partner-test.bigbank.ee Open in urlscan Pro
2606:4700::6812:186f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://partner-test.bigbank.ee/
Effective URL:
https://partner-test.bigbank.ee/
Submission: On June 10 via manual (June 10th 2024, 12:59:45 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6812:186f, located in United States and belongs to CLOUDFLARENET, US. The main domain is partner-test.bigbank.ee.
TLS certificate: Issued by E1 on May 19th 2024. Valid for: 3 months.

This is the only time partner-test.bigbank.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700::68... 2606:4700::6812:186f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:678:6a0:... 2001:678:6a0::3:101	207647 (INTENTION-AS) (INTENTION-AS)
2	2606:4700::68... 2606:4700::6812:13d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3

11 2606:4700::6812:186f (United States)

ASN13335 (CLOUDFLARENET, US)

partner-test.bigbank.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:6a0::3:101 (Netherlands)

ASN207647 (INTENTION-AS, NL)

bigbank.uriports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:13d6 (United States)

ASN13335 (CLOUDFLARENET, US)

apm.bigbank.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	bigbank.ee partner-test.bigbank.ee	992 KB
2	bigbank.eu apm.bigbank.eu	37 B
1	uriports.com bigbank.uriports.com	508 B
14	3

	Domain	Requested by
11	partner-test.bigbank.ee	partner-test.bigbank.ee
2	apm.bigbank.eu	partner-test.bigbank.ee
1	bigbank.uriports.com	partner-test.bigbank.ee
14	3

This site contains no links.

Subject Issuer	Validity	Valid
bigbank.ee E1	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.uriports.com R3	`2024-04-18` - `2024-07-17`	3 months	crt.sh
bigbank.eu GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://partner-test.bigbank.ee/
Frame ID: 21BC8D37010BE205244BC1AFCE24702D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Partnersüsteem

Page URL History Show full URLs

http://partner-test.bigbank.ee/ HTTP 307
https://partner-test.bigbank.ee/ Page URL

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

993 kB
Transfer

3770 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://partner-test.bigbank.ee/ HTTP 307
https://partner-test.bigbank.ee/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
partner-test.bigbank.ee/
Redirect Chain

http://partner-test.bigbank.ee/
https://partner-test.bigbank.ee/

901 B
2 KB

236ms
180ms

Document
text/html

2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

07ef258d87600dc13b731973545460b0b3ab0b8561127734d6d1093d4b0e0193

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0 private
cf-cache-status: DYNAMIC
cf-ray: 89156b829bef2c51-FRA
content-encoding: gzip
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 10 Jun 2024 00:59:39 GMT
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
last-modified: Fri, 07 Jun 2024 06:20:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Express
x-xss-protection: 1; mode=block

Redirect headers

Location: https://partner-test.bigbank.ee/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 configuration.js Show response
partner-test.bigbank.ee/ 711 B
482 B 211ms
210ms Script
application/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/configuration.js

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d22176da9cb02e5b047a81f763d5726cc3e045b7710862916935079d2442a36a

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2c7-SINL2Sq5yaqh/Vm+HSF3n8QXrgk"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 89156b83bc662c51-FRA
expires: Mon, 10 Jun 2024 04:59:39 GMT

GET
H2 200 chunk-vendors.119fdfb0.js Show response
partner-test.bigbank.ee/js/ 2 MB
492 KB 218ms
217ms Script
application/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/js/chunk-vendors.119fdfb0.js

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6de6ba23ae983d77812cc93deb569f077eacf030c5597d68bec2d22623dda71b

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-test.bigbank.ee/
Origin: https://partner-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jun 2024 06:20:46 GMT
server: cloudflare
etag: W/"20e701-18ff15b5630"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89156b83bc672c51-FRA
expires: Mon, 10 Jun 2024 04:59:39 GMT

GET
H2 200 app.11aaf3d1.js Show response
partner-test.bigbank.ee/js/ 1010 KB
264 KB 242ms
242ms Script
application/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/js/app.11aaf3d1.js

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6157e12e39de3542dc7f1eb9cc4707e3bbf9d31d1b53d789cf4665d88c70cf5b

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-test.bigbank.ee/
Origin: https://partner-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jun 2024 06:20:46 GMT
server: cloudflare
etag: W/"fc91c-18ff15b5630"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89156b83bc682c51-FRA
expires: Mon, 10 Jun 2024 04:59:39 GMT

GET
H2 200 chunk-vendors.942ad2e6.css
partner-test.bigbank.ee/css/ 260 KB
33 KB 406ms
405ms Stylesheet
text/css 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

899fd83d955eb72ee30fac8ca4b43a1a12157931ffb7530a139de06e291ea5a8

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jun 2024 06:19:49 GMT
server: cloudflare
etag: W/"40fa7-18ff15a7788"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89156b83bc692c51-FRA
expires: Mon, 10 Jun 2024 04:59:39 GMT

GET
H2 200 app.38c7237a.css
partner-test.bigbank.ee/css/ 1 KB
760 B 183ms
183ms Stylesheet
text/css 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/css/app.38c7237a.css

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

187750a9e77dc29ee1c6c954407d906ad2c1aa9ccd9525e399b3d5e9bf982b67

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jun 2024 06:19:49 GMT
server: cloudflare
etag: W/"5e6-18ff15a7788"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89156b83bc6a2c51-FRA
expires: Mon, 10 Jun 2024 04:59:39 GMT

POST
H2 204 report
bigbank.uriports.com/reports/ 0
508 B 133ms
30ms Other
text/plain 2001:678:6a0::3:101
INTENTION-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bigbank.uriports.com/reports/report

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/js/chunk-vendors.119fdfb0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2001:678:6a0::3:101 , Netherlands, ASN207647 (INTENTION-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://partner-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 Jun 2024 00:59:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://leemankuiper.uriports.com/reports"}],"include_subdomains":true}
permissions-policy: microphone=();report-to=default, camera=();report-to=default, fullscreen=(self);report-to=default, payment=(self);report-to=default
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
reporting-endpoints: default="https://leemankuiper.uriports.com/reports"

GET
H2 200 GothamSSm-Bold.cf9afa89.otf
partner-test.bigbank.ee/fonts/ 125 KB
65 KB 213ms
212ms Font
font/otf 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/fonts/GothamSSm-Bold.cf9afa89.otf

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0e0e1b11f791666161be1df51bf2c338d78de5fae98e9f1c7231dc5f02283cd5

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Origin: https://partner-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jun 2024 06:19:49 GMT
server: cloudflare
etag: W/"1f548-18ff15a7788"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 89156b8eb9102c51-FRA
expires: Mon, 10 Jun 2024 04:59:41 GMT

GET
H2 200 GothamSSm-Medium.0e4c770a.otf
partner-test.bigbank.ee/fonts/ 126 KB
65 KB 381ms
380ms Font
font/otf 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/fonts/GothamSSm-Medium.0e4c770a.otf

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5613e4050d5f74507cedccde396912626e9bb945a5a95efc3ccd2e30b876c706

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Origin: https://partner-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jun 2024 06:19:49 GMT
server: cloudflare
etag: W/"1f604-18ff15a7788"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 89156b8eb9112c51-FRA
expires: Mon, 10 Jun 2024 04:59:41 GMT

GET
H2 200 GothamSSm-Book.08303005.otf
partner-test.bigbank.ee/fonts/ 124 KB
64 KB 214ms
213ms Font
font/otf 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/fonts/GothamSSm-Book.08303005.otf

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

97bd09001c0dc97c7f47c4bd7a2ed2ef2efe3d6264fae21e3622bdf49228acb2

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-test.bigbank.ee/css/chunk-vendors.942ad2e6.css
Origin: https://partner-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jun 2024 06:19:49 GMT
server: cloudflare
etag: W/"1ee64-18ff15a7788"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 89156b8eb9122c51-FRA
expires: Mon, 10 Jun 2024 04:59:41 GMT

GET
H2 200 build Show response
partner-test.bigbank.ee/ 10 B
236 B 64ms
64ms XHR
text/html 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/build

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/js/chunk-vendors.119fdfb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

39a9e92afd46f4501b83723dfbafb4c26a041eb6587c9b0627533352db6e8b2d

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
traceparent: 00-d95470a14270515e744bae7649d32c1c-f3b7b9ffe1ec15f4-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-Request-Start: 1717981181174
Referer: https://partner-test.bigbank.ee/log-in
buildVersion: master-718
X-BB-Organization: EEBIG
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: DYNAMIC
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-encoding: gzip
x-powered-by: Express
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cf-ray: 89156b8e68fa2c51-FRA
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
partner-test.bigbank.ee/ 17 KB
4 KB 179ms
179ms Other
image/x-icon 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-test.bigbank.ee/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

61860b594e1b5b3a06a52ef17fbe68f0423e215b00b06c4f3dae6af6e991dc94

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-test.bigbank.ee/log-in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jun 2024 06:20:46 GMT
server: cloudflare
etag: W/"423e-18ff15b5630"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=14400
cf-ray: 89156b915a872c51-FRA
expires: Mon, 10 Jun 2024 04:59:41 GMT

OPTIONS
H2 200 events
apm.bigbank.eu/intake/v2/rum/ 0
0 231ms
169ms Preflight 2606:4700::6812:13d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.bigbank.eu/intake/v2/rum/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://partner-test.bigbank.ee
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://partner-test.bigbank.ee
access-control-expose-headers: Etag
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 89156b94dc50bc04-FRA
content-length: 0
date: Mon, 10 Jun 2024 00:59:42 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff

POST
H2 202 events Show response
apm.bigbank.eu/intake/v2/rum/ 0
37 B 66ms
66ms XHR
text/plain 2606:4700::6812:13d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.bigbank.eu/intake/v2/rum/events

Requested by

Host: partner-test.bigbank.ee
URL: https://partner-test.bigbank.ee/js/chunk-vendors.119fdfb0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://partner-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://partner-test.bigbank.ee
date: Mon, 10 Jun 2024 00:59:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 89156b95ed22bc04-FRA
content-length: 0

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| config object| webpackChunkpartner_backoffice function| _ object| elasticApm

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			partner-test.bigbank.ee/	1969-12-31 23:59:59	Name: be70f9bd09d566e8b05905ee932a42c2 Value: 89f010636880a9017b5cc9cbbfe97da6
			partner-test.bigbank.ee/	1969-12-31 23:59:59	Name: resourceCheck Value: 8676bca8d094167bb93173da6f124372

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apm.bigbank.eu
bigbank.uriports.com
partner-test.bigbank.ee
2001:678:6a0::3:101
2606:4700::6812:13d6
2606:4700::6812:186f
07ef258d87600dc13b731973545460b0b3ab0b8561127734d6d1093d4b0e0193
0e0e1b11f791666161be1df51bf2c338d78de5fae98e9f1c7231dc5f02283cd5
187750a9e77dc29ee1c6c954407d906ad2c1aa9ccd9525e399b3d5e9bf982b67
39a9e92afd46f4501b83723dfbafb4c26a041eb6587c9b0627533352db6e8b2d
5613e4050d5f74507cedccde396912626e9bb945a5a95efc3ccd2e30b876c706
6157e12e39de3542dc7f1eb9cc4707e3bbf9d31d1b53d789cf4665d88c70cf5b
61860b594e1b5b3a06a52ef17fbe68f0423e215b00b06c4f3dae6af6e991dc94
6de6ba23ae983d77812cc93deb569f077eacf030c5597d68bec2d22623dda71b
899fd83d955eb72ee30fac8ca4b43a1a12157931ffb7530a139de06e291ea5a8
97bd09001c0dc97c7f47c4bd7a2ed2ef2efe3d6264fae21e3622bdf49228acb2
d22176da9cb02e5b047a81f763d5726cc3e045b7710862916935079d2442a36a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

partner-test.bigbank.ee Open in urlscan Pro 2606:4700::6812:186f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

993 kBTransfer

3770 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

partner-test.bigbank.ee Open in urlscan Pro
2606:4700::6812:186f Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

993 kB
Transfer

3770 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions