urlscan.io logo urlscan.io
SecurityTrails logo

meine.tfbank.de Open in urlscan Pro
185.195.94.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rxpdkrhkrsz.firebaseapp.com/
Effective URL: https://meine.tfbank.de/login
Submission: On August 09 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 32 HTTP transactions. The main IP is 185.195.94.205, located in Sweden and belongs to BBN, SE. The main domain is meine.tfbank.de.
TLS certificate: Issued by E6 on June 22nd 2024. Valid for: 3 months.
This is the only time meine.tfbank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2620:0:890::100 54113 (FASTLY)
1 1 185.204.218.55 41079 (CF-GDA)
16 185.195.94.205 42649 (BBN)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 20.50.88.235 8075 (MICROSOFT...)
2 2606:4700:7::7d 13335 (CLOUDFLAR...)
1 185.195.94.202 42649 (BBN)
32 9
1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
rxpdkrhkrsz.firebaseapp.com
1    185.204.218.55 (Poland)

ASN41079 (CF-GDA, PL)
PTR: s55.cyber-folks.pl
leezzvnkkm.cfolks.pl
16    185.195.94.205 (Sweden)

ASN42649 (BBN, SE)
PTR: vbdc-n.baffinbaynetworks.com
meine.tfbank.de
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:1700:11::b856:6798 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
6    20.50.88.235 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    2606:4700:7::7d (United States)

ASN13335 (CLOUDFLARENET, US)
content01.tfbank.se
1    185.195.94.202 (Sweden)

ASN42649 (BBN, SE)
PTR: vbdc-n.baffinbaynetworks.com
prodcustomerdataapi.tfbank.se
Apex Domain
Subdomains		 Transfer
16 tfbank.de
meine.tfbank.de
3 MB
6 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 853
816 B
3 tfbank.se
content01.tfbank.se
prodcustomerdataapi.tfbank.se
3 KB
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 6421
consentcdn.cookiebot.com — Cisco Umbrella Rank: 7143
imgsct.cookiebot.com Failed
110 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
70 KB
1 cfolks.pl
leezzvnkkm.cfolks.pl
287 B
1 firebaseapp.com
rxpdkrhkrsz.firebaseapp.com
864 B
0 wikimedia.org Failed
upload.wikimedia.org Failed
32 8
Domain Requested by
16 meine.tfbank.de meine.tfbank.de
6 dc.services.visualstudio.com meine.tfbank.de
2 content01.tfbank.se meine.tfbank.de
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
1 prodcustomerdataapi.tfbank.se meine.tfbank.de
1 consentcdn.cookiebot.com consent.cookiebot.com
1 www.googletagmanager.com rxpdkrhkrsz.firebaseapp.com
1 leezzvnkkm.cfolks.pl 1 redirects
1 rxpdkrhkrsz.firebaseapp.com
0 imgsct.cookiebot.com Failed
0 upload.wikimedia.org Failed
32 11

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
business.safety.google
tfbank.de
Subject Issuer Validity Valid
firebaseapp.com
WR4		 2024-07-26 -
2024-10-24		 3 months crt.sh
meine.tfbank.de
E6		 2024-06-22 -
2024-09-20		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-24 -
2025-06-19		 a year crt.sh
content01.tfbank.se
WE1		 2024-07-02 -
2024-09-30		 3 months crt.sh
*.tfbank.se
GlobalSign RSA OV SSL CA 2018		 2024-04-15 -
2025-05-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://meine.tfbank.de/login
Frame ID: F409BD12152E3F89816B52794A868323
Requests: 30 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: F31B3BE6AF3AB78EB1AFFEA003A16355
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Meine TF Bank

Page URL History Show full URLs

  1. https://rxpdkrhkrsz.firebaseapp.com/ Page URL
  2. https://leezzvnkkm.cfolks.pl/tfbk/ HTTP 302
    https://meine.tfbank.de/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

32
Requests

94 %
HTTPS

56 %
IPv6

8
Domains

11
Subdomains

9
IPs

5
Countries

3271 kB
Transfer

6709 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rxpdkrhkrsz.firebaseapp.com/ Page URL
  2. https://leezzvnkkm.cfolks.pl/tfbk/ HTTP 302
    https://meine.tfbank.de/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
rxpdkrhkrsz.firebaseapp.com/ 		1 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rxpdkrhkrsz.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
496
content-type
text/html; charset=utf-8
date
Fri, 09 Aug 2024 12:30:00 GMT
etag
"c55c01d83cd97746fcf0859dc415fa1178760d66ed045ba80368a68002d23710-br"
last-modified
Fri, 09 Aug 2024 05:54:45 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230144-FRA
x-timer
S1723206600.151861,VS0,VE2
Primary Request login
meine.tfbank.de/
Redirect Chain
  • https://leezzvnkkm.cfolks.pl/tfbk/
  • https://meine.tfbank.de/login
584 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
89059c80aede48dc034433d8fe980af9185dba844dddb53e4ffef77ae55b15ba
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rxpdkrhkrsz.firebaseapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
469
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Type
text/html
Date
Fri, 09 Aug 2024 12:30:00 GMT
ETag
"0eb72d836e3da1:0"
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Permissions-Policy
camera=(self)
Referrer-Policy
same-origin
Server
baffin-bay-inlet
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=14515200
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 09 Aug 2024 12:30:00 GMT
location
https://meine.tfbank.de/login
server
LiteSpeed
vary
User-Agent
1000px-Apple-Apple.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/d/df/Apple-Apple.svg/ 		0
0
main.2678d4c9.js
meine.tfbank.de/static/js/ 		1 MB
333 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/js/main.2678d4c9.js
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
b0b0fb343c1d1af54b89821faa9bcf57c378492e70461970cacf4b67247dbbec
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
340118
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Server
baffin-bay-inlet
ETag
"0eb72d836e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
main.0748c953.css
meine.tfbank.de/static/css/ 		149 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/css/main.0748c953.css
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
26be3b391b6f42037fa6e2b048098ac5f5737a1794efaaf1402bf952bc821873
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
25044
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Server
baffin-bay-inlet
ETag
"0eb72d836e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		196 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TFDWJRT&l=PageDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: rxpdkrhkrsz.firebaseapp.com
URL: https://rxpdkrhkrsz.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8da39bfce76e7e5090a66aebf7a82d7c8fff00b3a36dea58572a93a2e68856c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 12:30:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71311
x-xss-protection
0
last-modified
Fri, 09 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Aug 2024 12:30:00 GMT
405.d2c9d477.chunk.css
meine.tfbank.de/static/css/ 		45 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/css/405.d2c9d477.chunk.css
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.2678d4c9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
b4f638d362ca9ece382f1359cd56761050c1c479b57e6af2af2350d733089472
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
25041
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Server
baffin-bay-inlet
ETag
"0eb72d836e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
405.96a1dc37.chunk.js
meine.tfbank.de/static/js/ 		2 MB
643 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.2678d4c9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
f8e2fe61e3500e6aff3a41fc44bff15cd2ef8a0945e017e973fbb61865440af8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
657367
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Server
baffin-bay-inlet
ETag
"0eb72d836e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
963.ba029937.chunk.css
meine.tfbank.de/static/css/ 		182 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/css/963.ba029937.chunk.css
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.2678d4c9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
9ab788eaafd990120917c41071c5b25f39090f72ff30a84f7e9cd89a3cc09f60
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
39746
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Server
baffin-bay-inlet
ETag
"0eb72d836e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
963.43894e46.chunk.js
meine.tfbank.de/static/js/ 		502 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/js/963.43894e46.chunk.js
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.2678d4c9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
315741d7dff8c70dd59b9d6c2f43dd457f5865ebf40b4f8dd94c19459b46b085
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
128134
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Server
baffin-bay-inlet
ETag
"0eb72d836e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
uc.js
consent.cookiebot.com/ 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=754147a0-cf4e-4926-87f9-946d6caf5a00
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFDWJRT&l=PageDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6798 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9929f6ce09316f6dee3a0fbb02cd899c8137a88256b6c97b0935f6a89c7164dd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Fri, 09 Aug 2024 12:36:50 GMT
date
Fri, 09 Aug 2024 12:30:01 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2024 08:37:40 GMT
etag
"2c56b710a5e8da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=409
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
34327
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame F31B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=754147a0-cf4e-4926-87f9-946d6caf5a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=29852610
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 09 Aug 2024 12:30:01 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Mon, 21 Jul 2025 00:53:31 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1723206601114_388276618_379357085_26_966_13_25_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/754147a0-cf4e-4926-87f9-946d6caf5a00/ 		280 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/754147a0-cf4e-4926-87f9-946d6caf5a00/cc.js?renew=false&referer=meine.tfbank.de&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=754147a0-cf4e-4926-87f9-946d6caf5a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6798 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
46a969e18ee7c19a2d1d8172c55cf05eaef5981a96c41fed44354e8f382f46a8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 12:30:01 GMT
content-encoding
gzip
last-modified
Fri, 09 Aug 2024 12:30:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
content-length
78119
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
translation.json
meine.tfbank.de/locales/de/ 		32 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/locales/de/translation.json
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
b8131449e51a02dec9c16d7fd50927a015ba0669b546af07f9c2e6785025cfe8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/login
traceparent
00-92f70d4f3fa543aabd01e35d949b0b0a-61044ca0edb340be-01
request-id
|92f70d4f3fa543aabd01e35d949b0b0a.61044ca0edb340be
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
9933
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:33:34 GMT
Server
baffin-bay-inlet
ETag
"0d3381835e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
meta.json
meine.tfbank.de/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/meta.json
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
701d838178929148f2eb418c3c97c99636c033fc2efa6874d65299f6df4929d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/login
traceparent
00-92f70d4f3fa543aabd01e35d949b0b0a-018583b479654860-01
request-id
|92f70d4f3fa543aabd01e35d949b0b0a.018583b479654860
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
139
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:44:40 GMT
Server
baffin-bay-inlet
ETag
"05c30a536e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
1.gif
imgsct.cookiebot.com/ 		0
0
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d3aa314bdd8f760b8e7d47f487b7df769f098a8761dffc7c0ab2d7bfa2d7dfa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 12:30:00 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://meine.tfbank.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Fri, 09 Aug 2024 12:30:00 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
favicon.ico
meine.tfbank.de/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 31 Jul 2024 10:33:34 GMT
Server
baffin-bay-inlet
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"0d3381835e3da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Permissions-Policy
camera=(self)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1150
tfbank21-logo-white.799bf51a13cdf5ad3702fad22db4f40d.svg
meine.tfbank.de/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meine.tfbank.de/static/media/tfbank21-logo-white.799bf51a13cdf5ad3702fad22db4f40d.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
1377
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Server
baffin-bay-inlet
ETag
"0eb72d836e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
forms.json
meine.tfbank.de/locales/de/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/locales/de/forms.json
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
0e5fb6f0037e681138db7b1800d609074123af58e9f44196a072c9e5a91ccad6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/
traceparent
00-722f8f40e5454d0693c2139be6350043-b95899cd1bd749fd-01
request-id
|722f8f40e5454d0693c2139be6350043.b95899cd1bd749fd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
1732
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:33:34 GMT
Server
baffin-bay-inlet
ETag
"0d3381835e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
content
content01.tfbank.se/umbraco/delivery/api/v2/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content01.tfbank.se/umbraco/delivery/api/v2/content
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
90eecd90de2bba8250811fe7d364255f1df90bfb04cfab03782de3f5389e9f48

Request headers

Accept
application/json
Referer
Api-Key
VGhDQ33nVOpyIPex+4QnOa7AsSufcGe8t+qF6mb9L7UkUfOzHYCSbAbVfcmAMf0NNkQDAnslzJ5dplRwJeCrYUuxfALWWpmpBAWjddpkiTJblBdzMj3w9rkGwtv1PMBE+B040v2m9sb2rx1Sr4Rd2GSTv1agMfQ2d4Pgr4zFz2bu35+pMlBTZyRaInR2e0Q2hbmNM78ekctoXSr5G2A+esKHqTt8XCam7E+EH4K1mY6uXIbPVjSqwXYSZw6J2GhbB6mG6KHIkU1pyNWw3BABTwOa7XylJ4GkNlEnx3pG2P
Accept-Language
de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 12:30:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
api-supported-versions
1.0, 2.0
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8b07c14cfabe2bde-FRA
alt-svc
h3=":443"; ma=86400
next
prodcustomerdataapi.tfbank.se/api/customerservice/maintenance/ 		0
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prodcustomerdataapi.tfbank.se/api/customerservice/maintenance/next?market=Germany
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.202 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=14515200

Request headers

Accept
application/json, text/plain, */*
Referer
Accept-Language
de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Strict-Transport-Security
max-age=14515200
Server
baffin-bay-inlet
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-contenttype
Connection
keep-alive
Request-Context
appId=cid-v1:90efdaad-7981-4750-b06c-44c489670db0
woman_hanging_outside_car_window.9b0506a76f7b5929e85d.webp
meine.tfbank.de/static/media/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meine.tfbank.de/static/media/woman_hanging_outside_car_window.9b0506a76f7b5929e85d.webp
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/css/963.ba029937.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
a6bcbccd8410b2044e7a005c74c71c09c8ffc2021f516b191c84f2744e6f3cc1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/static/css/963.ba029937.chunk.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Server
baffin-bay-inlet
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"0eb72d836e3da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/webp
Permissions-Policy
camera=(self)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1600548
logo-white.799bf51a13cdf5ad3702.svg
meine.tfbank.de/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meine.tfbank.de/static/media/logo-white.799bf51a13cdf5ad3702.svg
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/css/963.ba029937.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/static/css/963.ba029937.chunk.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Content-Length
1377
Referrer-Policy
same-origin
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Server
baffin-bay-inlet
ETag
"0eb72d836e3da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ca9e44cda59c6232b2393b76a2e68e36dd7c588e96c4dfefea7363fdd94f322

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
Raleway-VariableFont_wght.575ec9e676c7a85494bb.ttf
meine.tfbank.de/static/media/ 		302 KB
304 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/media/Raleway-VariableFont_wght.575ec9e676c7a85494bb.ttf
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/css/main.0748c953.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
8e7948221210e0bff86b70de2a2e893e24e0d9c5a16a5db0aa47834b88bf1998
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/static/css/main.0748c953.css
Origin
https://meine.tfbank.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 31 Jul 2024 10:46:06 GMT
Server
baffin-bay-inlet
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"0eb72d836e3da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Permissions-Policy
camera=(self)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
309720
content
content01.tfbank.se/umbraco/delivery/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://content01.tfbank.se/umbraco/delivery/api/v2/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
api-key
Access-Control-Request-Method
GET
Origin
https://meine.tfbank.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
api-key
access-control-allow-methods
GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b07c14c7a062bde-FRA
date
Fri, 09 Aug 2024 12:30:01 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET
favicon.ico
meine.tfbank.de/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://meine.tfbank.de/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 12:30:01 GMT
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Last-Modified
Wed, 31 Jul 2024 10:33:34 GMT
Server
baffin-bay-inlet
ETag
"0d3381835e3da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
1150
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f8bb34f34f37ae3b804d1b5d558b6fd9bccdb9b90afe33833042660ea6d299ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 12:30:01 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
22219f5397b73485fe734c41421c28ce736561a1301188f2e12fa5041af4ae4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 12:30:01 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
22219f5397b73485fe734c41421c28ce736561a1301188f2e12fa5041af4ae4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 12:30:01 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/405.96a1dc37.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
22219f5397b73485fe734c41421c28ce736561a1301188f2e12fa5041af4ae4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 12:30:01 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
upload.wikimedia.org
URL
https://upload.wikimedia.org/wikipedia/commons/thumb/d/df/Apple-Apple.svg/1000px-Apple-Apple.svg.png
Domain
imgsct.cookiebot.com
URL
https://imgsct.cookiebot.com/1.gif?dgi=754147a0-cf4e-4926-87f9-946d6caf5a00

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkmypages_webui object| __localeData__ function| clearImmediate function| setImmediate object| PageDataLayer object| google_tag_manager object| google_tag_data object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent string| __reactRouterVersion object| __dynProto$Gbl object| FontAwesomeConfig object| ___FONT_AWESOME___ object| regeneratorRuntime object| CookiebotDialog object| CookieConsentDialog function| showCookieBanner function| hideCookieBanner

6 Cookies

Domain/Path Name / Value
.meine.tfbank.de/ Name: TiPMix
Value: 68.04652610457879
.meine.tfbank.de/ Name: x-ms-routing-name
Value: self
.meine.tfbank.de/ Name: ARRAffinity
Value: 9a7320ce2eba13f7d318aad5be73341a989686fae5ec76174d0f62020c4dec4a
.meine.tfbank.de/ Name: ARRAffinitySameSite
Value: 9a7320ce2eba13f7d318aad5be73341a989686fae5ec76174d0f62020c4dec4a
meine.tfbank.de/ Name: ai_user
Value: D5hW88j0Ae35dDhTqHAUtF|2024-08-09T12:30:01.213Z
meine.tfbank.de/ Name: ai_session
Value: N+upUyR91i071p4N/wgCAE|1723206601431|1723206601431

1 Console Messages

Source Level URL
Text
security error URL: https://meine.tfbank.de/login
Message:
Refused to load the image 'https://imgsct.cookiebot.com/1.gif?dgi=754147a0-cf4e-4926-87f9-946d6caf5a00' because it violates the following Content Security Policy directive: "img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
consentcdn.cookiebot.com
content01.tfbank.se
dc.services.visualstudio.com
imgsct.cookiebot.com
leezzvnkkm.cfolks.pl
meine.tfbank.de
prodcustomerdataapi.tfbank.se
rxpdkrhkrsz.firebaseapp.com
upload.wikimedia.org
www.googletagmanager.com
imgsct.cookiebot.com
upload.wikimedia.org
185.195.94.202
185.195.94.205
185.204.218.55
20.50.88.235
2606:4700:7::7d
2620:0:890::100
2a00:1450:4001:827::2008
2a02:26f0:1700:11::b856:6798
2a02:26f0:3500:887::f09
0e5fb6f0037e681138db7b1800d609074123af58e9f44196a072c9e5a91ccad6
1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24
22219f5397b73485fe734c41421c28ce736561a1301188f2e12fa5041af4ae4a
26be3b391b6f42037fa6e2b048098ac5f5737a1794efaaf1402bf952bc821873
315741d7dff8c70dd59b9d6c2f43dd457f5865ebf40b4f8dd94c19459b46b085
46a969e18ee7c19a2d1d8172c55cf05eaef5981a96c41fed44354e8f382f46a8
5ca9e44cda59c6232b2393b76a2e68e36dd7c588e96c4dfefea7363fdd94f322
701d838178929148f2eb418c3c97c99636c033fc2efa6874d65299f6df4929d2
89059c80aede48dc034433d8fe980af9185dba844dddb53e4ffef77ae55b15ba
8da39bfce76e7e5090a66aebf7a82d7c8fff00b3a36dea58572a93a2e68856c5
8e7948221210e0bff86b70de2a2e893e24e0d9c5a16a5db0aa47834b88bf1998
90eecd90de2bba8250811fe7d364255f1df90bfb04cfab03782de3f5389e9f48
9929f6ce09316f6dee3a0fbb02cd899c8137a88256b6c97b0935f6a89c7164dd
9ab788eaafd990120917c41071c5b25f39090f72ff30a84f7e9cd89a3cc09f60
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
a6bcbccd8410b2044e7a005c74c71c09c8ffc2021f516b191c84f2744e6f3cc1
b0b0fb343c1d1af54b89821faa9bcf57c378492e70461970cacf4b67247dbbec
b4f638d362ca9ece382f1359cd56761050c1c479b57e6af2af2350d733089472
b8131449e51a02dec9c16d7fd50927a015ba0669b546af07f9c2e6785025cfe8
d3aa314bdd8f760b8e7d47f487b7df769f098a8761dffc7c0ab2d7bfa2d7dfa3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8bb34f34f37ae3b804d1b5d558b6fd9bccdb9b90afe33833042660ea6d299ae
f8e2fe61e3500e6aff3a41fc44bff15cd2ef8a0945e017e973fbb61865440af8