partner-api-test.bigbank.ee Open in urlscan Pro
2606:4700::6812:186f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://partner-api-test.bigbank.ee/
Effective URL:
https://partner-api-test.bigbank.ee/
Submission: On June 10 via manual (June 10th 2024, 12:59:45 am UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 2606:4700::6812:186f, located in United States and belongs to CLOUDFLARENET, US. The main domain is partner-api-test.bigbank.ee.
TLS certificate: Issued by E1 on May 19th 2024. Valid for: 3 months.

This is the only time partner-api-test.bigbank.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	2606:4700::68... 2606:4700::6812:186f		13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	1

9 2606:4700::6812:186f (United States)

ASN13335 (CLOUDFLARENET, US)

partner-api-test.bigbank.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	bigbank.ee partner-api-test.bigbank.ee	689 KB
9	1

	Domain	Requested by
9	partner-api-test.bigbank.ee	partner-api-test.bigbank.ee
9	1

This site contains no links.

Subject Issuer	Validity	Valid
bigbank.ee E1	`2024-05-19` - `2024-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://partner-api-test.bigbank.ee/
Frame ID: ACAF7EBEAA310AED3400A35E1181FD08
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bigbank Partner API Documentation

Page URL History Show full URLs

http://partner-api-test.bigbank.ee/ HTTP 307
https://partner-api-test.bigbank.ee/ Page URL

Page Statistics

9
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

689 kB
Transfer

2791 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://partner-api-test.bigbank.ee/ HTTP 307
https://partner-api-test.bigbank.ee/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
partner-api-test.bigbank.ee/
Redirect Chain

http://partner-api-test.bigbank.ee/
https://partner-api-test.bigbank.ee/

759 B
2 KB

199ms
170ms

Document
text/html

2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

211187738ffcd90934e7f64f5460ab172679221b827a3e3cb08c9a82e6c37f6d

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0 private
cf-cache-status: DYNAMIC
cf-ray: 89156b7c4cac2c4d-FRA
content-encoding: gzip
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 10 Jun 2024 00:59:38 GMT
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
last-modified: Thu, 25 Apr 2024 12:30:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Express
x-xss-protection: 1; mode=block

Redirect headers

Location: https://partner-api-test.bigbank.ee/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 configuration.js Show response
partner-api-test.bigbank.ee/ 31 B
205 B 213ms
212ms Script
application/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api-test.bigbank.ee/configuration.js

Requested by

Host: partner-api-test.bigbank.ee
URL: https://partner-api-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

350daa15a90efcd8334deb2bcaf439e48c4c54ab46969b837c6bbfb26ffa3fc4

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-api-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
x-powered-by: Express
content-length: 31
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1f-wEytq+6028F6ro+5I97iNXPTQ/w"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89156b7d6d252c4d-FRA
expires: Mon, 10 Jun 2024 04:59:38 GMT

GET
H2 200 chunk-vendors.220d67c5.js Show response
partner-api-test.bigbank.ee/js/ 2 MB
506 KB 245ms
245ms Script
application/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api-test.bigbank.ee/js/chunk-vendors.220d67c5.js

Requested by

Host: partner-api-test.bigbank.ee
URL: https://partner-api-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

29c9d68c6c902941419fc7b77dc2f3ef29c8d2d632488c3b1c60a85b0a3b1cbc

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-api-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Apr 2024 12:30:46 GMT
server: cloudflare
etag: W/"230499-18f153ca0f0"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89156b7d6d262c4d-FRA
expires: Mon, 10 Jun 2024 04:59:38 GMT

GET
H2 200 index.75a745b0.js Show response
partner-api-test.bigbank.ee/js/ 66 KB
14 KB 294ms
294ms Script
application/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api-test.bigbank.ee/js/index.75a745b0.js

Requested by

Host: partner-api-test.bigbank.ee
URL: https://partner-api-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bddbcc0b09afa4bb1d86c6373cf3ee259722db254e4e04af6023e06c134cefd7

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-api-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Apr 2024 12:30:46 GMT
server: cloudflare
etag: W/"106d1-18f153ca0f0"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89156b7ebde62c4d-FRA
expires: Mon, 10 Jun 2024 04:59:38 GMT

GET
H2 200 chunk-vendors.e859ca60.css
partner-api-test.bigbank.ee/css/ 211 KB
30 KB 214ms
214ms Stylesheet
text/css 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api-test.bigbank.ee/css/chunk-vendors.e859ca60.css

Requested by

Host: partner-api-test.bigbank.ee
URL: https://partner-api-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

81dbe3a00a52082f105b309b60afec40df49c7c875ec6079123e27e654989607

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-api-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Apr 2024 12:30:46 GMT
server: cloudflare
etag: W/"34d6e-18f153ca0f0"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89156b7d6d242c4d-FRA
expires: Mon, 10 Jun 2024 04:59:38 GMT

GET
H2 200 index.7d2b4c36.css
partner-api-test.bigbank.ee/css/ 5 KB
2 KB 309ms
309ms Stylesheet
text/css 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api-test.bigbank.ee/css/index.7d2b4c36.css

Requested by

Host: partner-api-test.bigbank.ee
URL: https://partner-api-test.bigbank.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d50da87cb66e86a956ab168cc7d64405da252742779ef3648de18c63ea02911e

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-api-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Apr 2024 12:30:46 GMT
server: cloudflare
etag: W/"127a-18f153ca0f0"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89156b7d6d292c4d-FRA
expires: Mon, 10 Jun 2024 04:59:38 GMT

GET
H2 200 GothamSSm-Medium.0e4c770a.otf
partner-api-test.bigbank.ee/fonts/ 126 KB
65 KB 202ms
202ms Font
font/otf 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api-test.bigbank.ee/fonts/GothamSSm-Medium.0e4c770a.otf

Requested by

Host: partner-api-test.bigbank.ee
URL: https://partner-api-test.bigbank.ee/css/chunk-vendors.e859ca60.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5613e4050d5f74507cedccde396912626e9bb945a5a95efc3ccd2e30b876c706

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-api-test.bigbank.ee/css/chunk-vendors.e859ca60.css
Origin: https://partner-api-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Apr 2024 12:30:45 GMT
server: cloudflare
etag: W/"1f604-18f153c9d08"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 89156b85a96c2c4d-FRA
expires: Mon, 10 Jun 2024 04:59:39 GMT

GET
H2 200 GothamSSm-Bold.cf9afa89.otf
partner-api-test.bigbank.ee/fonts/ 125 KB
65 KB 201ms
201ms Font
font/otf 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api-test.bigbank.ee/fonts/GothamSSm-Bold.cf9afa89.otf

Requested by

Host: partner-api-test.bigbank.ee
URL: https://partner-api-test.bigbank.ee/css/chunk-vendors.e859ca60.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0e0e1b11f791666161be1df51bf2c338d78de5fae98e9f1c7231dc5f02283cd5

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-api-test.bigbank.ee/css/chunk-vendors.e859ca60.css
Origin: https://partner-api-test.bigbank.ee
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Apr 2024 12:30:45 GMT
server: cloudflare
etag: W/"1f548-18f153c9d08"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 89156b85a96e2c4d-FRA
expires: Mon, 10 Jun 2024 04:59:39 GMT

GET
H2 200 favicon.ico
partner-api-test.bigbank.ee/ 17 KB
4 KB 175ms
175ms Other
image/x-icon 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api-test.bigbank.ee/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

61860b594e1b5b3a06a52ef17fbe68f0423e215b00b06c4f3dae6af6e991dc94

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://partner-api-test.bigbank.ee/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 00:59:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: child-src 'self' blob:; connect-src 'self' ws: wss: https://*.google-analytics.com https://*.analytics.google.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.dca.origin.big.local https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.gstatic.com https://*.hotjar.com https://*.hotjar.io https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://*.adform.net https://*.google-analytics.com https://*.googleadservices.com https://*.bigbank.ee https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googleapis.com https://*.google.ee https://*.google.lt https://*.gstatic.com https://*.hotjar.com https://*.nordigen.com https://*.googletagmanager.com https://*.google.com https://*.google.ee https://*.doubleresults.com; font-src 'self' data: https://*.gstatic.com https://*.gstatic.com; form-action 'self' https://*.facebook.net https://*.facebook.com; frame-ancestors https://*.dca.origin.big.local; frame-src 'self' https://*.google-analytics.com https://*.hotjar.com https://*.dca.origin.big.local https://*.bigbank.ee https://*.bigbank.eu https://*.googlesyndication.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'self'; script-src 'self' https://*.adform.net https://*.googleadservices.com https://*.google-analytics.com https://*.bigbank.ee https://*.bigbank.eu https://*.bigbank.lt https://*.bigbank.lv https://*.doubleclick.net https://*.facebook.net https://*.facebook.com https://*.google.com https://*.googlesyndication.com https://*.hotjar.com http://*.hotjar.com https://hcaptcha.com https://*.hcaptcha.com https://*.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Apr 2024 12:30:46 GMT
server: cloudflare
etag: W/"423e-18f153ca0f0"
expect-ct: enforce, max-age=30, report-uri="https://bigbank.uriports.com/reports/report"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=14400
cf-ray: 89156b873a2a2c4d-FRA
expires: Mon, 10 Jun 2024 04:59:40 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			partner-api-test.bigbank.ee/	1969-12-31 23:59:59	Name: resourceCheck Value: 02bd14f4bd06e453f71d9e0b4e4b2b17
			partner-api-test.bigbank.ee/	1969-12-31 23:59:59	Name: f7e5dd1c695fad914c32204dc09cf9bd Value: a3ea95e4ed5eb49ebb4080c76d1e49a1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src 'self' blob:; connect-src 'self' ws: wss: https://.google-analytics.com https://.analytics.google.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.dca.origin.big.local https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.gstatic.com https://.hotjar.com https://.hotjar.io https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com bigbank.uriports.com; default-src 'self'; img-src 'self' blob: data: https://.adform.net https://.google-analytics.com https://.googleadservices.com https://.bigbank.ee https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googleapis.com https://.google.ee https://.google.lt https://.gstatic.com https://.hotjar.com https://.nordigen.com https://.googletagmanager.com https://.google.com https://.google.ee https://.doubleresults.com; font-src 'self' data: https://.gstatic.com https://.gstatic.com; form-action 'self' https://.facebook.net https://.facebook.com; frame-ancestors https://.dca.origin.big.local; frame-src 'self' https://.google-analytics.com https://.hotjar.com https://.dca.origin.big.local https://.bigbank.ee https://.bigbank.eu https://.googlesyndication.com https://hcaptcha.com https://.hcaptcha.com; object-src 'self'; script-src 'self' https://.adform.net https://.googleadservices.com https://.google-analytics.com https://.bigbank.ee https://.bigbank.eu https://.bigbank.lt https://.bigbank.lv https://.doubleclick.net https://.facebook.net https://.facebook.com https://.google.com https://.googlesyndication.com https://.hotjar.com http://.hotjar.com https://hcaptcha.com https://.hcaptcha.com https://.googletagmanager.com static.hotjar.com 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='; style-src 'self' 'unsafe-inline' https://.google.com https://.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; report-uri https://bigbank.uriports.com/reports/report; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

partner-api-test.bigbank.ee
2606:4700::6812:186f
0e0e1b11f791666161be1df51bf2c338d78de5fae98e9f1c7231dc5f02283cd5
211187738ffcd90934e7f64f5460ab172679221b827a3e3cb08c9a82e6c37f6d
29c9d68c6c902941419fc7b77dc2f3ef29c8d2d632488c3b1c60a85b0a3b1cbc
350daa15a90efcd8334deb2bcaf439e48c4c54ab46969b837c6bbfb26ffa3fc4
5613e4050d5f74507cedccde396912626e9bb945a5a95efc3ccd2e30b876c706
61860b594e1b5b3a06a52ef17fbe68f0423e215b00b06c4f3dae6af6e991dc94
81dbe3a00a52082f105b309b60afec40df49c7c875ec6079123e27e654989607
bddbcc0b09afa4bb1d86c6373cf3ee259722db254e4e04af6023e06c134cefd7
d50da87cb66e86a956ab168cc7d64405da252742779ef3648de18c63ea02911e

partner-api-test.bigbank.ee Open in urlscan Pro 2606:4700::6812:186f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

689 kBTransfer

2791 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

partner-api-test.bigbank.ee Open in urlscan Pro
2606:4700::6812:186f Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

689 kB
Transfer

2791 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions