account.bitvavo.com Open in urlscan Pro
2600:9000:21f3:1600:b:805e:8000:93a1  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/	3 KB 3 KB	233ms 84ms	Document text/html	2600:9000:21f3:1600:b:805e:8000:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1600:b:805e:8000:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3d32253a99f165587af146f47cd217eef02abb0c5ce0627137cd40a48b8c660f Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' blob: https://ekr.zdassets.com/ https://bitvavo.zendesk.com/ wss://*.zopim.com wss://bitvavo.zendesk.com https://*.zopim.com *.onfido.com wss://*.onfido.com https://www.tradingview.com/snapshot/ https://telephony.onfido.com/v1/ wss://sync.onfido.com/v2/socket.io/ https://api.onfido.com/ https://sentry.io/api/ wss://account.bitvavo.com https://api.bitvavo.com/v2/ https://www.google-analytics.com https://stats.g.doubleclick.net; font-src 'self' https://fonts.gstatic.com/s/ https://fonts.gstatic.com/stats/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ data:; base-uri 'none'; media-src 'self' https://static.zdassets.com blob:; object-src 'self' blob:; img-src 'self' https://bitvavo.zendesk.com/ https://*.zdusercontent.com https://v2assets.zopim.io/ https://static.zdassets.com https://lipis.github.io/flag-icon-css/flags/ https://www.google-analytics.com/ https://stats.g.doubleclick.net data: blob:; frame-src 'self' https://widget.trustpilot.com/ https://www.google.com/ data: blob:; script-src 'self' https://static.zdassets.com/ https://widget.trustpilot.com/ https://www.woopra.com/track/ https://www.google.com/recaptcha/ https://www.gstatic.com/ https://www.google-analytics.com/analytics.js https://www.google-analytics.com/plugins/ua/ecommerce.js https://stats.g.doubleclick.net; upgrade-insecure-requests; block-all-mixed-content; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html date Wed, 10 Nov 2021 03:21:09 GMT last-modified Fri, 17 Sep 2021 10:02:37 GMT etag W/"2e95d25e29a937bd4d5203d1566dbbb1" server nginx strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin cache-control max-age=0, no-cache, no-store, must-revalidate content-security-policy default-src 'self'; connect-src 'self' blob: https://ekr.zdassets.com/ https://bitvavo.zendesk.com/ wss://*.zopim.com wss://bitvavo.zendesk.com https://*.zopim.com *.onfido.com wss://*.onfido.com https://www.tradingview.com/snapshot/ https://telephony.onfido.com/v1/ wss://sync.onfido.com/v2/socket.io/ https://api.onfido.com/ https://sentry.io/api/ wss://account.bitvavo.com https://api.bitvavo.com/v2/ https://www.google-analytics.com https://stats.g.doubleclick.net; font-src 'self' https://fonts.gstatic.com/s/ https://fonts.gstatic.com/stats/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ data:; base-uri 'none'; media-src 'self' https://static.zdassets.com blob:; object-src 'self' blob:; img-src 'self' https://bitvavo.zendesk.com/ https://*.zdusercontent.com https://v2assets.zopim.io/ https://static.zdassets.com https://lipis.github.io/flag-icon-css/flags/ https://www.google-analytics.com/ https://stats.g.doubleclick.net data: blob:; frame-src 'self' https://widget.trustpilot.com/ https://www.google.com/ data: blob:; script-src 'self' https://static.zdassets.com/ https://widget.trustpilot.com/ https://www.woopra.com/track/ https://www.google.com/recaptcha/ https://www.gstatic.com/ https://www.google-analytics.com/analytics.js https://www.google-analytics.com/plugins/ua/ecommerce.js https://stats.g.doubleclick.net; upgrade-insecure-requests; block-all-mixed-content; x-frame-options SAMEORIGIN content-encoding gzip via 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront), 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 FRA2-C2 vary Accept-Encoding x-cache Miss from cloudfront x-amz-cf-id EAdRHMldIagYPTTBZsuCw9KvrFe684CEu6yVW-fnlyzfjAYnrgC4sg==
GET H2	200	icon fonts.googleapis.com/	569 B 830 B	40ms 16ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: account.bitvavo.com URL: https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 908d52256ccbc2c28bef26bd8521f974122f169aeaadf42cc48193735ca9b6cc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 10 Nov 2021 03:21:09 GMT server ESF date Wed, 10 Nov 2021 03:21:09 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 10 Nov 2021 03:21:09 GMT
GET H2	200	css fonts.googleapis.com/	7 KB 825 B	41ms 17ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito:400,500,600|Roboto:400,500 Requested by Host: account.bitvavo.com URL: https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f53e25eaf1f5597e6dbc774447eb19b85fe79576e7c691affdef599cccf19155 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 10 Nov 2021 02:43:11 GMT server ESF date Wed, 10 Nov 2021 03:21:09 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 10 Nov 2021 03:21:09 GMT
GET H2	200	tp.widget.bootstrap.min.js Show response widget.trustpilot.com/bootstrap/v5/	22 KB 8 KB	30ms 8ms	Script application/x-javascript	13.224.186.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Requested by Host: account.bitvavo.com URL: https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.186.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-186-126.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash a9ddd05afc7b255840510e1d40fda6304d6dc5695fa2ef4c40424d1507d2cfe3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff age 3421 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront date Wed, 10 Nov 2021 02:24:09 GMT content-length 7358 x-xss-protection 1; mode=block last-modified Mon, 01 Nov 2021 12:14:12 GMT server AmazonS3 etag "158ca99a1f63568e56a39abb980c9aa7" content-type application/x-javascript via 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront) cache-control max-age=86400 x-amz-cf-pop FRA2-C1 accept-ranges bytes x-amz-cf-id FhHCnyn6sKQ1FT_r_ApnrpPX-dI7invKq-5Xf7j5e-e37F7XqRyhNQ==
GET H2	200	app.40ad3bde.css account.bitvavo.com/css/	95 KB 24 KB	11ms 10ms	Stylesheet text/css	2600:9000:21f3:1600:b:805e:8000:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://account.bitvavo.com/css/app.40ad3bde.css Requested by Host: account.bitvavo.com URL: https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1600:b:805e:8000:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 59ff092de35caa2324ede30bd7afffabd04fb70a11c9b33149001b2927454b59 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 1774938 x-cache Hit from cloudfront date Wed, 20 Oct 2021 14:18:52 GMT x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Fri, 17 Sep 2021 10:01:57 GMT server nginx etag W/"7c610b8b7bdcf2facb0aae7ad332a698" vary Accept-Encoding content-type text/css via 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront), 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront) cache-control max-age=2592000, public x-amz-cf-pop FRA60-P2, FRA2-C2 x-amz-cf-id T60ons17yA7Ud25RQA2SHW2FQL45J4oRvB9XGdn_vA7waSXshnNVbg==
GET H2	200	app.d74f153e.js Show response account.bitvavo.com/js/	1 MB 306 KB	9ms 8ms	Script application/javascript	2600:9000:21f3:1600:b:805e:8000:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://account.bitvavo.com/js/app.d74f153e.js Requested by Host: account.bitvavo.com URL: https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1600:b:805e:8000:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 466d9d068f0c4a6a421dc94b8c722950bde95e1ce6f42cfcf6f4dcf7c1d6e2b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 1910839 x-cache Hit from cloudfront date Tue, 19 Oct 2021 00:33:51 GMT x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Fri, 17 Sep 2021 10:02:00 GMT server nginx etag W/"1b28f819573d7600c3e947cff8fbcd97" vary Accept-Encoding content-type application/javascript via 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront), 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront) cache-control max-age=2592000, public x-amz-cf-pop FRA6-C1, FRA2-C2 x-amz-cf-id TtEx-LhXsQE6bjAVmrtP-HxWT00o774dxrblTUwkFANyvm0z77L7EQ==
GET H2	200	chunk-vendors.e094a3fb.js Show response account.bitvavo.com/js/	3 MB 818 KB	9ms 8ms	Script application/javascript	2600:9000:21f3:1600:b:805e:8000:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://account.bitvavo.com/js/chunk-vendors.e094a3fb.js Requested by Host: account.bitvavo.com URL: https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1600:b:805e:8000:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 4b774bda8379bb662b141ac1e875b463899ba61af4a1cf3c7e34588b302b8884 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 2150459 x-cache Hit from cloudfront date Sat, 16 Oct 2021 06:00:11 GMT x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Fri, 17 Sep 2021 10:02:02 GMT server nginx etag W/"8164ad366430b3ad23caedb3ae54b4a4" vary Accept-Encoding content-type application/javascript via 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront), 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront) cache-control max-age=2592000, public x-amz-cf-pop FRA60-P2, FRA2-C2 x-amz-cf-id cjomKCSgN5g9QUznhMKJV5aqRBmA3Vw_Xr2wCzgT72T_OwsVaEk_TA==
GET H2	200	api.js Show response www.google.com/recaptcha/	916 B 997 B	39ms 17ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit Requested by Host: account.bitvavo.com URL: https://account.bitvavo.com/device/5be9f7b6411b56aaa6dd73877095c04172a662d8/5214af732b4fd59bd69b91d9d38abff503f49eac/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 81ce459cce3d52301eeb94c61d426cdd066ef1160a2e550fd51251ccd34e15e8 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:09 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 584 x-xss-protection 1; mode=block expires Wed, 10 Nov 2021 03:21:09 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/	346 KB 136 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 519f71e8a6cac156c0290fb5b79372191890e23d46a94cbe3a744e6470f074c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://account.bitvavo.com/ Origin https://account.bitvavo.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 09 Nov 2021 22:46:53 GMT content-encoding gzip x-content-type-options nosniff age 16456 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 138756 x-xss-protection 0 last-modified Mon, 01 Nov 2021 18:13:57 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 09 Nov 2022 22:46:53 GMT
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	20 KB 6 KB	60ms 19ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=0c90f94c-c256-4f21-bc75-e5ad4dd772dd Requested by Host: account.bitvavo.com URL: https://account.bitvavo.com/js/chunk-vendors.e094a3fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:09 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 19 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id AFCXKWHC4RT8RG6K x-amz-id-2 QUekuotNtOfR5sZOlkWBfQJl7bdEhLF5xXLVOFkz7QuvqkMxdXyti6ZuUs3GCJShsmM16uV2obc= last-modified Wed, 09 Jun 2021 00:08:59 GMT server cloudflare etag W/"cc904f41324148b571599b3b02fdec0b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIRgYlbFMcWDp%2BIC7qbkBTy9ljUhNiw%2Be8ylbjiRHujFTSoTwam%2F04H2MYwP1hTt7%2FXnO%2FOguEqZJLJeBDnT7%2BNaMXgZXAb2bxWihipU2o%2F8MmD4l5RGx%2FwYyU24cVM%2FWNpYTew%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 x-amz-version-id VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT cf-ray 6abc262928c201eb-ZRH
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	40ms 6ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: account.bitvavo.com URL: https://account.bitvavo.com/js/chunk-vendors.e094a3fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 4803 date Wed, 10 Nov 2021 02:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 10 Nov 2021 04:01:06 GMT
GET DATA	200 OK	truncated /	286 B 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	logo.73bf3f52.svg account.bitvavo.com/img/	2 KB 1 KB	8ms 8ms	Image image/svg+xml	2600:9000:21f3:1600:b:805e:8000:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://account.bitvavo.com/img/logo.73bf3f52.svg Requested by Host: account.bitvavo.com URL: https://account.bitvavo.com/css/app.40ad3bde.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1600:b:805e:8000:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 0c6799a49865c1ca92a15dd6289f29e15c117038270cc0c801ac9960a9902e62 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/css/app.40ad3bde.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 1709619 x-cache Hit from cloudfront date Thu, 21 Oct 2021 08:27:31 GMT x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Fri, 17 Sep 2021 10:01:58 GMT server nginx etag W/"73bf3f527aeda854ef53bf0c6d3e9d7b" vary Accept-Encoding content-type image/svg+xml via 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront), 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront) cache-control max-age=2592000, public x-amz-cf-pop FRA60-P2, FRA2-C2 x-amz-cf-id SFGfHUWoJ_yBTm2TMLMvnJbjcL5EAtyCp_tpsF8BGBjMqBigpQVt6Q==
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	56ms 14ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito:400,500,600|Roboto:400,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://account.bitvavo.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:11:56 GMT x-content-type-options nosniff age 108553 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 08 Nov 2022 21:11:56 GMT
GET H2	200	XRXW3I6Li01BKofA6sKUYevI.woff2 fonts.gstatic.com/s/nunito/v16/	19 KB 19 KB	50ms 10ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito:400,500,600|Roboto:400,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://account.bitvavo.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 22:35:14 GMT x-content-type-options nosniff age 449155 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19248 x-xss-protection 0 last-modified Wed, 25 Nov 2020 02:44:29 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 04 Nov 2022 22:35:14 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v114/	114 KB 114 KB	57ms 17ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v114/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/icon?family=Material+Icons Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b819e02fcd718274f1b6ad5e11e5b6330f25f5388b8ceb6213463725e81644af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://account.bitvavo.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 09 Nov 2021 00:16:05 GMT x-content-type-options nosniff age 97504 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 116484 x-xss-protection 0 last-modified Tue, 02 Nov 2021 00:08:13 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 09 Nov 2022 00:16:05 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	46ms 6ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito:400,500,600|Roboto:400,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://account.bitvavo.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 05 Nov 2021 02:46:35 GMT x-content-type-options nosniff age 434074 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 05 Nov 2022 02:46:35 GMT
GET H2	200	0c90f94c-c256-4f21-bc75-e5ad4dd772dd Show response ekr.zdassets.com/compose/	428 B 1003 B	772ms 740ms	XHR application/json	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/0c90f94c-c256-4f21-bc75-e5ad4dd772dd Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=0c90f94c-c256-4f21-bc75-e5ad4dd772dd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be94e21dd8854a7dd1797350fb6d465af404f18559ac173192452311192b9283 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT content-encoding br vary Origin, Accept-Encoding cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} status 200 OK access-control-allow-methods GET, POST, OPTIONS strict-transport-security max-age=0 x-request-id 9f774a48-e88f-4418-bcd4-e32ec5250f7f x-runtime 0.002299 server cloudflare etag W/"be94e21dd8854a7dd1797350fb6d465a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 7200 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v%2BxPxvdEjrTh4HsqTAEC9fkNjal4OS3e9x%2FIOGUnkNDFrzAb5mK6zpH25nDmkpIKgwLsIbpLKLjwpjIN%2Bk%2FqiET0iokwpsZq%2BvnjlIID%2BrvIxLx68T9wjwOLSAyLjZ284Y%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600 cf-ray 6abc2629b9d901fc-ZRH
GET H2	200	ecommerce.js Show response www.google-analytics.com/plugins/ua/	1 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ecommerce.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.bitvavo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:01:20 GMT content-encoding gzip x-content-type-options nosniff age 1189 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 738 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 10 Nov 2021 04:01:20 GMT
GET H2	200	web-widget-framework-3a2a8604b6c6deb9b732.js Show response static.zdassets.com/web_widget/latest/ Frame 526B	288 KB 95 KB	32ms 32ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=0c90f94c-c256-4f21-bc75-e5ad4dd772dd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f30a90487ac5a1f8c4105760122f768da0e1da53df698c1130a8365beb1a7a5 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 522375 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id SRP2H1HW088E25YZ x-amz-id-2 ASSO+iAovf+dS6OyhArfjmAM47ywT3OpZS0X1AC/xBKVhoaW3D6rfE8CUSkI6tw8qTg3tV8Xh2Y= last-modified Wed, 03 Nov 2021 22:16:22 GMT server cloudflare etag W/"2a16a8e19f7dbccb39fb77d83d2a14e7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kcw49fuHeHXpeIPCpzMewK2lnJn3%2F9F4nLsf4TTHavEZHqTUoJBpBFi6eelMZjSylWzVlQFlwVHkKC7Kola6UTAgVMFAMa9IE3z5gaL1iNd0pUCCK8H9OxOvzi6jFdWHWBJcauc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id ydGGxK7TAx23NDRPG7kj.JqrKtiUwWrq cf-ray 6abc262e7d4901eb-ZRH expires Thu, 03 Nov 2022 22:16:21 GMT
GET H2	200	web-widget-chat-sdk-58987df92c8073e96c0f.js Show response static.zdassets.com/web_widget/latest/ Frame 526B	203 KB 52 KB	23ms 22ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-58987df92c8073e96c0f.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=0c90f94c-c256-4f21-bc75-e5ad4dd772dd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 522373 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id F2NAC15YG72FXB2C x-amz-id-2 xfnRw4LNzCTZV+L6xc31DO/FFhpykHR2Xt1zYZ+4mz3ycKE4yjJBRVDGjC80cXhlxCR9Fu0IEq4= last-modified Wed, 03 Nov 2021 23:49:38 GMT server cloudflare etag W/"f4e9b6a21f729895e00473e7f3947ed7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6VLWLbbgGzBXiAQDkRhYpTuxANfD%2BANglzwmgx9z7TGl2bsR2LM4oGBndHw%2BusQNFKUfDEdFl5jcPpYwgTJR%2BSd53ryuGDIsUC5bp8ochjjCA4Aec81aqdNR3WsmLwlVyuHy%2Fg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id VCxuCJi40dVya7RnPTXVZ9S02BueApP5 cf-ray 6abc262e7d4a01eb-ZRH expires Thu, 03 Nov 2022 23:49:37 GMT
GET H2	200	config Show response bitvavo.zendesk.com/embeddable/ Frame 526B	610 B 1 KB	197ms 156ms	XHR application/json	104.16.53.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bitvavo.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b1476844037e72ef7d745058003f93ec7c139a282dd905554d9c0ec1b9d329f Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-zendesk-zorg yes x-zendesk-origin-server embeddable-app-server-6b7f9f99bb-6cb7w access-control-allow-methods GET vary Origin, Accept-Encoding x-cached STALE x-request-id 6abbd31609681ebe-DUB, 6abc262f1e4b0221-ZRH x-runtime 0.001276 last-modified Wed, 10 Nov 2021 01:58:28 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 1728000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJSnhRD6K6aC4Qeqv4Gp5TrOv%2BZR6yyRGxqIRMgxyoViqRGLd8dX7F3GI0E0H13iLMe0XX2XhbRYUvn7UlmzdHq8A9mi7PwEtYgBhDo92L60VL2UMU%2BDByxTImS0I6h0Kz23GYk%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control public, max-age=60, stale-while-revalidate=600, stale-if-error=3600 cf-ray 6abc262f1e4b0221-ZRH
GET H2	200	web-widget-44722-036d62e90be79b6b3c39.js Show response static.zdassets.com/web_widget/latest/ Frame 526B	336 KB 102 KB	31ms 31ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-44722-036d62e90be79b6b3c39.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70828d3386d394bf286b96e7b70f502f11a85f241d8d1ca5bcd04a1e97023649 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 522374 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id 3TRAHH8Y5J73H0GQ x-amz-id-2 DN7OvTM+DrTAyPVjy47iQ0XMIl/kLHH+Nl6N4X5UHEWreVRslAkWzo2SybQ8zE97sNMZsuXNT6I= last-modified Wed, 03 Nov 2021 23:49:38 GMT server cloudflare etag W/"47aa05bd3d5756564f80ecd1fcb52e87" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnMbntHBcz2szF0BkiYA4%2BUotQAnj87R%2Bk1vMc1B4ITNvTZ5ppkS9E%2BO%2FxUMz%2BCtH6cG%2FlJo5LNY7yPilCERIRtuRIdGqnfCqdj5fvZSi6DO75NAwuX0suVXJM9WgD1nDfvfMs0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id b8R5dBnej5oWu4mB.kBlRRCP9bk5SfNc cf-ray 6abc26301f0301eb-ZRH expires Thu, 03 Nov 2022 23:49:37 GMT
GET H2	200	web-widget-71349-55d73a3a407b6098b248.js Show response static.zdassets.com/web_widget/latest/ Frame 526B	85 KB 23 KB	21ms 21ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-71349-55d73a3a407b6098b248.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bba2effb91745469929c5e993fe2c38cf19aaa2056b5e746e68bf35641c12095 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 522374 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id 3TRA5EPGDYCG3M7V x-amz-id-2 Y9Aq+bGfsjk6HhdzYP79IKzcgK7hRSFCNr5f4aGFVC8wlXCQRQPPJDqyfuwdYnNvSbIftoaSpJo= last-modified Wed, 03 Nov 2021 23:49:38 GMT server cloudflare etag W/"c63b8bad238d77b67872a4e26c002a2f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2pAt%2B9Wzp13OQyPDo88tsY99EJzQQ8GR9KnjSIyST%2BUhaUszhlxLtdoE4wTB1wp0rbg3p5Kveo9y8iZVaQ3tr2YTnJGXbZJMV2ROEty1RA8HURI7nwwzME8DHEXu6ZW5bK2Uxc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id jPFAGw1Z1H_TV7Lu8YDu1VLFLgkOunwx cf-ray 6abc26301f0601eb-ZRH expires Thu, 03 Nov 2022 23:49:37 GMT
GET H2	200	web_widget-5c92aeec2d469bcb1e15.js Show response static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 526B	431 KB 94 KB	25ms 24ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-5c92aeec2d469bcb1e15.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4995a1647916583ca12ef566434cf47c8e491ac1658b6d7630763f957696b74 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 522374 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id 3TR1HZS7NHTBFJHY x-amz-id-2 p7Z8izg8WW1ePD1VMseb+6dqqxfMNo6mQbJe6yrWxg/DVieUEMmndw1gdzv6F/yCEIj63yjyo48= last-modified Wed, 03 Nov 2021 22:13:06 GMT server cloudflare etag W/"4744232209675ba3572f46c27cada121" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXzdG2fhXU8HLGfzXChEwXdfMi2OUJvQdKEZis3GvqZMOHOu67C8OUxvxj2g2DQ112WpXg%2FkRGWpQEx%2Bd7HIGUtkxeFMEf%2BGlOQpUTxhrUueQFCwkEesgGBeSZRk1RGfVkWmEEc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id pya6tXzlA2ckahCEz4GAPnV1a7gt1Ptx cf-ray 6abc26301f0801eb-ZRH expires Thu, 03 Nov 2022 22:13:05 GMT
GET H2	200	embeddable_blip Show response bitvavo.zendesk.com/ Frame 526B	0 355 B	59ms 58ms	XHR text/plain	104.16.53.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bitvavo.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTUuMC40NjM4LjU0IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiI5ZWMyYTU1MzU3OGQwMzEzZTQ1NTIwYzlmOGQwM2RiYyIsInN1aWQiOiI2YzM5NmI3M2M4YjY0Y2U2ZWEwODA3YTBiMzg2ODkxNyIsInZlcnNpb24iOiJiMjQwYjYxIiwidGltZXN0YW1wIjoiMjAyMS0xMS0xMFQwMzoyMToxMC41MTlaIiwidXJsIjoiaHR0cHM6Ly9hY2NvdW50LmJpdHZhdm8uY29tL2RldmljZS81YmU5ZjdiNjQxMWI1NmFhYTZkZDczODc3MDk1YzA0MTcyYTY2MmQ4LzUyMTRhZjczMmI0ZmQ1OWJkNjliOTFkOWQzOGFiZmY1MDNmNDllYWMvIn0%3D Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 10 Nov 2021 03:21:10 GMT server cloudflare x-zendesk-zorg yes expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXpLxMDhH6i1JtnhTUzUw5JgDuTLrBj9S0I09x%2B9mgC0OLv8%2FTeko0SISuSMoPKPfpdIO%2B31KkLF5wAuZpFTcqo%2FaMM4jCNjrb%2FIX6Cw2KUfx%2BNX0rHTaKgYsGkQBGhJ5eoRVeU%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://account.bitvavo.com nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6abc2630cf8d0221-ZRH vary Accept-Encoding content-length 0 x-request-id 696072db6227fb0dbf63c984167572b2
GET H2	200	embeddable_blip Show response bitvavo.zendesk.com/ Frame 526B	0 285 B	134ms 134ms	XHR text/plain	104.16.53.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bitvavo.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiYW5zd2VyQm90Ijp7InN1cHByZXNzIjp0cnVlfSwiY2hhdCI6eyJkZXBhcnRtZW50cyI6eyJlbmFibGVkIjpbXSwic2VsZWN0Ijoic3VwcG9ydCJ9LCJjb25uZWN0T25QYWdlTG9hZCI6ZmFsc2V9LCJjb2xvciI6eyJ0aGVtZSI6IiMwMDUxZmYifSwiY29udGFjdEZvcm0iOnsic3VwcHJlc3MiOnRydWV9LCJoZWxwQ2VudGVyIjp7InN1cHByZXNzIjp0cnVlfSwidGFsayI6eyJzdXBwcmVzcyI6dHJ1ZX19fSwiYnVpZCI6IjllYzJhNTUzNTc4ZDAzMTNlNDU1MjBjOWY4ZDAzZGJjIiwic3VpZCI6IjZjMzk2YjczYzhiNjRjZTZlYTA4MDdhMGIzODY4OTE3IiwidmVyc2lvbiI6ImIyNDBiNjEiLCJ0aW1lc3RhbXAiOiIyMDIxLTExLTEwVDAzOjIxOjEwLjUyOFoiLCJ1cmwiOiJodHRwczovL2FjY291bnQuYml0dmF2by5jb20vZGV2aWNlLzViZTlmN2I2NDExYjU2YWFhNmRkNzM4NzcwOTVjMDQxNzJhNjYyZDgvNTIxNGFmNzMyYjRmZDU5YmQ2OWI5MWQ5ZDM4YWJmZjUwM2Y0OWVhYy8ifQ%3D%3D Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 10 Nov 2021 03:21:10 GMT server cloudflare x-zendesk-zorg yes expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkC%2FWp5Dz4z%2BhjHiI8RaHQRY7%2Bay6c2E62iiVmfJlloAci9N8zw%2FnsJVTmZBJZV9n%2Fq16KK4CVj5QCRS6o7mXVrgpN6DhNTlOlSq2ZBmhvBC2WjjwbbSvMU0zqqtfDVt2rxUvmo%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://account.bitvavo.com nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6abc2630df9a0221-ZRH vary Accept-Encoding content-length 0 x-request-id b59db8469fe14410a831fa4fe803a580
GET H2	200	de-de-json-0e7b9ae3b696a34b6d22.js Show response static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame 526B	28 KB 7 KB	19ms 19ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/de-de-json-0e7b9ae3b696a34b6d22.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 522370 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id RXR4803RAJPA7GP8 x-amz-id-2 oFjJHfgHRoZDwMCGNv7ye3U2UbZr0Pp56yo76zYyBsPmXMnbMgSutdEGf+NBoF0cJ2d6pJs1or0= last-modified Wed, 03 Nov 2021 23:47:17 GMT server cloudflare etag W/"8fc7b388e5d1886d801f856533dc1ecd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mc6t%2Bbq66Vmh2xYP2lJIER1ZAxbb6gJC7MuHlZ%2BUxg1joHkPIgbJTlpF9W3mJmbyNgoDWvzRPxBBrxoOyKmzee7ewFb8ZiCI%2Bv08yMBwfEHEDeHcxgEJqYKbEx1pk0%2BkPly%2FRlg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id 6RmU.xLcJA.EQghxyd1xkwY2BBWkSgbD cf-ray 6abc2630df9501eb-ZRH expires Thu, 03 Nov 2022 23:47:15 GMT
GET H2	200	en-us-json-252dd9c57c7ccd6fb1b5.js Show response static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame 526B	26 KB 6 KB	18ms 18ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/en-us-json-252dd9c57c7ccd6fb1b5.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c9973e0109dbadad00f38c2cc090f7dfa912ef8c033ac525471d2267f8afdb7 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 522373 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id F2N06VY3N7F39NRD x-amz-id-2 Flq5Mvujzd8H9JWVmo0Ne6ms+zAeLkzSDIvupcaioz2omud7lulTJic5C86ChJ3OfrSYfOq3pls= last-modified Wed, 03 Nov 2021 23:47:29 GMT server cloudflare etag W/"62379f28b9f6a37d756721716e320007" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAzPyOocrycUzxWis0ydhR4P%2FUeFd1D1TdvKgLvBDpJJQBD4n6n16Zq%2FrBQq3Gw7TaIRAJI%2BgeseBKleuqJOfeb5uFJ7mlsNW5a04d2kms6H4jbTWpXioU1Cmp8SSWURJ12ULis%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id BZNVnnYcXh.OUpwzx3eDa2agAlghswSf cf-ray 6abc26310fbd01eb-ZRH expires Thu, 03 Nov 2022 23:47:28 GMT
GET H2	200	status Show response widget-mediator.zopim.com/client/widget/account/ Frame 526B	20 B 616 B	61ms 25ms	XHR application/json	18.195.184.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget-mediator.zopim.com/client/widget/account/status?embed_key=07PVqi9VNwneuwsuNz77GkyzJVh2CKyi Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.184.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-184-167.eu-central-1.compute.amazonaws.com Software / Express Resource Hash 87407b6db5abf75a753ca1a8f01a6d96d30ac002d8e0d6ca4a1052e994ef9529 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT x-powered-by Express etag W/"14-VHc7j29ilOlP73ZUiJntvNFgjQA" vary Accept-Encoding access-control-allow-methods GET,PUT,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30 access-control-allow-headers Content-Type content-length 20
GET H2	200	embeddable_blip Show response bitvavo.zendesk.com/ Frame 526B	0 283 B	146ms 146ms	XHR text/plain	104.16.53.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bitvavo.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9hY2NvdW50LmJpdHZhdm8uY29tL2RldmljZS81YmU5ZjdiNjQxMWI1NmFhYTZkZDczODc3MDk1YzA0MTcyYTY2MmQ4LzUyMTRhZjczMmI0ZmQ1OWJkNjliOTFkOWQzOGFiZmY1MDNmNDllYWMvIiwidGltZSI6NTgsImxvYWRUaW1lIjozOS4yOTk5OTkyMzcwNjA1NSwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IkJpdHZhdm8iLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTUuMC40NjM4LjU0IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLGluaXRpYWwtc2NhbGU9MSxtaW5pbXVtLXNjYWxlPTEsbWF4aW11bS1zY2FsZT0xLHVzZXItc2NhbGFibGU9MCIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiOWVjMmE1NTM1NzhkMDMxM2U0NTUyMGM5ZjhkMDNkYmMiLCJzdWlkIjoiNmMzOTZiNzNjOGI2NGNlNmVhMDgwN2EwYjM4Njg5MTciLCJ2ZXJzaW9uIjoiYjI0MGI2MSIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMTBUMDM6MjE6MTAuNTc3WiIsInVybCI6Imh0dHBzOi8vYWNjb3VudC5iaXR2YXZvLmNvbS9kZXZpY2UvNWJlOWY3YjY0MTFiNTZhYWE2ZGQ3Mzg3NzA5NWMwNDE3MmE2NjJkOC81MjE0YWY3MzJiNGZkNTliZDY5YjkxZDlkMzhhYmZmNTAzZjQ5ZWFjLyJ9 Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:21:10 GMT x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 10 Nov 2021 03:21:10 GMT server cloudflare x-zendesk-zorg yes expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5CBfRqq2hoRiknFPGxpqrYB0S1eER5pu%2FIWrHytDILxC9%2F1pbKPuW195km9nqfMmDJ85t795CR9c%2Bj6WogtoI1nhHjtJ9PwfzhPM8bOAyI9HyMvjQCNY%2FD9BNhXxbqzM9Apd1c%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://account.bitvavo.com nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6abc26312fc30221-ZRH vary Accept-Encoding content-length 0 x-request-id bdaaeefc8ae14fd1fa937e395350e50a

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| Trustpilot object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| webpackJsonp object| __core-js_shared__ object| core function| vueRecaptchaApiLoaded object| regeneratorRuntime object| __SENTRY__ function| Decimal object| zESettings object| vm object| zEWebpackACJsonp function| zE function| zEmbed object| google_tag_data function| ga object| gaplugins boolean| ga-disable-UA-99984259-1 object| gaGlobal object| gaData boolean| zEACLoaded function| $zopim

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bitvavo.com/	1970-01-20 16:06:26	Name: _ga Value: GA1.2.908760962.1636514469
			.bitvavo.com/	1970-01-19 22:36:40	Name: _gid Value: GA1.2.666923942.1636514469

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://ekr.zdassets.com/ https://bitvavo.zendesk.com/ wss://*.zopim.com wss://bitvavo.zendesk.com https://*.zopim.com *.onfido.com wss://*.onfido.com https://www.tradingview.com/snapshot/ https://telephony.onfido.com/v1/ wss://sync.onfido.com/v2/socket.io/ https://api.onfido.com/ https://sentry.io/api/ wss://account.bitvavo.com https://api.bitvavo.com/v2/ https://www.google-analytics.com https://stats.g.doubleclick.net; font-src 'self' https://fonts.gstatic.com/s/ https://fonts.gstatic.com/stats/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ data:; base-uri 'none'; media-src 'self' https://static.zdassets.com blob:; object-src 'self' blob:; img-src 'self' https://bitvavo.zendesk.com/ https://*.zdusercontent.com https://v2assets.zopim.io/ https://static.zdassets.com https://lipis.github.io/flag-icon-css/flags/ https://www.google-analytics.com/ https://stats.g.doubleclick.net data: blob:; frame-src 'self' https://widget.trustpilot.com/ https://www.google.com/ data: blob:; script-src 'self' https://static.zdassets.com/ https://widget.trustpilot.com/ https://www.woopra.com/track/ https://www.google.com/recaptcha/ https://www.gstatic.com/ https://www.google-analytics.com/analytics.js https://www.google-analytics.com/plugins/ua/ecommerce.js https://stats.g.doubleclick.net; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.bitvavo.com
bitvavo.zendesk.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
static.zdassets.com
widget-mediator.zopim.com
widget.trustpilot.com
www.google-analytics.com
www.google.com
www.gstatic.com
104.16.53.111
104.18.70.113
13.224.186.126
18.195.184.167
2600:9000:21f3:1600:b:805e:8000:93a1
2a00:1450:4001:812::2004
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
0c6799a49865c1ca92a15dd6289f29e15c117038270cc0c801ac9960a9902e62
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
3d32253a99f165587af146f47cd217eef02abb0c5ce0627137cd40a48b8c660f
466d9d068f0c4a6a421dc94b8c722950bde95e1ce6f42cfcf6f4dcf7c1d6e2b5
4b774bda8379bb662b141ac1e875b463899ba61af4a1cf3c7e34588b302b8884
4c9973e0109dbadad00f38c2cc090f7dfa912ef8c033ac525471d2267f8afdb7
519f71e8a6cac156c0290fb5b79372191890e23d46a94cbe3a744e6470f074c1
59ff092de35caa2324ede30bd7afffabd04fb70a11c9b33149001b2927454b59
5f30a90487ac5a1f8c4105760122f768da0e1da53df698c1130a8365beb1a7a5
70828d3386d394bf286b96e7b70f502f11a85f241d8d1ca5bcd04a1e97023649
718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d
81ce459cce3d52301eeb94c61d426cdd066ef1160a2e550fd51251ccd34e15e8
87407b6db5abf75a753ca1a8f01a6d96d30ac002d8e0d6ca4a1052e994ef9529
8b1476844037e72ef7d745058003f93ec7c139a282dd905554d9c0ec1b9d329f
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
908d52256ccbc2c28bef26bd8521f974122f169aeaadf42cc48193735ca9b6cc
98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce
a9ddd05afc7b255840510e1d40fda6304d6dc5695fa2ef4c40424d1507d2cfe3
b819e02fcd718274f1b6ad5e11e5b6330f25f5388b8ceb6213463725e81644af
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bba2effb91745469929c5e993fe2c38cf19aaa2056b5e746e68bf35641c12095
be94e21dd8854a7dd1797350fb6d465af404f18559ac173192452311192b9283
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4995a1647916583ca12ef566434cf47c8e491ac1658b6d7630763f957696b74
f53e25eaf1f5597e6dbc774447eb19b85fe79576e7c691affdef599cccf19155