fac8ca4b43a1a12157931ffb7530a139de06e291ea5a8

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partner-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 13:22:50 GMT
server: cloudflare
etag: W/"40fa7-18f721ec410"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 887523392bd49f2d-FRA
expires: Tue, 21 May 2024 18:08:16 GMT

GET
H2 200 app.38c7237a.css
partner-test.bigbank.ee/css/ 1 KB
720 B 100ms
100ms Stylesheet
text/css 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/css/app.38c7237a.css

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

187750a9e77dc29ee1c6c954407d906ad2c1aa9ccd9525e399b3d5e9bf982b67

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partner-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:08:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 13:22:50 GMT
server: cloudflare
etag: W/"5e6-18f721ec410"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 887523392bda9f2d-FRA
expires: Tue, 21 May 2024 18:08:16 GMT

POST
H2 204 report
bigbank.uriports.com/reports/ 0
508 B 266ms
44ms Other
text/plain 2001:678:6a0::3:101
INTENTION-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bigbank.uriports.com/reports/report

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/js/chunk-vendors.abe521e2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:678:6a0::3:101 , Netherlands, ASN207647 (INTENTION-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://partner-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 21 May 2024 14:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://leemankuiper.uriports.com/reports"}],"include_subdomains":true}
permissions-policy: microphone=();report-to=default, camera=();report-to=default, fullscreen=(self);report-to=default, payment=(self);report-to=default
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
reporting-endpoints: default="https://leemankuiper.uriports.com/reports"

GET
H2 200 GothamSSm-Bold.cf9afa89.otf
partner-test.bigbank.ee/fonts/ 125 KB
65 KB 133ms
132ms Font
font/otf 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/fonts/GothamSSm-Bold.cf9afa89.otf

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0e0e1b11f791666161be1df51bf2c338d78de5fae98e9f1c7231dc5f02283cd5

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Origin: https://partner-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 13:22:50 GMT
server: cloudflare
etag: W/"1f548-18f721ec410"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 887523447f699f2d-FRA
expires: Tue, 21 May 2024 18:08:18 GMT

GET
H2 200 GothamSSm-Medium.0e4c770a.otf
partner-test.bigbank.ee/fonts/ 126 KB
65 KB 130ms
130ms Font
font/otf 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/fonts/GothamSSm-Medium.0e4c770a.otf

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5613e4050d5f74507cedccde396912626e9bb945a5a95efc3ccd2e30b876c706

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Origin: https://partner-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 13:22:50 GMT
server: cloudflare
etag: W/"1f604-18f721ec410"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 887523447f6f9f2d-FRA
expires: Tue, 21 May 2024 18:08:18 GMT

GET
H2 200 GothamSSm-Book.08303005.otf
partner-test.bigbank.ee/fonts/ 124 KB
64 KB 129ms
128ms Font
font/otf 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/fonts/GothamSSm-Book.08303005.otf

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

97bd09001c0dc97c7f47c4bd7a2ed2ef2efe3d6264fae21e3622bdf49228acb2

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Origin: https://partner-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 13:22:50 GMT
server: cloudflare
etag: W/"1ee64-18f721ec410"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 887523447f719f2d-FRA
expires: Tue, 21 May 2024 18:08:18 GMT

GET
H2 200 build Show response
partner-test.bigbank.ee/ 10 B
215 B 90ms
90ms XHR
text/html 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/build

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/js/chunk-vendors.abe521e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7d4b751e81fa192f762995dc8dcf1172d62885f77a771dae84a3dad13492de25

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent: 00-a2e3944d9dd3296158d9ba1acf47b005-f8556e8fe606dbf3-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-Request-Start: 1716300498562
Referer: https://partner-test.bigbank.ee/log-in
buildVersion: master-706
X-BB-Organization: EEBIG
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: DYNAMIC
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-encoding: gzip
x-powered-by: Express
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cf-ray: 887523442ee79f2d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
partner-test.bigbank.ee/ 17 KB
6 KB 96ms
96ms Other
image/x-icon 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

61860b594e1b5b3a06a52ef17fbe68f0423e215b00b06c4f3dae6af6e991dc94

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://partner-test.bigbank.ee/log-in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 May 2024 13:23:54 GMT
server: cloudflare
etag: W/"423e-18f721fbe10"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=14400
cf-ray: 88752345a94b9f2d-FRA
expires: Tue, 21 May 2024 18:08:18 GMT

POST
H2 202 events Show response
apm.bigbank.eu/intake/v2/rum/ 0
37 B 89ms
89ms XHR
text/plain 2606:4700::6812:13d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.bigbank.eu/intake/v2/rum/events

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/js/chunk-vendors.abe521e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://partner-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://partner-test.bigbank.ee
date: Tue, 21 May 2024 14:08:19 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8875234ababc90e8-FRA
content-length: 0

OPTIONS
H2 200 events
apm.bigbank.eu/intake/v2/rum/ 0
0 315ms
210ms Preflight 2606:4700::6812:13d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.bigbank.eu/intake/v2/rum/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://partner-test.bigbank.ee
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://partner-test.bigbank.ee
access-control-expose-headers: Etag
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 8875234968f390e8-FRA
content-length: 0
date: Tue, 21 May 2024 14:08:19 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| config object| webpackChunkpartner_backoffice function| _ object| elasticApm

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			partner-test.bigbank.ee/	1969-12-31 23:59:59	Name: be70f9bd09d566e8b05905ee932a42c2 Value: 23cd119d0d330ffb5c0c716c4cf6a9e6
			partner-test.bigbank.ee/	1969-12-31 23:59:59	Name: resourceCheck Value: 6a3d30def42ccfd75917953ce0fe447b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apm.bigbank.eu
bigbank.uriports.com
partner-test.bigbank.ee
2001:678:6a0::3:101
2606:4700::6812:13d6
2606:4700::6812:186f
0dbd835139b57f04f613873c5790a10b96ee5ac16a9cf765ea7f0a0764b65f59
0e0e1b11f791666161be1df51bf2c338d78de5fae98e9f1c7231dc5f02283cd5
187750a9e77dc29ee1c6c954407d906ad2c1aa9ccd9525e399b3d5e9bf982b67
5613e4050d5f74507cedccde396912626e9bb945a5a95efc3ccd2e30b876c706
61860b594e1b5b3a06a52ef17fbe68f0423e215b00b06c4f3dae6af6e991dc94
6833062ee1c16e084a1934a9cbcf91ad09e7db5317b20e2ada04fcfe7a9e83f6
7d4b751e81fa192f762995dc8dcf1172d62885f77a771dae84a3dad13492de25
899fd83d955eb72ee30fac8ca4b43a1a12157931ffb7530a139de06e291ea5a8
97bd09001c0dc97c7f47c4bd7a2ed2ef2efe3d6264fae21e3622bdf49228acb2
bcbe8d299b1b321468e14e633ebd42359a0f36659f929a2ae2f858ced1186c5b
d4d93fb8def1336937d143ae1332f9b28b1f141311517cef3fc39705bdd8680c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

partner-test.bigbank.ee Open in urlscan Pro 2606:4700::6812:186f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

994 kBTransfer

3770 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

partner-test.bigbank.ee Open in urlscan Pro
2606:4700::6812:186f Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

994 kB
Transfer

3770 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions