urlscan.io logo urlscan.io
SecurityTrails logo

meine.tfbank.de Open in urlscan Pro
185.195.94.205  Public Scan

Go To Rescan Add Verdict Report
URL: https://meine.tfbank.de/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 21 via api from IT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 28 HTTP transactions. The main IP is 185.195.94.205, located in Sweden and belongs to BBN, SE. The main domain is meine.tfbank.de.
TLS certificate: Issued by E6 on October 20th 2024. Valid for: 3 months.
This is the only time meine.tfbank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 185.195.94.205 42649 (BBN)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2606:4700:7::7d 13335 (CLOUDFLAR...)
1 185.195.94.202 42649 (BBN)
5 20.50.88.245 8075 (MICROSOFT...)
28 8
15    185.195.94.205 (Sweden)

ASN42649 (BBN, SE)
PTR: vbdc-n.baffinbaynetworks.com
meine.tfbank.de
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:3500:18::1724:a29a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    2a02:26f0:480:594::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
2    2606:4700:7::7d (United States)

ASN13335 (CLOUDFLARENET, US)
content01.tfbank.se
1    185.195.94.202 (Sweden)

ASN42649 (BBN, SE)
PTR: vbdc-n.baffinbaynetworks.com
prodcustomerdataapi.tfbank.se
5    20.50.88.245 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
15 tfbank.de
meine.tfbank.de
3 MB
5 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 785
508 B
3 tfbank.se
content01.tfbank.se
prodcustomerdataapi.tfbank.se
4 KB
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4618
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5320
imgsct.cookiebot.com Failed
118 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
73 KB
28 5
Domain Requested by
15 meine.tfbank.de meine.tfbank.de
5 dc.services.visualstudio.com meine.tfbank.de
2 content01.tfbank.se meine.tfbank.de
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
1 prodcustomerdataapi.tfbank.se meine.tfbank.de
1 consentcdn.cookiebot.com consent.cookiebot.com
1 www.googletagmanager.com meine.tfbank.de
0 imgsct.cookiebot.com Failed
28 8

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
business.safety.google
tfbank.de
Subject Issuer Validity Valid
meine.tfbank.de
E6		 2024-10-20 -
2025-01-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
content01.tfbank.se
WE1		 2024-08-30 -
2024-11-28		 3 months crt.sh
*.tfbank.se
GlobalSign RSA OV SSL CA 2018		 2024-04-15 -
2025-05-17		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-09-08 -
2025-09-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://meine.tfbank.de/
Frame ID: BD50C1A061AEC3771EF7F154A2939CC0
Requests: 25 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: D3F87FFA94169D9E24975D4BF55484DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Meine TF Bank

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

28
Requests

96 %
HTTPS

57 %
IPv6

5
Domains

8
Subdomains

8
IPs

4
Countries

3503 kB
Transfer

6191 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
meine.tfbank.de/ 		584 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
cd448cb0d883773d8a0be534c6d36ab38500e035fd2e54dac36c98386ccb81c5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
469
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Type
text/html
Date
Mon, 21 Oct 2024 01:59:33 GMT
ETag
"084d2edc71bdb1:0"
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Permissions-Policy
camera=(self)
Referrer-Policy
same-origin
Server
baffin-bay-inlet
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=14515200
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
main.f042aa18.js
meine.tfbank.de/static/js/ 		1 MB
444 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/js/main.f042aa18.js
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
80d49ce9ee51863cd43e9dc6fc7e20168a112397eec64bfe1bc015c235e779ff
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/

Response headers

Content-Encoding
gzip
ETag
"084d2edc71bdb1:0"
X-Content-Type-Options
nosniff
Date
Mon, 21 Oct 2024 01:59:33 GMT
Content-Type
application/x-javascript
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Referrer-Policy
same-origin
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Server
baffin-bay-inlet
main.0748c953.css
meine.tfbank.de/static/css/ 		149 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/css/main.0748c953.css
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
26be3b391b6f42037fa6e2b048098ac5f5737a1794efaaf1402bf952bc821873
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/

Response headers

Content-Encoding
gzip
ETag
"084d2edc71bdb1:0"
X-Content-Type-Options
nosniff
Date
Mon, 21 Oct 2024 01:59:33 GMT
Content-Type
text/css
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Referrer-Policy
same-origin
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
36315
Server
baffin-bay-inlet
gtm.js
www.googletagmanager.com/ 		205 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TFDWJRT&l=PageDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a8ac56bf0e0ac400ec2e92a1a7f1367880ad98e55327b76fc2146754d84dcfe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 21 Oct 2024 01:59:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 01:59:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 21 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
74489
x-xss-protection
0
server
Google Tag Manager
362.1a9ca926.chunk.css
meine.tfbank.de/static/css/ 		45 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/css/362.1a9ca926.chunk.css
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.f042aa18.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
69fd0c4299da4d71a3aa7eec3fa938f6767fffe57ac7b81cc3247dbbcbe9c639
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/

Response headers

Content-Encoding
gzip
ETag
"084d2edc71bdb1:0"
X-Content-Type-Options
nosniff
Date
Mon, 21 Oct 2024 01:59:33 GMT
Content-Type
text/css
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Referrer-Policy
same-origin
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
34442
Server
baffin-bay-inlet
362.e787e648.chunk.js
meine.tfbank.de/static/js/ 		2 MB
725 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/js/362.e787e648.chunk.js
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.f042aa18.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
5cab8a714a2fe9c091f5038a144e660e290ff78b323988788e3303e14f6f98be
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/

Response headers

Content-Encoding
gzip
ETag
"084d2edc71bdb1:0"
X-Content-Type-Options
nosniff
Date
Mon, 21 Oct 2024 01:59:33 GMT
Content-Type
application/x-javascript
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Referrer-Policy
same-origin
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Server
baffin-bay-inlet
741.ef092e19.chunk.css
meine.tfbank.de/static/css/ 		124 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/css/741.ef092e19.chunk.css
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.f042aa18.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
6f845f00a54dac7ef5a98fb9e6dd98072493338fe8fe60bc7666e1d288b57298
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/

Response headers

Content-Encoding
gzip
ETag
"084d2edc71bdb1:0"
X-Content-Type-Options
nosniff
Date
Mon, 21 Oct 2024 01:59:33 GMT
Content-Type
text/css
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Referrer-Policy
same-origin
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
43459
Server
baffin-bay-inlet
741.5030ec24.chunk.js
meine.tfbank.de/static/js/ 		350 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/js/741.5030ec24.chunk.js
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/main.f042aa18.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
351ad8494c46efc186bb11d00cbd8bb613e5b718525925647a6d71b71478cf6c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/

Response headers

Content-Encoding
gzip
ETag
"084d2edc71bdb1:0"
X-Content-Type-Options
nosniff
Date
Mon, 21 Oct 2024 01:59:33 GMT
Content-Type
application/x-javascript
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Referrer-Policy
same-origin
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Server
baffin-bay-inlet
uc.js
consent.cookiebot.com/ 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=754147a0-cf4e-4926-87f9-946d6caf5a00
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFDWJRT&l=PageDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=529
content-encoding
gzip
etag
"42d4c62e8219db1:0"
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires
Mon, 21 Oct 2024 02:08:22 GMT
accept-ranges
bytes
content-length
34533
date
Mon, 21 Oct 2024 01:59:33 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 13:01:25 GMT
vary
Accept-Encoding
translation.json
meine.tfbank.de/locales/de/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/locales/de/translation.json
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/362.e787e648.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
973d79a4fcb188a8de0f805a9af8d0bc83a6db4240a8abeecfb12c94b3c72179
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

request-id
|80dfa035cf0749f5b5c9361700ae7604.7f2a7e25580e4366
traceparent
00-80dfa035cf0749f5b5c9361700ae7604-7f2a7e25580e4366-01
Referer
https://meine.tfbank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Content-Encoding
gzip
ETag
"0e73b82c61bdb1:0"
X-Content-Type-Options
nosniff
Date
Mon, 21 Oct 2024 01:59:33 GMT
Content-Type
application/json
Last-Modified
Fri, 11 Oct 2024 10:15:34 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Referrer-Policy
same-origin
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
12815
Server
baffin-bay-inlet
meta.json
meine.tfbank.de/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/meta.json
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/362.e787e648.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
701d838178929148f2eb418c3c97c99636c033fc2efa6874d65299f6df4929d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

request-id
|80dfa035cf0749f5b5c9361700ae7604.e5a7d7f55fcd42ef
traceparent
00-80dfa035cf0749f5b5c9361700ae7604-e5a7d7f55fcd42ef-01
Referer
https://meine.tfbank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Content-Encoding
gzip
ETag
"06b40cbc71bdb1:0"
X-Content-Type-Options
nosniff
Date
Mon, 21 Oct 2024 01:59:33 GMT
Content-Type
application/json
Last-Modified
Fri, 11 Oct 2024 10:24:46 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Referrer-Policy
same-origin
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
139
Server
baffin-bay-inlet
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame D3F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=754147a0-cf4e-4926-87f9-946d6caf5a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:594::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 01:59:33 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Tue, 21 Oct 2025 01:59:33 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1729475973928_35115176_6720239_28_896_20_28_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/754147a0-cf4e-4926-87f9-946d6caf5a00/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/754147a0-cf4e-4926-87f9-946d6caf5a00/cc.js?renew=false&referer=meine.tfbank.de&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=754147a0-cf4e-4926-87f9-946d6caf5a00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c585c242b3eddb0cffb3220b3da2033bce356b30a15e01aaea992cea5aaf29c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=1200
access-control-expose-headers
Request-Context
content-encoding
gzip
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length
86065
date
Mon, 21 Oct 2024 01:59:34 GMT
content-type
application/x-javascript; charset=utf-8
last-modified
Mon, 21 Oct 2024 01:59:33 GMT
vary
Accept-Encoding
tfbank21-logo-white.799bf51a13cdf5ad3702fad22db4f40d.svg
meine.tfbank.de/static/media/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meine.tfbank.de/static/media/tfbank21-logo-white.799bf51a13cdf5ad3702fad22db4f40d.svg
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"084d2edc71bdb1:0"
Connection
keep-alive
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
3048
Date
Mon, 21 Oct 2024 01:59:34 GMT
Content-Type
image/svg+xml
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Server
baffin-bay-inlet
X-Frame-Options
SAMEORIGIN
forms.json
meine.tfbank.de/locales/de/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/locales/de/forms.json
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/362.e787e648.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
0e5fb6f0037e681138db7b1800d609074123af58e9f44196a072c9e5a91ccad6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

request-id
|80dfa035cf0749f5b5c9361700ae7604.94fec94824a34658
traceparent
00-80dfa035cf0749f5b5c9361700ae7604-94fec94824a34658-01
Referer
https://meine.tfbank.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Content-Encoding
gzip
ETag
"0e73b82c61bdb1:0"
X-Content-Type-Options
nosniff
Date
Mon, 21 Oct 2024 01:59:34 GMT
Content-Type
application/json
Last-Modified
Fri, 11 Oct 2024 10:15:34 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Connection
keep-alive
Referrer-Policy
same-origin
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
2063
Server
baffin-bay-inlet
content
content01.tfbank.se/umbraco/delivery/api/v2/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content01.tfbank.se/umbraco/delivery/api/v2/content
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/362.e787e648.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
171e51ea393e94a3f9aa6cd7adbdabd25fdeae2b4d0106768f7eb73e0c5559e6

Request headers

Api-Key
VGhDQ33nVOpyIPex+4QnOa7AsSufcGe8t+qF6mb9L7UkUfOzHYCSbAbVfcmAMf0NNkQDAnslzJ5dplRwJeCrYUuxfALWWpmpBAWjddpkiTJblBdzMj3w9rkGwtv1PMBE+B040v2m9sb2rx1Sr4Rd2GSTv1agMfQ2d4Pgr4zFz2bu35+pMlBTZyRaInR2e0Q2hbmNM78ekctoXSr5G2A+esKHqTt8XCam7E+EH4K1mY6uXIbPVjSqwXYSZw6J2GhbB6mG6KHIkU1pyNWw3BABTwOa7XylJ4GkNlEnx3pG2P
Referer
Accept-Language
de
Accept
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
api-supported-versions
1.0, 2.0
cf-ray
8d5da626b9614d50-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 21 Oct 2024 01:59:34 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-powered-by
ASP.NET
server
cloudflare
next
prodcustomerdataapi.tfbank.se/api/customerservice/maintenance/ 		0
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prodcustomerdataapi.tfbank.se/api/customerservice/maintenance/next?market=Germany
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/362.e787e648.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.202 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=14515200

Request headers

Referer
Accept-Language
de
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=14515200
Access-Control-Expose-Headers
x-contenttype
api-supported-versions
1.0
Connection
keep-alive
Request-Context
appId=cid-v1:90efdaad-7981-4750-b06c-44c489670db0
Access-Control-Allow-Origin
*
Date
Mon, 21 Oct 2024 01:59:34 GMT
X-Powered-By
ASP.NET
Server
baffin-bay-inlet
content
content01.tfbank.se/umbraco/delivery/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://content01.tfbank.se/umbraco/delivery/api/v2/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
api-key
Access-Control-Request-Method
GET
Origin
https://meine.tfbank.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
api-key
access-control-allow-methods
GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d5da625e91e4d50-FRA
date
Mon, 21 Oct 2024 01:59:34 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET
woman_hanging_outside_car_window.9b0506a76f7b5929e85d.webp
meine.tfbank.de/static/media/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meine.tfbank.de/static/media/woman_hanging_outside_car_window.9b0506a76f7b5929e85d.webp
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/css/741.ef092e19.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
a6bcbccd8410b2044e7a005c74c71c09c8ffc2021f516b191c84f2744e6f3cc1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/static/css/741.ef092e19.chunk.css

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"084d2edc71bdb1:0"
Connection
keep-alive
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
1600548
Date
Mon, 21 Oct 2024 01:59:34 GMT
Content-Type
image/webp
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Server
baffin-bay-inlet
X-Frame-Options
SAMEORIGIN
logo-white.799bf51a13cdf5ad3702.svg
meine.tfbank.de/static/media/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meine.tfbank.de/static/media/logo-white.799bf51a13cdf5ad3702.svg
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/css/741.ef092e19.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/static/css/741.ef092e19.chunk.css

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"084d2edc71bdb1:0"
Connection
keep-alive
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
3048
Date
Mon, 21 Oct 2024 01:59:34 GMT
Content-Type
image/svg+xml
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Server
baffin-bay-inlet
X-Frame-Options
SAMEORIGIN
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ca9e44cda59c6232b2393b76a2e68e36dd7c588e96c4dfefea7363fdd94f322

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Raleway-VariableFont_wght.575ec9e676c7a85494bb.ttf
meine.tfbank.de/static/media/ 		302 KB
304 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/static/media/Raleway-VariableFont_wght.575ec9e676c7a85494bb.ttf
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/css/main.0748c953.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
8e7948221210e0bff86b70de2a2e893e24e0d9c5a16a5db0aa47834b88bf1998
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://meine.tfbank.de
Referer
https://meine.tfbank.de/static/css/main.0748c953.css

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"084d2edc71bdb1:0"
Connection
keep-alive
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
309720
Date
Mon, 21 Oct 2024 01:59:34 GMT
Content-Type
application/octet-stream
Last-Modified
Fri, 11 Oct 2024 10:25:44 GMT
Server
baffin-bay-inlet
X-Frame-Options
SAMEORIGIN
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/362.e787e648.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
380e8d0aa13111d1d16c3acba3cebdfc01dbaab06eef8bfc61a2d8964e557fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Mon, 21 Oct 2024 01:59:33 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://meine.tfbank.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Mon, 21 Oct 2024 01:59:33 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/362.e787e648.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
22219f5397b73485fe734c41421c28ce736561a1301188f2e12fa5041af4ae4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Mon, 21 Oct 2024 01:59:33 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://meine.tfbank.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Mon, 21 Oct 2024 01:59:33 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
1.gif
imgsct.cookiebot.com/ 		0
0
favicon.ico
meine.tfbank.de/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://meine.tfbank.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.195.94.205 , Sweden, ASN42649 (BBN, SE),
Reverse DNS
vbdc-n.baffinbaynetworks.com
Software
baffin-bay-inlet /
Resource Hash
1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://meine.tfbank.de/login

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=14515200
Content-Security-Policy
default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag
"0e73b82c61bdb1:0"
Connection
keep-alive
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
Permissions-Policy
camera=(self)
Accept-Ranges
bytes
Content-Length
1150
Date
Mon, 21 Oct 2024 01:59:34 GMT
Content-Type
image/x-icon
Last-Modified
Fri, 11 Oct 2024 10:15:34 GMT
Server
baffin-bay-inlet
X-Frame-Options
SAMEORIGIN
track
dc.services.visualstudio.com/v2/ 		96 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: meine.tfbank.de
URL: https://meine.tfbank.de/static/js/362.e787e648.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d3aa314bdd8f760b8e7d47f487b7df769f098a8761dffc7c0ab2d7bfa2d7dfa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Mon, 21 Oct 2024 01:59:34 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
imgsct.cookiebot.com
URL
https://imgsct.cookiebot.com/1.gif?dgi=754147a0-cf4e-4926-87f9-946d6caf5a00

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkmypages_webui object| __localeData__ function| clearImmediate function| setImmediate object| PageDataLayer object| google_tag_manager object| google_tag_data string| __reactRouterVersion object| __dynProto$Gbl object| FontAwesomeConfig object| ___FONT_AWESOME___ object| regeneratorRuntime object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| CookiebotDialog object| CookieConsentDialog function| showCookieBanner function| hideCookieBanner

6 Cookies

Domain/Path Name / Value
.meine.tfbank.de/ Name: TiPMix
Value: 81.7025052127188
.meine.tfbank.de/ Name: x-ms-routing-name
Value: self
.meine.tfbank.de/ Name: ARRAffinity
Value: 722a7b7ecf7b68b9875341e7b1d7617057a0cb609da88f579eca40ed368ea8e4
.meine.tfbank.de/ Name: ARRAffinitySameSite
Value: 722a7b7ecf7b68b9875341e7b1d7617057a0cb609da88f579eca40ed368ea8e4
meine.tfbank.de/ Name: ai_user
Value: 8OLUxzOBYjEYkhL2IclQHk|2024-10-21T01:59:33.753Z
meine.tfbank.de/ Name: ai_session
Value: wkM13qVn4miZwov9q9DNnC|1729475973908|1729475973908

1 Console Messages

Source Level URL
Text
security error URL: https://meine.tfbank.de/login
Message:
Refused to load the image 'https://imgsct.cookiebot.com/1.gif?dgi=754147a0-cf4e-4926-87f9-946d6caf5a00' because it violates the following Content Security Policy directive: "img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: *.tfbank.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se https://maps.googleapis.com/ https://maps.gstatic.com/; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
consentcdn.cookiebot.com
content01.tfbank.se
dc.services.visualstudio.com
imgsct.cookiebot.com
meine.tfbank.de
prodcustomerdataapi.tfbank.se
www.googletagmanager.com
imgsct.cookiebot.com
185.195.94.202
185.195.94.205
20.50.88.245
2606:4700:7::7d
2a00:1450:4001:809::2008
2a02:26f0:3500:18::1724:a29a
2a02:26f0:480:594::f09
0e5fb6f0037e681138db7b1800d609074123af58e9f44196a072c9e5a91ccad6
1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24
171e51ea393e94a3f9aa6cd7adbdabd25fdeae2b4d0106768f7eb73e0c5559e6
22219f5397b73485fe734c41421c28ce736561a1301188f2e12fa5041af4ae4a
26be3b391b6f42037fa6e2b048098ac5f5737a1794efaaf1402bf952bc821873
351ad8494c46efc186bb11d00cbd8bb613e5b718525925647a6d71b71478cf6c
380e8d0aa13111d1d16c3acba3cebdfc01dbaab06eef8bfc61a2d8964e557fb0
4c585c242b3eddb0cffb3220b3da2033bce356b30a15e01aaea992cea5aaf29c
5ca9e44cda59c6232b2393b76a2e68e36dd7c588e96c4dfefea7363fdd94f322
5cab8a714a2fe9c091f5038a144e660e290ff78b323988788e3303e14f6f98be
69fd0c4299da4d71a3aa7eec3fa938f6767fffe57ac7b81cc3247dbbcbe9c639
6f845f00a54dac7ef5a98fb9e6dd98072493338fe8fe60bc7666e1d288b57298
701d838178929148f2eb418c3c97c99636c033fc2efa6874d65299f6df4929d2
80d49ce9ee51863cd43e9dc6fc7e20168a112397eec64bfe1bc015c235e779ff
8e7948221210e0bff86b70de2a2e893e24e0d9c5a16a5db0aa47834b88bf1998
973d79a4fcb188a8de0f805a9af8d0bc83a6db4240a8abeecfb12c94b3c72179
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
a6bcbccd8410b2044e7a005c74c71c09c8ffc2021f516b191c84f2744e6f3cc1
a8ac56bf0e0ac400ec2e92a1a7f1367880ad98e55327b76fc2146754d84dcfe4
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5
cd448cb0d883773d8a0be534c6d36ab38500e035fd2e54dac36c98386ccb81c5
d3aa314bdd8f760b8e7d47f487b7df769f098a8761dffc7c0ab2d7bfa2d7dfa3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855