www.bafin.de Open in urlscan Pro
80.245.145.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bafin.de/
Effective URL:
https://www.bafin.de/DE/Startseite/startseite_node.html
Submission: On April 16 via api (April 16th 2024, 2:07:17 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 28 HTTP transactions. The main IP is 80.245.145.113, located in Germany and belongs to ZIVIT-AS, DE. The main domain is www.bafin.de. The Cisco Umbrella rank of the primary domain is 421427.
TLS certificate: Issued by GEANT OV RSA CA 4 on September 13th 2023. Valid for: a year.

This is the only time www.bafin.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 29	80.245.145.113 80.245.145.113		35704 (ZIVIT-AS) (ZIVIT-AS)
28	1

29 80.245.145.113 (Germany) 1 redirects

ASN35704 (ZIVIT-AS, DE)

www.bafin.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	bafin.de 1 redirects www.bafin.de — Cisco Umbrella Rank: 421427	2 MB
28	1

	Domain	Requested by
29	www.bafin.de	1 redirects www.bafin.de
28	1

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
social.bund.de
www.instagram.com
www.erfolgsfaktor-familie.de
www.charta-der-vielfalt.de

Subject Issuer	Validity	Valid
www.bafin.de GEANT OV RSA CA 4	`2023-09-13` - `2024-09-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.bafin.de/DE/Startseite/startseite_node.html
Frame ID: C842AD9B202180707AD97F4C5BEAEE1D
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BaFin - Startseite

Page URL History Show full URLs

http://www.bafin.de/ HTTP 307
https://www.bafin.de/ HTTP 302
https://www.bafin.de/DE/Startseite/startseite_node.html Page URL

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2046 kB
Transfer

1999 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/BaFin_Bund
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bafin/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://social.bund.de/@BaFin
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fbafin_bund%2F
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.erfolgsfaktor-familie.de/

Search URL Search Domain Scan URL

URL: https://www.charta-der-vielfalt.de/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bafin.de/ HTTP 307
https://www.bafin.de/ HTTP 302
https://www.bafin.de/DE/Startseite/startseite_node.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request startseite_node.html Show response
www.bafin.de/DE/Startseite/
Redirect Chain

http://www.bafin.de/
https://www.bafin.de/
https://www.bafin.de/DE/Startseite/startseite_node.html

62 KB
64 KB

249ms
249ms

Document
text/html

80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

077e6158dce9aba621bc07691c40e940f09c65656941f5d13490c52cc933738a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=60
Connection: Keep-Alive
Content-Language: de
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Content-Type: text/html;charset=utf-8
Date: Tue, 16 Apr 2024 14:07:12 GMT
Expires: Tue, 16 Apr 2024 14:08:12 GMT
Keep-Alive: timeout=10, max=499
Last-Modified: Tue, 16 Apr 2024 14:07:12 GMT
Pragma: no-cache
Referrer-Policy: same-origin
Server: Apache
Strict-Transport-Security: max-age=16070400
Transfer-Encoding: chunked
Vary: X-Forwarded-Proto,Accept-Encoding
X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-UA-Compatible: IE=edge
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-XSS-Protection: 1;mode=block

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Language: de
Content-Length: 0
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Content-Type: text/html;charset=utf-8
Date: Tue, 16 Apr 2024 14:07:12 GMT
Keep-Alive: timeout=10, max=500
Last-Modified: Tue, 16 Apr 2024 14:07:12 GMT
Location: https://www.bafin.de/DE/Startseite/startseite_node.html
Pragma: no-cache
Referrer-Policy: same-origin
Server: Apache
Strict-Transport-Security: max-age=16070400
Vary: X-Forwarded-Proto
X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-UA-Compatible: IE=edge
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK normalize.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Styles/ 2 KB
4 KB 147ms
66ms Stylesheet
text/css 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Styles/normalize.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=4

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

bf9a0eb0fea017ec1bb788eafd3814581f150414cb2d96528f654e9e26c5ba33

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 1815
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Tue, 16 Apr 2024 14:06:42 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de
Content-Type: text/css;charset=utf-8
Cache-Control: max-age=604800
Keep-Alive: timeout=10, max=498
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:06:42 GMT

GET
H/1.1 200
OK _libs.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Styles/ 114 KB
116 KB 143ms
58ms Stylesheet
text/css 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Styles/_libs.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

8bd65a5e27f7901e8a9de7cb5a1397e844b547e7129a061aeacb2c4bf4c099dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 117013
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Tue, 16 Apr 2024 14:06:02 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de
Content-Type: text/css;charset=utf-8
Cache-Control: max-age=0
Keep-Alive: timeout=10, max=500
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;

GET
H/1.1 200
OK small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Styles/ 147 KB
149 KB 143ms
58ms Stylesheet
text/css 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

794dec30466d98b7c267e6b986d1f171938c12edb8b8499e7d5edfa67ac07eaa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 150905
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Tue, 16 Apr 2024 14:06:42 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de
Content-Type: text/css;charset=utf-8
Cache-Control: max-age=604800
Keep-Alive: timeout=10, max=500
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:06:42 GMT

GET
H/1.1 200
OK medium.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Styles/ 10 KB
12 KB 147ms
56ms Stylesheet
text/css 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Styles/medium.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=4

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

e90fe5abdf4fd774febe6860d013e3a7e58cf3578d9b53cb169e236c361ff96d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 10445
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Tue, 16 Apr 2024 14:06:42 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de
Content-Type: text/css;charset=utf-8
Cache-Control: max-age=604800
Keep-Alive: timeout=10, max=500
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:06:42 GMT

GET
H/1.1 200
OK large.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Styles/ 46 KB
47 KB 147ms
56ms Stylesheet
text/css 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Styles/large.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=4

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

f12c34ec954a5fcbe126baaa07e61ccd71679a5b9d9e0518132651f651884977

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 46803
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Tue, 16 Apr 2024 14:06:42 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de
Content-Type: text/css;charset=utf-8
Cache-Control: max-age=604800
Keep-Alive: timeout=10, max=500
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:06:42 GMT

GET
H/1.1 200
OK xlarge.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Styles/ 5 KB
7 KB 148ms
57ms Stylesheet
text/css 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Styles/xlarge.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=4

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

95357f4149172de04d44a694c629b638fb1ae5abfebc6d43bf3ec4bc3e314137

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 5507
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Tue, 16 Apr 2024 14:06:42 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de
Content-Type: text/css;charset=utf-8
Cache-Control: max-age=604800
Keep-Alive: timeout=10, max=500
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:06:42 GMT

GET
H/1.1 200
OK logo.png;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Images/ 3 KB
5 KB 69ms
69ms Image
image/png 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/logo.png;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?__blob=normal&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

489e1563caf2b153ba71d36834439dddcb71d0fbf91a9ed3035457d6f5ec103b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 3119
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Fri, 08 Sep 2023 00:25:00 GMT
Server: Apache
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/png;charset=UTF-8
Cache-Control: max-age=14400
Keep-Alive: timeout=10, max=497
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:06:42 GMT

GET
H/1.1 200
OK addon_print.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Styles/ 19 KB
21 KB 55ms
55ms Stylesheet
text/css 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Styles/addon_print.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=3

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

c9ab8949b4774593fdccf93c60d43cf8e7a01121956bda0651e9cb527f3876ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 19423
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Tue, 16 Apr 2024 14:06:42 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de
Content-Type: text/css;charset=utf-8
Cache-Control: max-age=604800
Keep-Alive: timeout=10, max=493
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:06:42 GMT

GET
H/1.1 200
OK Servicesuche_Submit.svg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Forms/_components/Buttons/ 902 B
3 KB 68ms
68ms Image
image/svg+xml 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Forms/_components/Buttons/Servicesuche_Submit.svg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?__blob=image&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

ab53f95a9afc7b99cbf35353c181fa8783f31546ba7af07a58fd00e6b4cc1e13

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 902
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Fri, 08 Sep 2023 00:24:24 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=604800
Keep-Alive: timeout=10, max=499
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:06:42 GMT

GET
H/1.1 200
OK coverbild_Auslagerungen_im_Finanzsektor.png;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SharedDocs/Bilder/DE/Artikel/ 472 KB
474 KB 69ms
69ms Image
image/png 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SharedDocs/Bilder/DE/Artikel/coverbild_Auslagerungen_im_Finanzsektor.png;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?__blob=normal&v=1

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

04f83004f50bb9eb4858bbc600df3eacdf3f2b28c73f18feea37f60949a948f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Content-Disposition: attachment;filename=coverbild_Auslagerungen_im_Finanzsektor.png
Connection: Keep-Alive
Content-Length: 483366
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Thu, 11 Apr 2024 11:21:41 GMT
Server: Apache
ETag: 507a0c574fa199926d3f57339314b043
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/png;charset=UTF-8
Cache-Control: max-age=604800
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=499
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:07:12 GMT

GET
H/1.1 200
OK bild_fa_bj_2404_BaFin_Beschwerdestatistik_2023.jpg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SharedDocs/Bilder/DE/Artikel/ 62 KB
64 KB 62ms
62ms Image
image/jpeg 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SharedDocs/Bilder/DE/Artikel/bild_fa_bj_2404_BaFin_Beschwerdestatistik_2023.jpg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?__blob=wide&v=1

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

c98ca5cfcf1a3316353eb4dfc1115c9ed291458f7f4c0afb8f3c92f8e9349cd1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Content-Disposition: attachment;filename=bild_fa_bj_2404_BaFin_Beschwerdestatistik_2023.jpg
Connection: Keep-Alive
Content-Length: 63624
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Mon, 08 Apr 2024 07:46:44 GMT
Server: Apache
ETag: d63ac1a4e9440874d09b2402becb2c75
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=604800
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=498
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:07:12 GMT

GET
H/1.1 200
OK bild_EDinA_Rodolphe_2024.jpg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SharedDocs/Bilder/DE/Portraits/ 41 KB
43 KB 63ms
63ms Image
image/jpeg 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SharedDocs/Bilder/DE/Portraits/bild_EDinA_Rodolphe_2024.jpg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?__blob=wide&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

47a09efc6359422b0288c35aa42b0c7cb11f7f7fbca8bd26357f2985b3547cf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Content-Disposition: attachment;filename=bild_EDinA_Rodolphe_2024.jpg
Connection: Keep-Alive
Content-Length: 42420
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Wed, 27 Mar 2024 08:53:39 GMT
Server: Apache
ETag: 4eb81d0dba3c3639abb71d0ceba4bf18
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=604800
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=496
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:07:12 GMT

GET
H/1.1 200
OK bild_fa_bj_2404_Kreditzweitmarktgesetz.jpg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SharedDocs/Bilder/DE/Artikel/ 64 KB
65 KB 64ms
64ms Image
image/jpeg 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SharedDocs/Bilder/DE/Artikel/bild_fa_bj_2404_Kreditzweitmarktgesetz.jpg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?__blob=wide&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

873bfaf903f0d9264ddc3ab8a1ed217ffd98d8d621695dfd071b2b2473ab5302

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Content-Disposition: attachment;filename=bild_fa_bj_2404_Kreditzweitmarktgesetz.jpg
Connection: Keep-Alive
Content-Length: 65035
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Wed, 03 Apr 2024 09:58:43 GMT
Server: Apache
ETag: 1aa796b424f98f634d2bd8b40e0680b7
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=604800
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=499
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 23 Apr 2024 14:07:12 GMT

GET
H/1.1 200
OK nav2top.svg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Images/icons/ 456 B
2 KB 57ms
57ms Image
image/svg+xml 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/icons/nav2top.svg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?__blob=normal&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

4e02b5d42e66a5c6bfaec5163ebe1c8a5b102de78f461be986480e1e1dee25f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 456
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Fri, 08 Sep 2023 00:24:25 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=14400
Keep-Alive: timeout=10, max=499
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:06:42 GMT

GET
H/1.1 200
OK logo-sf.jpg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Images/ 45 KB
47 KB 56ms
55ms Image
image/jpeg 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/logo-sf.jpg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?__blob=normal&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

82935e5ed0b956ea5928324a73c32b7cb4f7d6abff9dc7c4cbfc87fd98729ae0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 46089
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Fri, 08 Sep 2023 00:24:25 GMT
Server: Apache
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=14400
Keep-Alive: timeout=10, max=495
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:06:42 GMT

GET
H/1.1 200
OK logo-cdv.jpg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Images/ 79 KB
81 KB 55ms
55ms Image
image/jpeg 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/logo-cdv.jpg;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?__blob=normal&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

05a48f316c0c73306d850b7a0dd15552df208161089a0429d0a20957c82ad287

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 81316
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Fri, 08 Sep 2023 00:24:25 GMT
Server: Apache
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=14400
Keep-Alive: timeout=10, max=497
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:06:42 GMT

GET
H/1.1 200
OK global.js;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012 Show response
www.bafin.de/SiteGlobals/Frontend/JavaScript/init/ 673 KB
675 KB 56ms
55ms Script
application/x-javascript 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/SiteGlobals/Frontend/JavaScript/init/global.js;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/DE/Startseite/startseite_node.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

3648b4f0ca850e55ead1ad22624537d31f5e3c0a14131be5196c24e8b66ac7c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 689148
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Tue, 16 Apr 2024 14:06:42 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=864000
Keep-Alive: timeout=10, max=499
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Fri, 26 Apr 2024 14:06:42 GMT

GET
H/1.1 200
OK sprite-svg.svg
www.bafin.de/SiteGlobals/Frontend/Images/icons/ 37 KB
39 KB 141ms
58ms Image
image/svg+xml 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/icons/sprite-svg.svg?__blob=normal&v=3

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/SiteGlobals/Frontend/Styles/large.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

cb6689a24b7ed98d6a0b175b9636ee40bb32fcef78918eeb980bac11fb29f11f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/SiteGlobals/Frontend/Styles/large.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=4
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 37905
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Tue, 24 Oct 2023 12:14:47 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=14400
Keep-Alive: timeout=10, max=496
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:06:42 GMT

GET
H/1.1 200
OK welle.svg
www.bafin.de/SiteGlobals/Frontend/Images/icons/ 2 KB
4 KB 100ms
59ms Image
image/svg+xml 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/icons/welle.svg?__blob=normal&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

6ec6dbef2b8dace12fb85748f25db283c4fe55eece13d3b9b8ccf9b2d3022766

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 2556
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Fri, 08 Sep 2023 00:25:03 GMT
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=14400
Keep-Alive: timeout=10, max=494
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:07:07 GMT

GET
H/1.1 200
OK sprite.png
www.bafin.de/SiteGlobals/Frontend/Images/icons/ 35 KB
36 KB 58ms
58ms Image
image/png 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/icons/sprite.png?__blob=normal&v=3

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

8775484c3bb8ce3c7a9c820e2d9d0a73ba167a8cd8dc9608966688c7c519d7ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 35532
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Tue, 24 Oct 2023 12:14:46 GMT
Server: Apache
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/png;charset=UTF-8
Cache-Control: max-age=14400
Keep-Alive: timeout=10, max=497
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:06:42 GMT

GET
H/1.1 200
OK OpenSans-Italic-webfont.woff
www.bafin.de/static/fonts/OpenSans/ 21 KB
22 KB 78ms
58ms Font
application/x-font-woff 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/static/fonts/OpenSans/OpenSans-Italic-webfont.woff

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

be6dcb6e904f44dec593e7c2268e4954654276a9a2697843ac75e4275e91f5f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src *
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; allow 'self'; img-src *
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8
Origin: https://www.bafin.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 14:07:12 GMT
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline'; img-src *
Connection: Keep-Alive
Content-Length: 21808
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 18 Jan 2024 10:22:03 GMT
Server: Apache
ETag: "5530-60f35bc13a28e"
Vary: X-Forwarded-Proto
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=497
X-Content-Security-Policy: default-src 'self' 'unsafe-inline'; allow 'self'; img-src *

GET
H/1.1 200
OK OpenSans-Regular-webfont.woff
www.bafin.de/static/fonts/OpenSans/ 20 KB
21 KB 84ms
57ms Font
application/x-font-woff 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/static/fonts/OpenSans/OpenSans-Regular-webfont.woff

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src *
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; allow 'self'; img-src *
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8
Origin: https://www.bafin.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 14:07:12 GMT
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline'; img-src *
Connection: Keep-Alive
Content-Length: 20696
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 18 Jan 2024 10:22:03 GMT
Server: Apache
ETag: "50d8-60f35bc13c1ce"
Vary: X-Forwarded-Proto
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=498
X-Content-Security-Policy: default-src 'self' 'unsafe-inline'; allow 'self'; img-src *

GET
H/1.1 200
OK OpenSans-Bold-webfont.woff
www.bafin.de/static/fonts/OpenSans/ 20 KB
21 KB 94ms
58ms Font
application/x-font-woff 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/static/fonts/OpenSans/OpenSans-Bold-webfont.woff

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

f21a07b8173a59a6cdf3f46d46a4bd1b14e4146d4e1c80a543021a6d69b2fe8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; img-src *
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	default-src 'self' 'unsafe-inline'; allow 'self'; img-src *
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8
Origin: https://www.bafin.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 14:07:12 GMT
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline'; img-src *
Connection: Keep-Alive
Content-Length: 20676
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 18 Jan 2024 10:22:03 GMT
Server: Apache
ETag: "50c4-60f35bc13640e"
Vary: X-Forwarded-Proto
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=498
X-Content-Security-Policy: default-src 'self' 'unsafe-inline'; allow 'self'; img-src *

GET
H/1.1 200
OK welle-4.svg
www.bafin.de/SiteGlobals/Frontend/Images/icons/ 12 KB
14 KB 65ms
64ms Image
image/svg+xml 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/icons/welle-4.svg?__blob=normal&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

a8f524aaa716c86fa6e0939862e0549b1a90270133e241fbbeb3f26724390fec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 12212
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Fri, 08 Sep 2023 00:25:03 GMT
Server: Apache
ETag: 7190e31a65c896c53d83a981ac2eff2f
Vary: X-Forwarded-Proto,Accept-Encoding
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=496
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:07:12 GMT

GET
H/1.1 200
OK searchfilter_selected.png
www.bafin.de/SiteGlobals/Frontend/Images/icons/ 246 B
2 KB 62ms
62ms Image
image/png 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/icons/searchfilter_selected.png?__blob=normal&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

739351635de6cfb9a668cd51e818c2efe2b8395abdbafc895f44a1d1859a09e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 246
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Fri, 08 Sep 2023 00:25:03 GMT
Server: Apache
ETag: 802e83886792978190722666d290b16f
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/png;charset=UTF-8
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=492
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:07:12 GMT

GET
H/1.1 200
OK searchfilter_unselected.png
www.bafin.de/SiteGlobals/Frontend/Images/icons/ 115 B
2 KB 63ms
63ms Image
image/png 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/icons/searchfilter_unselected.png?__blob=normal&v=2

Requested by

Host: www.bafin.de
URL: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

76b0f4e357b6ede72b23b0fee42e3d449b24883f92e529cb61645cc99de15ec5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/SiteGlobals/Frontend/Styles/small.css;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?v=8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 115
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Fri, 08 Sep 2023 00:25:03 GMT
Server: Apache
ETag: 6f7c5c2cdafc35864beeb14cccef0872
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/png;charset=UTF-8
Cache-Control: max-age=14400
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=496
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:07:12 GMT

GET
H/1.1 200
OK favicon.ico;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/SiteGlobals/Frontend/Images/ 4 KB
6 KB 55ms
55ms Other
image/x-icon 80.245.145.113
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bafin.de/SiteGlobals/Frontend/Images/favicon.ico;jsessionid=2FDCD125D81B6C5656BAFAC51213F046.internet012?__blob=normal&v=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.145.113 , Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

e4e2260f857a4ee98bf1412639537f178e2ac53d4ea835d81ab7fdc63eec0489

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bafin.de/DE/Startseite/startseite_node.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Content-Security-Policy: sandbox allow-scripts allow-popups allow-same-origin;
Date: Tue, 16 Apr 2024 14:07:12 GMT
Content-Security-Policy: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
X-Permitted-Cross-Domain-Policies: none
Connection: Keep-Alive
Content-Length: 4286
X-XSS-Protection: 1;mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: same-origin
Last-Modified: Fri, 08 Sep 2023 00:24:25 GMT
Server: Apache
Vary: X-Forwarded-Proto
X-Frame-Options: sameorigin
Content-Language: de-DE
Content-Type: image/x-icon;charset=UTF-8
Cache-Control: max-age=14400
Keep-Alive: timeout=10, max=495
X-WebKit-CSP: default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.youtube.com *.ytimg.com *.vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de *.youtube.com *.vimeo.com; frame-src *.google.com *.gstatic.com *.youtube.com *.vimeo.com; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com piwik.itzbund.de; connect-src 'self' *.itzbund.de; frame-ancestors 'self';
Expires: Tue, 16 Apr 2024 18:06:43 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bafin.de/	1969-12-31 23:59:59	Name: AL_BALANCE-S Value: $xc/At8C0ZC5H5jZ9Am4gUXuscCRQPS2uXHgdYfBhKbybyvbjINf
www.bafin.de/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2FDCD125D81B6C5656BAFAC51213F046.internet012
www.bafin.de/	1970-01-20 20:01:48	Name: gsbToggleImageSources Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googleapis.com .google.com .gstatic.com .youtube.com .ytimg.com .vimeo.com doo.net piwik.itzbund.de; object-src 'self' multimedia.gsb.bund.de; media-src 'self' multimedia.gsb.bund.de .youtube.com .vimeo.com; frame-src .google.com .gstatic.com .youtube.com .vimeo.com; img-src 'self' data: .google.com .gstatic.com .youtube.com piwik.itzbund.de; connect-src 'self' .itzbund.de; frame-ancestors 'self';
Strict-Transport-Security	max-age=16070400
X-Content-Security-Policy	sandbox allow-scripts allow-popups allow-same-origin;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.bafin.de
80.245.145.113
04f83004f50bb9eb4858bbc600df3eacdf3f2b28c73f18feea37f60949a948f6
05a48f316c0c73306d850b7a0dd15552df208161089a0429d0a20957c82ad287
077e6158dce9aba621bc07691c40e940f09c65656941f5d13490c52cc933738a
3648b4f0ca850e55ead1ad22624537d31f5e3c0a14131be5196c24e8b66ac7c1
47a09efc6359422b0288c35aa42b0c7cb11f7f7fbca8bd26357f2985b3547cf5
489e1563caf2b153ba71d36834439dddcb71d0fbf91a9ed3035457d6f5ec103b
4e02b5d42e66a5c6bfaec5163ebe1c8a5b102de78f461be986480e1e1dee25f0
6ec6dbef2b8dace12fb85748f25db283c4fe55eece13d3b9b8ccf9b2d3022766
724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b
739351635de6cfb9a668cd51e818c2efe2b8395abdbafc895f44a1d1859a09e3
76b0f4e357b6ede72b23b0fee42e3d449b24883f92e529cb61645cc99de15ec5
794dec30466d98b7c267e6b986d1f171938c12edb8b8499e7d5edfa67ac07eaa
82935e5ed0b956ea5928324a73c32b7cb4f7d6abff9dc7c4cbfc87fd98729ae0
873bfaf903f0d9264ddc3ab8a1ed217ffd98d8d621695dfd071b2b2473ab5302
8775484c3bb8ce3c7a9c820e2d9d0a73ba167a8cd8dc9608966688c7c519d7ee
8bd65a5e27f7901e8a9de7cb5a1397e844b547e7129a061aeacb2c4bf4c099dd
95357f4149172de04d44a694c629b638fb1ae5abfebc6d43bf3ec4bc3e314137
a8f524aaa716c86fa6e0939862e0549b1a90270133e241fbbeb3f26724390fec
ab53f95a9afc7b99cbf35353c181fa8783f31546ba7af07a58fd00e6b4cc1e13
be6dcb6e904f44dec593e7c2268e4954654276a9a2697843ac75e4275e91f5f3
bf9a0eb0fea017ec1bb788eafd3814581f150414cb2d96528f654e9e26c5ba33
c98ca5cfcf1a3316353eb4dfc1115c9ed291458f7f4c0afb8f3c92f8e9349cd1
c9ab8949b4774593fdccf93c60d43cf8e7a01121956bda0651e9cb527f3876ba
cb6689a24b7ed98d6a0b175b9636ee40bb32fcef78918eeb980bac11fb29f11f
e4e2260f857a4ee98bf1412639537f178e2ac53d4ea835d81ab7fdc63eec0489
e90fe5abdf4fd774febe6860d013e3a7e58cf3578d9b53cb169e236c361ff96d
f12c34ec954a5fcbe126baaa07e61ccd71679a5b9d9e0518132651f651884977
f21a07b8173a59a6cdf3f46d46a4bd1b14e4146d4e1c80a543021a6d69b2fe8c

www.bafin.de Open in urlscan Pro 80.245.145.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

28 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2046 kBTransfer

1999 kBSize

3 Cookies

6 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

www.bafin.de Open in urlscan Pro
80.245.145.113 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2046 kB
Transfer

1999 kB
Size

3
Cookies

28 HTTP transactions
0 data transactions