urlscan.io logo urlscan.io
SecurityTrails logo

esth.bundesfinanzministerium.de Open in urlscan Pro
66.6.22.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://esth.bundesfinanzministerium.de/
Effective URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Submission: On February 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 46 HTTP transactions. The main IP is 66.6.22.209, located in United States and belongs to RADWARE, IL. The main domain is esth.bundesfinanzministerium.de.
TLS certificate: Issued by Telekom Security ServerID OV Class 2 CA on January 9th 2024. Valid for: a year.
This is the only time esth.bundesfinanzministerium.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 44 66.6.22.209 48851 (RADWARE)
1 185.49.16.91 25516 (INIT-AS)
1 130.211.29.114 396982 (GOOGLE-CL...)
2 35.241.15.240 15169 (GOOGLE)
46 5
Apex Domain
Subdomains		 Transfer
44 bundesfinanzministerium.de
esth.bundesfinanzministerium.de
693 KB
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 19355
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9194
9 KB
1 init.de
analytics.init.de — Cisco Umbrella Rank: 415608
83 KB
46 3
Domain Requested by
44 esth.bundesfinanzministerium.de 2 redirects esth.bundesfinanzministerium.de
cdn.perfdrive.com
2 cas.avalon.perfdrive.com cdn.perfdrive.com
1 cdn.perfdrive.com esth.bundesfinanzministerium.de
1 analytics.init.de esth.bundesfinanzministerium.de
46 4
Subject Issuer Validity Valid
bundesfinanzministerium.de
Telekom Security ServerID OV Class 2 CA		 2024-01-09 -
2025-01-13		 a year crt.sh
analytics.init.de
Telekom Security ServerID OV Class 2 CA		 2023-12-19 -
2024-12-23		 a year crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-07-24 -
2024-08-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Frame ID: DD8ADF200DFC0ECC8F2DDD442AE93008
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BMF - Amtliches Einkommensteuer-Handbuch Schliessen

Page URL History Show full URLs

  1. http://esth.bundesfinanzministerium.de/ HTTP 302
    https://esth.bundesfinanzministerium.de/ HTTP 302
    https://esth.bundesfinanzministerium.de/esth/2022/home.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

46
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

782 kB
Transfer

1979 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://esth.bundesfinanzministerium.de/ HTTP 302
    https://esth.bundesfinanzministerium.de/ HTTP 302
    https://esth.bundesfinanzministerium.de/esth/2022/home.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home.html
esth.bundesfinanzministerium.de/esth/2022/
Redirect Chain
  • http://esth.bundesfinanzministerium.de/
  • https://esth.bundesfinanzministerium.de/
  • https://esth.bundesfinanzministerium.de/esth/2022/home.html
865 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
8c2ba71635183055589f9d1d6aed8c44bb2b561166088b78b6cc8be62b56e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN sameorigin
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
123
cache-control
public
content-encoding
gzip
content-language
de
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
text/html;charset=utf-8
date
Fri, 23 Feb 2024 17:35:47 GMT
referrer-policy
same-origin
vary
Accept-Encoding
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN sameorigin
x-permitted-cross-domain-policies
none
x-ua-compatible
IE=edge
x-xss-protection
1;mode=block

Redirect headers

age
565
cache-control
public
content-language
de
content-length
0
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
text/html;charset=utf-8
date
Fri, 23 Feb 2024 17:28:30 GMT
location
https://esth.bundesfinanzministerium.de/esth/2022/home.html
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN sameorigin
x-permitted-cross-domain-policies
none
x-ua-compatible
IE=edge
x-xss-protection
1;mode=block
mejs.css
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/mejs.css?v=1
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
8f37217966ba2bfc754adceadf30072e30a56d48cae8a981edc4dc20401390ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:34:45 GMT
content-encoding
gzip
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
190
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
referrer-policy
same-origin
last-modified
Fri, 23 Feb 2024 17:34:45 GMT
x-frame-options
SAMEORIGIN, sameorigin
vary
Accept-Encoding
content-type
text/css;charset=utf-8
content-language
de
cache-control
public
vendor.css
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/ 		71 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/vendor.css?v=11
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
3bb55f8f4e27de5c4d62df5dc858f313b1dba6569967a96eb5095a054d113fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:36:00 GMT
content-encoding
gzip
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
115
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
referrer-policy
same-origin
last-modified
Fri, 23 Feb 2024 17:36:00 GMT
x-frame-options
SAMEORIGIN, sameorigin
vary
Accept-Encoding
content-type
text/css;charset=utf-8
content-language
de
cache-control
public
elements.css
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/ 		165 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
e51813dde7799ee6c68325514de0bcd7c0c9576dce28b0ec56f2a57059bf7b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:33:08 GMT
content-encoding
gzip
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
287
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
referrer-policy
same-origin
last-modified
Fri, 23 Feb 2024 17:33:08 GMT
x-frame-options
SAMEORIGIN, sameorigin
vary
Accept-Encoding
content-type
text/css;charset=utf-8
content-language
de
cache-control
public
screen.css
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/ 		226 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/screen.css?v=22
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
3138078dd0a665e7bbe75255b4007aeb9aaa6171d1cf011654a123e8491741bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:36:16 GMT
content-encoding
gzip
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
99
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
referrer-policy
same-origin
last-modified
Fri, 23 Feb 2024 17:36:16 GMT
x-frame-options
SAMEORIGIN, sameorigin
vary
Accept-Encoding
content-type
text/css;charset=utf-8
content-language
de
cache-control
public
cookiebanner.css
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/ 		4 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/cookiebanner.css?v=1
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
c30329cc7105e0607ea36f8792c91fccfeba921ad2dc9a8615c355e28021956a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:33:09 GMT
content-encoding
gzip
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
286
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
referrer-policy
same-origin
last-modified
Fri, 23 Feb 2024 17:33:09 GMT
x-frame-options
SAMEORIGIN, sameorigin
vary
Accept-Encoding
content-type
text/css;charset=utf-8
content-language
de
cache-control
public
jquery360.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/lib/ 		87 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/lib/jquery360.js?v=1
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
7ed2edaf59037b40983abd745a4cfe268414f7c101c1454905cbe28d644c6739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:29:26 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:29:26 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
509
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
require.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		16 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
2fea65ab5a4373ffba84bfffe30ed5a2a1d4aa5fcb478ea51427ee726a175c60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:30:35 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:30:35 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
440
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
bmf-icon-small.svg
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/Bilder/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/Bilder/bmf-icon-small.svg?__blob=normal&v=2
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
ecdbb04885bd64224ee8c878237bfbffb91d5a868935ee54ae10bfcf4933b26d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:37:29 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Thu, 12 Mar 2020 12:20:19 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
26
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
image/svg+xml;charset=UTF-8
content-language
de-DE
vary
Accept-Encoding
cache-control
public
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
piwik.js
analytics.init.de/ 		83 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.init.de/piwik.js
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.49.16.91 , Germany, ASN25516 (INIT-AS, DE),
Reverse DNS
ceinex.init-ag.de
Software
Apache /
Resource Hash
666311f3b3ec142faf73b8788c287680f575eaad970619d2bf4adabdaedd98ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Fri, 23 Feb 2024 17:37:56 GMT
Last-Modified
Wed, 20 Dec 2023 09:29:15 GMT
Server
Apache
ETag
"14ae9-60ced9ddd9c6d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
84713
print.css
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/print/themes/amthb/ 		37 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/print/themes/amthb/print.css?v=7
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
36a75b4caeed6e526204d3163633ebcb913b885ad2111d9e2a2e943cb9637140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:30:37 GMT
content-encoding
gzip
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
438
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
referrer-policy
same-origin
last-modified
Fri, 23 Feb 2024 17:30:37 GMT
x-frame-options
SAMEORIGIN, sameorigin
vary
Accept-Encoding
content-type
text/css;charset=utf-8
content-language
de
cache-control
public
Servicesuche_Submit.svg
esth.bundesfinanzministerium.de/SiteGlobals/Forms/_components/Buttons/ 		350 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Forms/_components/Buttons/Servicesuche_Submit.svg?__blob=image&v=1
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
34cea33baad9731a570b583ce472f58ddcbf1b823e35070199c0deafb0d26576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:29:27 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Wed, 30 Oct 2019 18:00:41 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
509
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
image/svg+xml;charset=UTF-8
content-language
it-IT
vary
Accept-Encoding
cache-control
public
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Facebook.svg
esth.bundesfinanzministerium.de/SiteGlobals/Functions/SocialBookmarks/Icons/ 		372 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/SocialBookmarks/Icons/Facebook.svg?__blob=normal&v=1
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
dfa6c60aac12845a817a554372ec4e1a497a9c3325f145146a0d275ae1de5c3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:33:32 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Wed, 30 Oct 2019 18:00:37 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
263
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
image/svg+xml;charset=UTF-8
content-language
de-DE
vary
Accept-Encoding
cache-control
public
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Twitter.svg
esth.bundesfinanzministerium.de/SiteGlobals/Functions/SocialBookmarks/Icons/ 		605 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/SocialBookmarks/Icons/Twitter.svg?__blob=normal&v=2
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
9b14bfec9caabde1f783267cbad2f669692d506ddb1ce1ba8ae462a2784321ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:34:31 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 25 Aug 2023 13:31:05 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
204
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
image/svg+xml;charset=UTF-8
content-language
de
vary
Accept-Encoding
cache-control
public
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Xing.svg
esth.bundesfinanzministerium.de/SiteGlobals/Functions/SocialBookmarks/Icons/ 		341 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/SocialBookmarks/Icons/Xing.svg?__blob=normal&v=1
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
331b89bed63bf307d257db593f9921232890f81ca4429cf54779ecc70ab393de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:34:40 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Wed, 30 Oct 2019 18:00:37 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
195
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
image/svg+xml;charset=UTF-8
content-language
de
vary
Accept-Encoding
cache-control
public
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
cookie.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/cookie.js?v=1
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
313745dcd42f48a8aa53d8ad5d0395a8cae4c30ee78f3a1b737972d0a4bbecf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
Origin
https://esth.bundesfinanzministerium.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:30:50 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
425
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
CookieBanner.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		4 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/CookieBanner.js?v=1
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
b3a6c9328564f131140182e2112048cbb2b810a8b913a8bf9b5a76278ffdedaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
Origin
https://esth.bundesfinanzministerium.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:31:55 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
360
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
csp-report
esth.bundesfinanzministerium.de/site/servlet/ 		0
788 B 		Other
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/site/servlet/csp-report
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 23 Feb 2024 17:37:56 GMT
cache-control
public
x-varnish-cookie
__uzma=619efa1a-c30a-444f-ad3a-10d67201d52e; __uzmb=1708709875; __uzme=9978; __uzmc=862301354863; __uzmd=1708709876; __uzmf=7f600095a2d1fa-5ec9-4210-9d9f-173f19461834170870987595061-913f38e6f67a4f0313; uzmx=7f9000f2582d2a-d07d-41c2-9312-d655caa479e61-170870987595061-70b215d75b46e1de13
age
0
x-frame-options
SAMEORIGIN
aperture.js
cdn.perfdrive.com/aperture/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 16:43:00 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 25 Oct 2023 04:29:09 GMT
server
nginx/1.24.0
age
3296
etag
W/"65389995-6844"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7938
BundesSerifWeb-Bold.woff2
esth.bundesfinanzministerium.de/static/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/static/fonts/BundesSerifWeb-Bold.woff2
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
3caf6e81f0b56b7b25b74465362084a6b881383dacae59cb785cc249bfa82612
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Origin
https://esth.bundesfinanzministerium.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:27:53 GMT
last-modified
Thu, 05 Nov 2020 15:42:30 GMT
age
603
etag
"6ea0-5b35df19a3c5d"
x-frame-options
SAMEORIGIN
cache-control
public
accept-ranges
bytes
content-length
28320
BundesSansWeb-Regular.woff2
esth.bundesfinanzministerium.de/static/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/static/fonts/BundesSansWeb-Regular.woff2
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
21eaf1f840cc228b6f01f2e257fba6156359ddc3ce403e6e85847e192adfdfe7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Origin
https://esth.bundesfinanzministerium.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:30:37 GMT
last-modified
Thu, 05 Nov 2020 15:42:56 GMT
age
438
etag
"5df4-5b35df327b387"
x-frame-options
SAMEORIGIN
cache-control
public
accept-ranges
bytes
content-length
24052
BundesSansWeb-Bold.woff2
esth.bundesfinanzministerium.de/static/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/static/fonts/BundesSansWeb-Bold.woff2
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
fb5168e4975b1e38fb522be4bc51a93d2f5da168f0daed0aa31a45db0a6cb170
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Origin
https://esth.bundesfinanzministerium.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:34:04 GMT
last-modified
Thu, 05 Nov 2020 15:42:30 GMT
age
232
etag
"5fa0-5b35df19a24ed"
x-frame-options
SAMEORIGIN
cache-control
public
accept-ranges
bytes
content-length
24480
BundesSansWeb-Italic.woff2
esth.bundesfinanzministerium.de/static/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/static/fonts/BundesSansWeb-Italic.woff2
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
dd3c084f502b3b6fc7db9a60a6ea47e3457826894748239074c373e638f8c2b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Origin
https://esth.bundesfinanzministerium.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:28:28 GMT
last-modified
Thu, 05 Nov 2020 15:42:56 GMT
age
568
etag
"6050-5b35df327af9f"
x-frame-options
SAMEORIGIN
cache-control
public
accept-ranges
bytes
content-length
24656
Init.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		10 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Init.js?v=8
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
c897e071322cb6959a4840ddf078a864d2d41947c1206a02ca77b654d716c845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:31:56 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:31:56 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
360
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
icon_01_cover.svg.svg
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/Bilder/Farbschema/amthb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/Bilder/Farbschema/amthb/icon_01_cover.svg.svg?__blob=normal&v=5
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
9d87dc5abbffd0dcfac3287e92f2b1911d4bb94091d563e10499d3ce45f23153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:34:39 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Wed, 05 Feb 2020 14:37:52 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
196
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
image/svg+xml;charset=UTF-8
content-language
de
vary
Accept-Encoding
cache-control
public
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
truncated
/ 		962 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfff0ecffdcfd2754a79208e34ca05b977a8f256d74917041f751dda7c4a6beb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2034ac4c430f3634c532a6954b8934bb54dcae759bc93606a4254299244deb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5832fa8f60e1ac86e082d9212d3b089f818e0ff4d7d5eaf9609ad2b369f02ea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d3e0987c6644937cc491d03b404fe7ca2cca77b1c82acdaaf0b7d8dc61778b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bfe1f186afdcb23e99fd7538cbddf54418023524839d4d715f37b2455b9f7b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09623fab84a9189500687ba141613749f9255850ab57e5acd7f225dd83b8b57a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c47403c7f75b1afcc4a4495adb2b5a23e887dff2695f62b73f6c01a996a7b79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/svg+xml
Icon_Footer_Nach_oben.svg.svg
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/Bilder/Farbschema/amthb/ 		313 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/Bilder/Farbschema/amthb/Icon_Footer_Nach_oben.svg.svg?__blob=normal&v=5
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
2aa6cefc13b9ac5d1855eacd597e06ef75e11807a1cace4a6a8c216560a897b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/elements.css?v=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:37:29 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Wed, 05 Feb 2020 14:37:52 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
26
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
image/svg+xml;charset=UTF-8
content-language
it-IT
vary
Accept-Encoding
cache-control
public
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Addon_Tracker.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Addon_Tracker.js?v=5
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
bde722add6f9165e531f39e70a9ce4e36642afd798a19cfb53e498b44122c0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:29:15 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:29:15 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
521
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
jquery.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/lib/ 		86 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/lib/jquery.js
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
bc5d5f9579edcc931080d6fc3b4790c03dbd2ff3807edc115134d1ef9243c6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:31:45 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:31:45 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
371
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
csp-report
esth.bundesfinanzministerium.de/site/servlet/ 		0
817 B 		Other
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/site/servlet/csp-report
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 23 Feb 2024 17:37:56 GMT
cache-control
public
x-varnish-cookie
__uzma=619efa1a-c30a-444f-ad3a-10d67201d52e; __uzmb=1708709875; __uzme=9978; __uzmd=1708709876; __uzmc=677411638757; __uzmf=7f600095a2d1fa-5ec9-4210-9d9f-173f194618341708709875950374-34a429f73d66b7d016; uzmx=7f9000f2582d2a-d07d-41c2-9312-d655caa479e61-1708709875950374-d80f73a21d1bc5cf16; cookie-allow-necessary=1; __ssds=2
age
0
x-frame-options
SAMEORIGIN
jsdata
cas.avalon.perfdrive.com/ 		418 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
9a30eb5f71769f3f5eb87821b889fc4ae73e3103a3426a44d57a7766088fe7b5

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Fri, 23 Feb 2024 17:37:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
418
content-type
text/plain; charset=UTF-8
csp-report
esth.bundesfinanzministerium.de/site/servlet/ 		0
816 B 		Other
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/site/servlet/csp-report
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 23 Feb 2024 17:37:56 GMT
cache-control
public
x-varnish-cookie
__uzma=619efa1a-c30a-444f-ad3a-10d67201d52e; __uzmb=1708709875; __uzme=9978; __uzmd=1708709876; __uzmc=677411638757; __uzmf=7f600095a2d1fa-5ec9-4210-9d9f-173f194618341708709875950374-34a429f73d66b7d016; uzmx=7f9000f2582d2a-d07d-41c2-9312-d655caa479e61-1708709875950374-d80f73a21d1bc5cf16; cookie-allow-necessary=1; __ssds=2
age
0
x-frame-options
SAMEORIGIN
jsdata
cas.avalon.perfdrive.com/ 		211 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
98f630950b76af372940278973c91f8361820c8d768530b9157e1cc117b267ef

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Fri, 23 Feb 2024 17:37:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
jquery-migrate.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/lib/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/lib/jquery-migrate.js
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
5724091ea8308b7898759cd7d705f291915a9663e5f0808ef486f7b8c2a918b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:29:17 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:29:17 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
518
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Addon_ConsentBanner.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		359 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Addon_ConsentBanner.js
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
801b0963e25225d26450b19385f70d60fb379579e1078240a8b545384945c488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:36:02 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:36:02 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
114
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Addon_Printlink.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Addon_Printlink.js?v=5
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
36f031f9e51b139a585c5a8e07bc928fbe1e66bf521621f88c7dd071f3737301
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:33:11 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:33:11 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
285
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Addon_Autosuggest.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		815 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Addon_Autosuggest.js?v=4
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
43dfa7b6b174640079930aa3fd1a73762cac7860f85c5ece989648ea39b7b224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:34:51 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:34:51 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
184
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Addon_Glossar_Modal.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		432 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Addon_Glossar_Modal.js
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
fad9f9e4997b307c3eb8a339297b6d8f77f0a702986b80428a88230296e98651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:33:11 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:33:11 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
285
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Addon_HeaderTop.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Addon_HeaderTop.js
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
980959b5deaf2d21fb2540251b11d1f75b8219eb2b2e1c6b08df3046f5b111e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:31:56 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:31:56 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
360
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Addon_Overlay.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		809 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Addon_Overlay.js?v=1
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
5b53b5345510cf0e68eee81f0deb0e792f061d3737f5f2086082537349adfe02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:28:28 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:28:28 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
567
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Addon_ScrollToFocus.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		986 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Addon_ScrollToFocus.js
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
ecfe98987d7f47634163c68a8cae0410705849a90e0f09e10db945cb5abb73ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:29:18 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
518
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Addon_FunctionsBar.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Addon_FunctionsBar.js?v=5
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
3780fc8194ab97cab5c7946b7bf53fca809608056e23c84050423b8723a4748c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:30:40 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:30:40 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
436
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Addon_MainNavigation.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/Addon_MainNavigation.js?v=4
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
60c87231695ec5c955ce8fe7fcec7fc78d605eeab01cc046318685d20f5946ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:37:53 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:37:53 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
2
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
bootstrap-bundle.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/lib/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/lib/bootstrap-bundle.js
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
ddb176e2a0e9d0dd4331d632e659ee391e40e255ca24815ce7580ea0a49acaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:35:26 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:35:26 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
149
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
jquery-ui.js
esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/lib/ 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/lib/jquery-ui.js
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/Functions/JavaScript/require.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
b34c5c2e5dee747bebfdfee25f39e1c28740f7e326152266c5165317de8b5666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/esth/2022/home.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:27:53 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Fri, 23 Feb 2024 17:27:53 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
602
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
application/x-javascript;charset=utf-8
content-language
de
cache-control
public
vary
Accept-Encoding
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
Icon_SocialMedia_Share_white.svg.svg
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/Bilder/Farbschema/amthb/ 		592 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/Bilder/Farbschema/amthb/Icon_SocialMedia_Share_white.svg.svg?__blob=normal&v=5
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/screen.css?v=22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
fb7ed5bfdc9d288056c9113a3228634b20765f9fa01bb9e79330fdbaa6c5be4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/screen.css?v=22
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:35:28 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Wed, 05 Feb 2020 14:37:52 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
148
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
image/svg+xml;charset=UTF-8
content-language
de
vary
Accept-Encoding
cache-control
public
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge
icon_drucker_white.svg.svg
esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/Bilder/Farbschema/amthb/ 		743 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/Bilder/Farbschema/amthb/icon_drucker_white.svg.svg?__blob=normal&v=5
Requested by
Host: esth.bundesfinanzministerium.de
URL: https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/screen.css?v=22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.6.22.209 , United States, ASN48851 (RADWARE, IL),
Reverse DNS
Software
/
Resource Hash
e67f90ac70e90e8d74d19c1a1873ad01c09e48d04e3c418ac38772f4d9065e69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esth.bundesfinanzministerium.de/SiteGlobals/StyleBundles/CSS/screen/themes/amthb/screen.css?v=22
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 17:35:28 GMT
referrer-policy
same-origin
x-content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.init-ag.de *.amthb.dev.init; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.amthb.dev.init *.init-ag.de *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
last-modified
Wed, 05 Feb 2020 14:37:52 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
148
x-frame-options
SAMEORIGIN, sameorigin
content-security-policy-report-only
default-src 'self'; base-uri 'self'; style-src 'self' 'unsafe-inline' *.openlayers.org openlayers.org *.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de; object-src 'self'; media-src 'self' *.youtube.com *.bundesfinanzministerium.de *.amthb.dev.init *.init-ag.de; child-src *.google.com *.gstatic.com *.youtube.com *.init.de *.amthb.dev.init *.init-ag.de; img-src 'self' data: *.google.com *.gstatic.com *.youtube.com *.openlayers.org openlayers.org *.openstreetmap.org *.init.de *.init-ag.de *.amthb.dev.init *.bundesfinanzministerium.de; frame-ancestors 'self'; report-uri /site/servlet/csp-report;
content-type
image/svg+xml;charset=UTF-8
content-language
de
vary
Accept-Encoding
cache-control
public
x-xss-protection
1;mode=block
x-ua-compatible
IE=edge

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _paq object| Bmf function| $ function| jQuery function| requirejs function| require function| define string| __uzdbm_1 string| __uzdbm_2 string| __uzdbm_3 string| __uzdbm_4 string| __uzdbm_5 string| __uzdbm_6 string| __uzdbm_7 object| SSJSConnectorObj object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| ssTimeLogs object| BrowserStyle string| j function| ssJSActionTaker function| ssJSConnWriteCookies

14 Cookies

Domain/Path Name / Value
esth.bundesfinanzministerium.de/ Name: __uzma
Value: 619efa1a-c30a-444f-ad3a-10d67201d52e
esth.bundesfinanzministerium.de/ Name: __uzmb
Value: 1708709875
esth.bundesfinanzministerium.de/ Name: __uzme
Value: 9978
esth.bundesfinanzministerium.de/ Name: __uzmd
Value: 1708709876
esth.bundesfinanzministerium.de/ Name: cookie-allow-necessary
Value: 1
.bundesfinanzministerium.de/ Name: __ssds
Value: 2
.bundesfinanzministerium.de/ Name: __ssuzjsr2
Value: a9be0cd8e
.bundesfinanzministerium.de/ Name: __uzmaj2
Value: d27afa2f-f36d-4bcb-8f2c-c8e36c3c9882
.bundesfinanzministerium.de/ Name: __uzmbj2
Value: 1708709876
.bundesfinanzministerium.de/ Name: __uzmcj2
Value: 650361032368
.bundesfinanzministerium.de/ Name: __uzmdj2
Value: 1708709876
esth.bundesfinanzministerium.de/ Name: __uzmc
Value: 955281991653
esth.bundesfinanzministerium.de/ Name: __uzmf
Value: 7f600095a2d1fa-5ec9-4210-9d9f-173f194618341708709875950598-200064870ae3851d19
.bundesfinanzministerium.de/ Name: uzmx
Value: 7f9000f2582d2a-d07d-41c2-9312-d655caa479e61-1708709875950598-f8833eee41be9ebd19

3 Console Messages

Source Level URL
Text
security error URL: https://esth.bundesfinanzministerium.de/esth/2022/home.html(Line 225)
Message:
[Report Only] Refused to load the script 'https://cdn.perfdrive.com/aperture/aperture.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.google.com *.gstatic.com *.openlayers.org openlayers.org *.init.de *.amthb.dev.init *.init-ag.de *.openstreetmap.org *.bundesfinanzministerium.de". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://cdn.perfdrive.com/aperture/aperture.js(Line 33)
Message:
[Report Only] Refused to connect to 'https://cas.avalon.perfdrive.com/jsdata?' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://cdn.perfdrive.com/aperture/aperture.js(Line 50)
Message:
[Report Only] Refused to connect to 'https://cas.avalon.perfdrive.com/jsdata?' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN sameorigin
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.init.de
cas.avalon.perfdrive.com
cdn.perfdrive.com
esth.bundesfinanzministerium.de
130.211.29.114
185.49.16.91
35.241.15.240
66.6.22.209
09623fab84a9189500687ba141613749f9255850ab57e5acd7f225dd83b8b57a
21eaf1f840cc228b6f01f2e257fba6156359ddc3ce403e6e85847e192adfdfe7
2aa6cefc13b9ac5d1855eacd597e06ef75e11807a1cace4a6a8c216560a897b7
2d3e0987c6644937cc491d03b404fe7ca2cca77b1c82acdaaf0b7d8dc61778b9
2fea65ab5a4373ffba84bfffe30ed5a2a1d4aa5fcb478ea51427ee726a175c60
313745dcd42f48a8aa53d8ad5d0395a8cae4c30ee78f3a1b737972d0a4bbecf6
3138078dd0a665e7bbe75255b4007aeb9aaa6171d1cf011654a123e8491741bd
331b89bed63bf307d257db593f9921232890f81ca4429cf54779ecc70ab393de
34cea33baad9731a570b583ce472f58ddcbf1b823e35070199c0deafb0d26576
36a75b4caeed6e526204d3163633ebcb913b885ad2111d9e2a2e943cb9637140
36f031f9e51b139a585c5a8e07bc928fbe1e66bf521621f88c7dd071f3737301
3780fc8194ab97cab5c7946b7bf53fca809608056e23c84050423b8723a4748c
3bb55f8f4e27de5c4d62df5dc858f313b1dba6569967a96eb5095a054d113fa1
3caf6e81f0b56b7b25b74465362084a6b881383dacae59cb785cc249bfa82612
43dfa7b6b174640079930aa3fd1a73762cac7860f85c5ece989648ea39b7b224
5724091ea8308b7898759cd7d705f291915a9663e5f0808ef486f7b8c2a918b1
5832fa8f60e1ac86e082d9212d3b089f818e0ff4d7d5eaf9609ad2b369f02ea8
5b53b5345510cf0e68eee81f0deb0e792f061d3737f5f2086082537349adfe02
5bfe1f186afdcb23e99fd7538cbddf54418023524839d4d715f37b2455b9f7b7
60c87231695ec5c955ce8fe7fcec7fc78d605eeab01cc046318685d20f5946ed
666311f3b3ec142faf73b8788c287680f575eaad970619d2bf4adabdaedd98ed
7ed2edaf59037b40983abd745a4cfe268414f7c101c1454905cbe28d644c6739
801b0963e25225d26450b19385f70d60fb379579e1078240a8b545384945c488
8c2ba71635183055589f9d1d6aed8c44bb2b561166088b78b6cc8be62b56e44b
8f37217966ba2bfc754adceadf30072e30a56d48cae8a981edc4dc20401390ae
980959b5deaf2d21fb2540251b11d1f75b8219eb2b2e1c6b08df3046f5b111e3
98f630950b76af372940278973c91f8361820c8d768530b9157e1cc117b267ef
9a30eb5f71769f3f5eb87821b889fc4ae73e3103a3426a44d57a7766088fe7b5
9b14bfec9caabde1f783267cbad2f669692d506ddb1ce1ba8ae462a2784321ad
9c47403c7f75b1afcc4a4495adb2b5a23e887dff2695f62b73f6c01a996a7b79
9d87dc5abbffd0dcfac3287e92f2b1911d4bb94091d563e10499d3ce45f23153
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506
a2034ac4c430f3634c532a6954b8934bb54dcae759bc93606a4254299244deb5
b34c5c2e5dee747bebfdfee25f39e1c28740f7e326152266c5165317de8b5666
b3a6c9328564f131140182e2112048cbb2b810a8b913a8bf9b5a76278ffdedaa
bc5d5f9579edcc931080d6fc3b4790c03dbd2ff3807edc115134d1ef9243c6d1
bde722add6f9165e531f39e70a9ce4e36642afd798a19cfb53e498b44122c0c9
c30329cc7105e0607ea36f8792c91fccfeba921ad2dc9a8615c355e28021956a
c897e071322cb6959a4840ddf078a864d2d41947c1206a02ca77b654d716c845
dd3c084f502b3b6fc7db9a60a6ea47e3457826894748239074c373e638f8c2b9
ddb176e2a0e9d0dd4331d632e659ee391e40e255ca24815ce7580ea0a49acaa3
dfa6c60aac12845a817a554372ec4e1a497a9c3325f145146a0d275ae1de5c3a
dfff0ecffdcfd2754a79208e34ca05b977a8f256d74917041f751dda7c4a6beb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51813dde7799ee6c68325514de0bcd7c0c9576dce28b0ec56f2a57059bf7b95
e67f90ac70e90e8d74d19c1a1873ad01c09e48d04e3c418ac38772f4d9065e69
ecdbb04885bd64224ee8c878237bfbffb91d5a868935ee54ae10bfcf4933b26d
ecfe98987d7f47634163c68a8cae0410705849a90e0f09e10db945cb5abb73ea
fad9f9e4997b307c3eb8a339297b6d8f77f0a702986b80428a88230296e98651
fb5168e4975b1e38fb522be4bc51a93d2f5da168f0daed0aa31a45db0a6cb170
fb7ed5bfdc9d288056c9113a3228634b20765f9fa01bb9e79330fdbaa6c5be4d