urlscan.io logo urlscan.io
SecurityTrails logo

meine.tfbank.de Open in urlscan Pro
185.195.94.205  Public Scan

Go To Rescan Add Verdict Report
URL: https://meine.tfbank.de/login
Submission: On June 12 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 31 HTTP transactions. The main IP is 185.195.94.205, located in Sweden and belongs to BBN, SE. The main domain is meine.tfbank.de.
TLS certificate: Issued by R3 on April 23rd 2024. Valid for: 3 months.
This is the only time meine.tfbank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 185.195.94.205 42649 (BBN)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 185.195.94.202 42649 (BBN)
10 20.50.88.244 8075 (MICROSOFT...)
31 7
15    185.195.94.205 (Sweden)

ASN42649 (BBN, SE)
PTR: vbdc-n.baffinbaynetworks.com
meine.tfbank.de
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:7100::687e:2489 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    2a02:26f0:7100:8a3::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
1    185.195.94.202 (Sweden)

ASN42649 (BBN, SE)
PTR: vbdc-n.baffinbaynetworks.com
prodcustomerdataapi.tfbank.se
10    20.50.88.244 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
15 tfbank.de
meine.tfbank.de
3 MB
10 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 585
816 B
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4820
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5423
imgsct.cookiebot.com Failed
109 KB
1 tfbank.se
prodcustomerdataapi.tfbank.se
910 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
69 KB
31 5
Domain Requested by
15 meine.tfbank.de meine.tfbank.de
10 dc.services.visualstudio.com meine.tfbank.de
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
1 prodcustomerdataapi.tfbank.se meine.tfbank.de
1 consentcdn.cookiebot.com consent.cookiebot.com
1 www.googletagmanager.com meine.tfbank.de
0 imgsct.cookiebot.com Failed
31 7

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
tfbank.de
Subject Issuer Validity Valid
meine.tfbank.de
R3		 2024-04-23 -
2024-07-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
*.tfbank.se
GlobalSign RSA OV SSL CA 2018		 2024-04-15 -
2025-05-17		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-04-10 -
2025-04-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://meine.tfbank.de/login
Frame ID: 5871CC936ADE2724401609A31E51B8C2
Requests: 26 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: F2D223E1FFABC9186DCE26334031AA0D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Meine TF Bank

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

31
Requests

97 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

3264 kB
Transfer

6689 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
meine.tfbank.de/ 		584 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
311d0588e7aca4c41c1c3f7a35898aa36894f4abbc98172130048f57c8c08c02
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
468
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Type
text/html
Date
Wed, 12 Jun 2024 07:40:03 GMT
ETag
"02db7e727b7da1:0"
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Permissions-Policy
camera=(self)
Referrer-Policy
same-origin
Server
baffin-bay-inlet
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=14515200
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
main.2a78f5ce.js
meine.tfbank.de/static/js/ 		1 MB
333 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/js/main.2a78f5ce.js
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
465cc2e16ff6c507e5ab0883cd1b1209199cd6385d8ca680be170534507c7342
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
339743
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Server
baffin-bay-inlet
ETag
"02db7e727b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
main.d03b35a0.css
meine.tfbank.de/static/css/ 		149 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/css/main.d03b35a0.css
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
cf81751ec6d3a906a2c6524be9bc81b0412ad1a8ef4e1ad1f8d18f34f860d577
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
25029
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Server
baffin-bay-inlet
ETag
"02db7e727b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TFDWJRT&l=PageDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2bb3185355d1ca74a8e1c6b10d0f3b403c60cc14938c17729dff2893db66b95b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:40:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70390
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 07:40:04 GMT
405.d2c9d477.chunk.css
meine.tfbank.de/static/css/ 		45 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/css/405.d2c9d477.chunk.css
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.2a78f5ce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
b4f638d362ca9ece382f1359cd56761050c1c479b57e6af2af2350d733089472
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
25041
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Server
baffin-bay-inlet
ETag
"02db7e727b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
405.1389622e.chunk.js
meine.tfbank.de/static/js/ 		2 MB
643 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/js/405.1389622e.chunk.js
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.2a78f5ce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
42624cf2b397b4cdf7c05cb232fc9efa6351ae36b2e4dfdf87c2809f22f3b7c6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
657032
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Server
baffin-bay-inlet
ETag
"02db7e727b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
798.699d9168.chunk.css
meine.tfbank.de/static/css/ 		182 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/css/798.699d9168.chunk.css
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.2a78f5ce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
855a5dd12f1b2ab285a7bd0bff4874eda45e06a58842ec9cc2f0291cd3bb18be
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
39731
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Server
baffin-bay-inlet
ETag
"02db7e727b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
798.764418cf.chunk.js
meine.tfbank.de/static/js/ 		503 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/js/798.764418cf.chunk.js
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.2a78f5ce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
f301502c47d2795921f5f45c6abcdb123ca733db9c56bc10b3a245775378c0ce
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
128343
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Server
baffin-bay-inlet
ETag
"02db7e727b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
uc.js
consent.cookiebot.com/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=754147a0-cf4e-4926-87f9-946d6caf5a00
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFDWJRT&l=PageDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2489 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a866090556a2bbb7ab934f4714f5aa30176f8f8692e1a179caaf07bba8ce7f8f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Wed, 12 Jun 2024 07:40:04 GMT
content-encoding
gzip
last-modified
Mon, 03 Jun 2024 11:48:20 GMT
etag
"96be9deeabb5da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=149
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
34264
expires
Wed, 12 Jun 2024 07:42:33 GMT
translation.json
meine.tfbank.de/locales/de/ 		28 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/locales/de/translation.json
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.1389622e.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
be262611b261500c5a130be3a2ac55ca05294c7f9820622344f9e2a346d41098
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
traceparent
00-2680ae8b3f1b4f0db10714d3961fb450-3b3c9986fed642e3-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/login
request-id
|2680ae8b3f1b4f0db10714d3961fb450.3b3c9986fed642e3
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
9112
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 08:57:44 GMT
Server
baffin-bay-inlet
ETag
"074d26d26b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
meta.json
meine.tfbank.de/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/meta.json
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.1389622e.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
701d838178929148f2eb418c3c97c99636c033fc2efa6874d65299f6df4929d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
traceparent
00-2680ae8b3f1b4f0db10714d3961fb450-eb03b580e0094c71-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/login
request-id
|2680ae8b3f1b4f0db10714d3961fb450.eb03b580e0094c71
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
139
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 09:07:06 GMT
Server
baffin-bay-inlet
ETag
"0d9ccbc27b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame F2D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=754147a0-cf4e-4926-87f9-946d6caf5a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:8a3::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jun 2024 07:40:05 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Thu, 12 Jun 2025 07:40:05 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1718178004986_34603335_354559192_22_1163_38_47_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/754147a0-cf4e-4926-87f9-946d6caf5a00/ 		274 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/754147a0-cf4e-4926-87f9-946d6caf5a00/cc.js?renew=false&referer=meine.tfbank.de&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=754147a0-cf4e-4926-87f9-946d6caf5a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2489 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2c8865666482c3bb4ca965885de5f22ef718782fc9cc8f5693e77efc5be5bb23

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:40:05 GMT
content-encoding
gzip
last-modified
Wed, 12 Jun 2024 07:40:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
tfbank21-logo-white.799bf51a13cdf5ad3702fad22db4f40d.svg
meine.tfbank.de/static/media/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meine.tfbank.de/static/media/tfbank21-logo-white.799bf51a13cdf5ad3702fad22db4f40d.svg
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
1377
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Server
baffin-bay-inlet
ETag
"02db7e727b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
forms.json
meine.tfbank.de/locales/de/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/locales/de/forms.json
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.1389622e.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
0e5fb6f0037e681138db7b1800d609074123af58e9f44196a072c9e5a91ccad6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
traceparent
00-aba955b549af432e869e91d2b1ae8451-d08908a2c44b4679-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/
request-id
|aba955b549af432e869e91d2b1ae8451.d08908a2c44b4679
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
1732
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 08:57:44 GMT
Server
baffin-bay-inlet
ETag
"074d26d26b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
next
prodcustomerdataapi.tfbank.se/api/customerservice/maintenance/ 		0
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prodcustomerdataapi.tfbank.se/api/customerservice/maintenance/next?market=Germany
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.1389622e.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.202 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=14515200

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:05 GMT
Strict-Transport-Security
max-age=14515200
Server
baffin-bay-inlet
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-contenttype
Connection
keep-alive
Request-Context
appId=cid-v1:90efdaad-7981-4750-b06c-44c489670db0
woman_hanging_outside_car_window.9b0506a76f7b5929e85d.webp
meine.tfbank.de/static/media/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meine.tfbank.de/static/media/woman_hanging_outside_car_window.9b0506a76f7b5929e85d.webp
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/css/798.699d9168.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
a6bcbccd8410b2044e7a005c74c71c09c8ffc2021f516b191c84f2744e6f3cc1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/static/css/798.699d9168.chunk.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Server
baffin-bay-inlet
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"02db7e727b7da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
camera=(self)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1600548
logo-white.799bf51a13cdf5ad3702.svg
meine.tfbank.de/static/media/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meine.tfbank.de/static/media/logo-white.799bf51a13cdf5ad3702.svg
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/css/798.699d9168.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/static/css/798.699d9168.chunk.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
1377
Referrer-Policy
same-origin
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Server
baffin-bay-inlet
ETag
"02db7e727b7da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ca9e44cda59c6232b2393b76a2e68e36dd7c588e96c4dfefea7363fdd94f322

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
Raleway-VariableFont_wght.575ec9e676c7a85494bb.ttf
meine.tfbank.de/static/media/ 		302 KB
304 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/media/Raleway-VariableFont_wght.575ec9e676c7a85494bb.ttf
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/css/main.d03b35a0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
8e7948221210e0bff86b70de2a2e893e24e0d9c5a16a5db0aa47834b88bf1998
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/static/css/main.d03b35a0.css
Origin
https://meine.tfbank.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Jun 2024 09:08:18 GMT
Server
baffin-bay-inlet
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"02db7e727b7da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Permissions-Policy
camera=(self)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
309720
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://meine.tfbank.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Wed, 12 Jun 2024 07:40:05 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.1389622e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
cdbc7b93350abfe925c4299aa55697842380c0f2a694938e9173e01e3080ce7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 07:40:05 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
1.gif
imgsct.cookiebot.com/ 		0
0
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://meine.tfbank.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Wed, 12 Jun 2024 07:40:05 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.1389622e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d3aa314bdd8f760b8e7d47f487b7df769f098a8761dffc7c0ab2d7bfa2d7dfa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 07:40:05 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
favicon.ico
meine.tfbank.de/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://meine.tfbank.de/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:40:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Jun 2024 08:57:44 GMT
Server
baffin-bay-inlet
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"074d26d26b7da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Permissions-Policy
camera=(self)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1150
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://meine.tfbank.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Wed, 12 Jun 2024 07:40:05 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.1389622e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
22219f5397b73485fe734c41421c28ce736561a1301188f2e12fa5041af4ae4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 07:40:05 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://meine.tfbank.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Wed, 12 Jun 2024 07:40:05 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.1389622e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
22219f5397b73485fe734c41421c28ce736561a1301188f2e12fa5041af4ae4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 07:40:05 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.1389622e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
22219f5397b73485fe734c41421c28ce736561a1301188f2e12fa5041af4ae4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json
Referer
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 07:40:05 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://meine.tfbank.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Wed, 12 Jun 2024 07:40:05 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
imgsct.cookiebot.com
URL
https://imgsct.cookiebot.com/1.gif?dgi=754147a0-cf4e-4926-87f9-946d6caf5a00

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkmypages_webui object| __localeData__ function| clearImmediate function| setImmediate object| PageDataLayer object| google_tag_manager object| google_tag_data string| __reactRouterVersion object| __dynProto$Gbl object| FontAwesomeConfig object| ___FONT_AWESOME___ object| regeneratorRuntime object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| CookiebotDialog object| CookieConsentDialog function| showCookieBanner function| hideCookieBanner

6 Cookies

Domain/Path Name / Value
.meine.tfbank.de/ Name: TiPMix
Value: 43.40304922224058
.meine.tfbank.de/ Name: x-ms-routing-name
Value: self
.meine.tfbank.de/ Name: ARRAffinity
Value: ffb49eabd953a476cb98d9c8c11af5f9d36554739c50a642edc8826844f26d98
.meine.tfbank.de/ Name: ARRAffinitySameSite
Value: ffb49eabd953a476cb98d9c8c11af5f9d36554739c50a642edc8826844f26d98
meine.tfbank.de/ Name: ai_user
Value: D9BZzcsp8qixl3U+x3UFMT|2024-06-12T07:40:04.735Z
meine.tfbank.de/ Name: ai_session
Value: tsuiMIdJE3uSmWyCx8HYwv|1718178004969|1718178004969

1 Console Messages

Source Level URL
Text
security error URL: https://meine.tfbank.de/login
Message:
Refused to load the image 'https://imgsct.cookiebot.com/1.gif?dgi=754147a0-cf4e-4926-87f9-946d6caf5a00' because it violates the following Content Security Policy directive: "img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
consentcdn.cookiebot.com
dc.services.visualstudio.com
imgsct.cookiebot.com
meine.tfbank.de
prodcustomerdataapi.tfbank.se
www.googletagmanager.com
imgsct.cookiebot.com
185.195.94.202
185.195.94.205
20.50.88.244
2a00:1450:4001:80f::2008
2a02:26f0:7100:8a3::f09
2a02:26f0:7100::687e:2489
0e5fb6f0037e681138db7b1800d609074123af58e9f44196a072c9e5a91ccad6
1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24
22219f5397b73485fe734c41421c28ce736561a1301188f2e12fa5041af4ae4a
2bb3185355d1ca74a8e1c6b10d0f3b403c60cc14938c17729dff2893db66b95b
2c8865666482c3bb4ca965885de5f22ef718782fc9cc8f5693e77efc5be5bb23
311d0588e7aca4c41c1c3f7a35898aa36894f4abbc98172130048f57c8c08c02
42624cf2b397b4cdf7c05cb232fc9efa6351ae36b2e4dfdf87c2809f22f3b7c6
465cc2e16ff6c507e5ab0883cd1b1209199cd6385d8ca680be170534507c7342
5ca9e44cda59c6232b2393b76a2e68e36dd7c588e96c4dfefea7363fdd94f322
701d838178929148f2eb418c3c97c99636c033fc2efa6874d65299f6df4929d2
855a5dd12f1b2ab285a7bd0bff4874eda45e06a58842ec9cc2f0291cd3bb18be
8e7948221210e0bff86b70de2a2e893e24e0d9c5a16a5db0aa47834b88bf1998
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
a6bcbccd8410b2044e7a005c74c71c09c8ffc2021f516b191c84f2744e6f3cc1
a866090556a2bbb7ab934f4714f5aa30176f8f8692e1a179caaf07bba8ce7f8f
b4f638d362ca9ece382f1359cd56761050c1c479b57e6af2af2350d733089472
be262611b261500c5a130be3a2ac55ca05294c7f9820622344f9e2a346d41098
cdbc7b93350abfe925c4299aa55697842380c0f2a694938e9173e01e3080ce7f
cf81751ec6d3a906a2c6524be9bc81b0412ad1a8ef4e1ad1f8d18f34f860d577
d3aa314bdd8f760b8e7d47f487b7df769f098a8761dffc7c0ab2d7bfa2d7dfa3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f301502c47d2795921f5f45c6abcdb123ca733db9c56bc10b3a245775378c0ce