accounts.bahn.de Open in urlscan Pro
2a02:26f0:1700:11::b856:678b  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	400	Primary Request registrations Show response accounts.bahn.de/auth/realms/db/protocol/openid-connect/	22 KB 25 KB	206ms 65ms	Document text/html	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 7360f35533032f9da795397c4154159b62a643afacbd78560267b37b9a717898 Security Headers Name Value Content-Security-Policy frame-src 'self' https://*.hcaptcha.com https://*.optimizely.com; frame-ancestors 'self' https://*.db.de https://*.next-bahn.de https://*.bahn.de; object-src 'none'; Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM https://*.hcaptcha.com X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control max-age=0, no-cache, no-store content-language de content-security-policy frame-src 'self' https://*.hcaptcha.com https://*.optimizely.com; frame-ancestors 'self' https://*.db.de https://*.next-bahn.de https://*.bahn.de; object-src 'none'; content-type text/html;charset=utf-8 date Thu, 09 May 2024 07:49:31 GMT expires Thu, 09 May 2024 07:49:31 GMT pragma no-cache referrer-policy no-referrer server-timing intid;desc=b29fe91cdab9aed1 intid;desc=b29fe91cdab9aed1 strict-transport-security max-age=16070400; includeSubDomains x-content-type-options nosniff x-frame-options ALLOW-FROM https://*.hcaptcha.com x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	main.js Show response accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/	9 KB 3 KB	108ms 108ms	Script text/javascript	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/main.js?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c876757c560b8a1f89c5ae08e9be41cfa04d1608a2365e79a2d7e1c06166a26b Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control max-age=452228 server-timing intid;desc=58e68a48d197c2b5, intid;desc=58e68a48d197c2b5 content-length 2781 x-xss-protection 1; mode=block
GET H2	200	validate-password.js Show response accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/	1 KB 942 B	110ms 108ms	Script text/javascript	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/validate-password.js?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 95f25ecaaf5049804cd21260440945e75d04330bbd804a192ceae714080f509e Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control max-age=452170 server-timing intid;desc=073a0bd30cb1edb6, intid;desc=073a0bd30cb1edb6 content-length 668 x-xss-protection 1; mode=block
GET H2	200	input.js Show response accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/	4 KB 1 KB	111ms 109ms	Script text/javascript	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/input.js?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e9ff99457a432afb9a92740b5b2e841410e12383b6981d2d6cce0c75d2734b6e Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control max-age=452290 server-timing intid;desc=97a52935ddf13473, intid;desc=97a52935ddf13473 content-length 1211 x-xss-protection 1; mode=block
GET H2	200	password-field.js Show response accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/	4 KB 1 KB	112ms 110ms	Script text/javascript	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/password-field.js?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 811474933e4f21c464435d2d58fcd38d81dc4a60b6df5b69e372b5cc57f9efc0 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control max-age=452216 server-timing intid;desc=25fcf0d57da3e11e, intid;desc=25fcf0d57da3e11e content-length 1238 x-xss-protection 1; mode=block
GET H2	200	common.js Show response accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/	2 KB 1 KB	121ms 119ms	Script text/javascript	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/common.js?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 3e2f37edabf95675ce888c06bd9556bfdc8214e294142754b2fa23e2bc66f20a Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control max-age=452195 server-timing intid;desc=d1bfb5f31aac8b95, intid;desc=d1bfb5f31aac8b95 content-length 777 x-xss-protection 1; mode=block
GET H2	200	digitaldata-helper.js Show response accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/	2 KB 1 KB	122ms 120ms	Script text/javascript	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/digitaldata-helper.js?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash bb6309d608f56139293f3a609aedda1d5da8b30d09e94352ae39670a976a7fdd Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control max-age=452185 server-timing intid;desc=62b274fae05916d4, intid;desc=62b274fae05916d4 content-length 824 x-xss-protection 1; mode=block
GET H2	200	check-browser.js Show response accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/	346 B 482 B	123ms 121ms	Script text/javascript	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/check-browser.js?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 6fa8697afe6dc66d7a3e3bf89d44a3997391c075a4f1d312c21541a69c487e69 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control max-age=452204 server-timing intid;desc=ea4109c30836d0d2, intid;desc=ea4109c30836d0d2 content-length 209 x-xss-protection 1; mode=block
GET H2	200	login.css accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/	33 KB 6 KB	115ms 114ms	Stylesheet text/css	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/login.css?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash bfb0efb3b452348f8d2bc9a74e18ea6f908a3160744a2b7d470a514ae6a61124 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control max-age=452138 server-timing intid;desc=3a6cf1e4130966d4, intid;desc=3a6cf1e4130966d4 content-length 5925 x-xss-protection 1; mode=block
GET H2	200	bootstrap-grid.min.css accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/	47 KB 6 KB	113ms 112ms	Stylesheet text/css	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/bootstrap-grid.min.css?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fbcdd5917bcc42c07ad849f8d651c63d61fac93b2170cd7015cefae2696a24ed Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control max-age=452199 server-timing intid;desc=512cfbd9d20a0a45, intid;desc=512cfbd9d20a0a45 content-length 5976 x-xss-protection 1; mode=block
GET H2	200	showcase-vendo.css accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/	386 KB 45 KB	61ms 59ms	Stylesheet text/css	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/showcase-vendo.css?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 632a187052ceecb0d5899697e166dd320b86dd9483952bdd274207f4f86c31ca Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control max-age=452227 server-timing intid;desc=2bcf9fad5f00450f, intid;desc=2bcf9fad5f00450f content-length 45847 x-xss-protection 1; mode=block
GET H2	200	bahn-vendo-cms.css accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/	69 KB 21 KB	85ms 84ms	Stylesheet text/css	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/bahn-vendo-cms.css?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 48c2ba90249e2a38de895c1cbf9e60fdd0ccc4e117278a937d0c527b212db141 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control max-age=452250 server-timing intid;desc=15ee590cb99a450a, intid;desc=15ee590cb99a450a content-length 20942 x-xss-protection 1; mode=block
GET H2	200	fonts.css accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/	823 B 457 B	112ms 111ms	Stylesheet text/css	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/fonts.css?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fc324abeb57d7febaa78bf67a5e6efa6cb230b3322b70f650a56674ea89d7d2c Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control max-age=452208 server-timing intid;desc=823b712952466073, intid;desc=823b712952466073 content-length 186 x-xss-protection 1; mode=block
GET H2	200	two-factor.css accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/	12 KB 2 KB	118ms 117ms	Stylesheet text/css	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/two-factor.css?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash abba06f12854ebceabf68c299b908f069c1d222024df8768f774a518815a2e30 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control max-age=452195 server-timing intid;desc=05b55025c606a479, intid;desc=05b55025c606a479 content-length 2272 x-xss-protection 1; mode=block
GET H2	200	idfirst.css accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/	98 KB 10 KB	125ms 125ms	Stylesheet text/css	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/idfirst.css?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 9b9cd111389bd34d56f70d6a43d425e0c20aaf9b4c7f624fd6491bfc3ad84daa Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control max-age=452303 server-timing intid;desc=4297b58bb3291ad6, intid;desc=4297b58bb3291ad6 content-length 9795 x-xss-protection 1; mode=block
GET H2	200	dbui.css accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/	5 KB 2 KB	119ms 119ms	Stylesheet text/css	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/dbui.css Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash db9c07c17b2865756f296e718227bae207a57887cadbc13aabb0ec115996ad18 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control max-age=409668 server-timing intid;desc=bf0732bf80e6a126, intid;desc=bf0732bf80e6a126 content-length 1452 x-xss-protection 1; mode=block
GET H2	200	db-red.png accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/img/	492 B 735 B	123ms 122ms	Image image/png	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/img/db-red.png Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 8b64394fc211f27a0ec0850a5770377267bd06ce8e3d33d84c90b181724f59fa Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains date Thu, 09 May 2024 07:49:32 GMT referrer-policy no-referrer x-content-type-options nosniff content-type image/png cache-control max-age=2396783 server-timing intid;desc=5aef8b9534236f4c, intid;desc=5aef8b9534236f4c content-length 492 x-xss-protection 1; mode=block
GET H2	200	logo.png accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/img/	7 KB 8 KB	124ms 123ms	Image image/png	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/img/logo.png Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash cdfc9afa2561a04bf751b84716170a047d286a80689b63dbdf31bb2028b522b1 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains date Thu, 09 May 2024 07:49:32 GMT referrer-policy no-referrer x-content-type-options nosniff content-type image/png cache-control max-age=2396754 server-timing intid;desc=dedcc35aa5c2b041, intid;desc=dedcc35aa5c2b041 content-length 7546 x-xss-protection 1; mode=block
GET H2	200	login-error.svg accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/img/	1 KB 863 B	62ms 61ms	Image image/svg+xml	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/img/login-error.svg Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash d308a251ccee2c3067c72d0bef7b7a64ee528f4d3e5287c6769ae5098bfac2a7 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=2400383 server-timing intid;desc=54820645c0a84ea7, intid;desc=54820645c0a84ea7 content-length 598 x-xss-protection 1; mode=block
GET H2	200	after-body.js Show response accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/	877 B 615 B	60ms 59ms	Script text/javascript	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/js/after-body.js?v=4a484cbf Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash df070b5e7438db460e0cd870a9560e346b93797c590abb69c6eec2c32d6272ef Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control max-age=452226 server-timing intid;desc=de352ef20bcf2876, intid;desc=de352ef20bcf2876 content-length 341 x-xss-protection 1; mode=block
GET H2	200	DBScreenSans-Regular.woff accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/fonts/DB_Screen_Fonts/WEB/	59 KB 58 KB	54ms 54ms	Font application/octet-stream	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/fonts/DB_Screen_Fonts/WEB/DBScreenSans-Regular.woff Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/showcase-vendo.css?v=4a484cbf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 5408c06c6828d7ced2bceabf3ee81370d2483d75c8526ca123d4b2b6dd2f2a4d Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Origin https://accounts.bahn.de Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type application/octet-stream cache-control max-age=2396819 server-timing intid;desc=c69d2457bcfd457c, intid;desc=c69d2457bcfd457c content-length 59056 x-xss-protection 1; mode=block
GET H2	200	red-next-down.svg accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/img/	867 B 646 B	56ms 55ms	Image image/svg+xml	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/img/red-next-down.svg Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/login.css?v=4a484cbf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 85da4126d4814e4d8d77e78d23796f7b63a4ebe75f20ad9cce3b771e5163f6dd Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=2396820 server-timing intid;desc=e06bacb4b09e35a9, intid;desc=e06bacb4b09e35a9 content-length 381 x-xss-protection 1; mode=block
GET H2	200	DBScreenHead-Black.woff accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/fonts/DB_Screen_Fonts/WEB/	49 KB 48 KB	54ms 53ms	Font application/octet-stream	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/fonts/DB_Screen_Fonts/WEB/DBScreenHead-Black.woff Requested by Host: accounts.bahn.de URL: https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/css/showcase-vendo.css?v=4a484cbf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 931eae35d197eecfd542f56e0dfe42ab60ee2e6344f345d3a22eec5864e1dbe0 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Origin https://accounts.bahn.de Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type application/octet-stream cache-control max-age=2396928 server-timing intid;desc=8568bc9374acf7df, intid;desc=8568bc9374acf7df content-length 49295 x-xss-protection 1; mode=block
GET H2	200	favicon.ico accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/img/	1 KB 1 KB	65ms 65ms	Other application/octet-stream	2a02:26f0:1700:11::b856:678b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.bahn.de/auth/resources/lrvu2/login/db-web-gk/img/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:678b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash cc1f0de12874d3e7374dc5b659ce472287b28bf30b64451d9d040386a9e23261 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=16070400; includeSubDomains content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff date Thu, 09 May 2024 07:49:32 GMT vary Accept-Encoding content-type application/octet-stream cache-control max-age=2396734 server-timing intid;desc=2879d975864e4ac3, intid;desc=2879d975864e4ac3 content-length 987 x-xss-protection 1; mode=block

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onLoadingError function| checkLoadingErrors function| initializeLogin function| handleRegisterFormSubmit function| handlePasswordRepeatFormSubmit function| registerCaptchaCallback function| passwordResetCaptchaCallback function| getParameterByName function| toggleProgressButton function| beforeLoginFormSubmit function| loginCaptchaCallback function| getRealm function| setupParameter function| setupBackButton function| buildLoginPageLink function| setupBrowserBackButton function| setupSoftLogin function| setupRegisterWithBahnCard function| setupReloginInfo function| checkCookie function| getErrorsInPassword function| validateEmail function| validateLengthOfEmail function| validateEmailAndUsername function| validatePasswordLength function| showDropDown function| triggerInputFieldError function| getRendering function| getRedirectOrCancelUri function| loadAndAddUtagSkript function| checkBrowser object| utag_data object| digitalData boolean| isDarkMode object| removeDarkMode

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: KEYCLOAK_LOCALE Value: de
			accounts.bahn.de/auth/realms/db/	1970-01-20 20:27:22	Name: IDM_SID Value: 5bd46836-0ebe-4a75-b4d9-b0bf97fb792a
			accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: TS0135fa4a Value: 0144e11a915d03ef2647379431fcdb3c43a8ab75bcb0eaedb811f0b0d5ed5bbbfd15ffed8ad05b4fc8485730c2ca288a20b329a9aa
			.accounts.bahn.de/	1969-12-31 23:59:59	Name: TS016c400a Value: 0144e11a915d03ef2647379431fcdb3c43a8ab75bcb0eaedb811f0b0d5ed5bbbfd15ffed8ad05b4fc8485730c2ca288a20b329a9aa
			accounts.bahn.de/	1969-12-31 23:59:59	Name: TS51bc32fa027 Value: 0850f34bcdab2000125159ea51884eb2a3d0526c45197d5d160b6632af8f67c039e640903597851c08bb67ec2d1130005da2629feadfccd8909a8e60686c55c0a24ad70ead7468f7aa1c613c84c488ee8bd3aa9081e78ca8b32c82b5d70b17a9
			.bahn.de/	1970-01-21 05:12:56	Name: _abck Value: CE54B16C0993B7E4A526B811D73D5E00~-1~YAAQi2ZWuB0zJFqPAQAAvi5UXAuAFtRzaM/Gtt08YjXPfLPjoeTvwWfaZcM/cO9cNwzWZMLKHj//qzpWnbqjYDB4eo9aUqwstSB2CDBziU8B/27ZVdeE/n8NsglbE1RMfk88fO6iqF8jECwriHFkLcNwB+FYuD3sUzXD2Pqpx59KjU5U+JfNKXE4kvwmxHd549r5OCQyB7NVJhtl8j4dkvOIfkezb6pxZwIaFPpH6V9TJqC6XW3OI9NmTIh2c+S2eHmOZMqH7XJQTc7WQnhoy6izhgNumV3FI1c6elaUJ22P1HM6kFsxi49E4oejp9VRgCQ0TZ1Y9k+w4VfettzNaMzzxO7Wr1r4FBXypQNd0iA0wn8e9SRZipI=~-1~-1~-1
			.bahn.de/	1970-01-20 20:27:28	Name: ak_bmsc Value: CBCAC47203B46C5E8271F17C0F4F4B48~000000000000000000000000000000~YAAQi2ZWuB4zJFqPAQAAvi5UXBeatTb//1thZNSQ77cRxCHV4AiQCVg4D2okOfDF3SMRNejRMo1ALs32HTCGgiQnHNuTqZ8gOzq9ogM6QqrNMtY/3raHOnqnQfw9n2ZV6CGnmeayUuoX1HpKwvudg2AaCT33HLKsJ8qDb+weEueTqC2fpcgnpfCKwlZqmOqL0rFyPwp4wZ/kDr4dSEXAtDjivpDTcYkE2cwKh02qXPYL1u0U9/1GXaIPh/Z5xe4zBrc9PgzlwF/hpbl60o5lrGV+rq8K0VDtM/lqtbmUXxkbkzjrP4syPb8z9bsamwgbLvCod28ABN7k6XmWe8qVgJSNr8N3OQWK1atx7PrjKtUfozZFze6vIHm8fhnPIRpXNe5UY3D8iTPKycBiSw==
			.bahn.de/	1970-01-20 20:27:35	Name: bm_sz Value: 3F0BC506C1DD524B486EF93CD1C6B818~YAAQi2ZWuB8zJFqPAQAAvi5UXBcazd7Wui6xMsczxIkGpycF9sNef9F3zdniOfR7MtFm9zQf8pGjC6VMHD2/j7HKCLrXNPVql1X3ch3zEpVQibsFe51Et7Kc2MAkh4Ly2CvPC6cWMk2vCZGNSAUU+bOmwHL/PxrcOsnWSY9fI75B0SvEw/1lRiD+SWvEyRq/yGJuFqW+9dEym2zpqTkkHaXB2bs347U7P37K9cpRc701DO9OCWTM+mRhOJsp5YrwdR52KxDtT/vCrrfkBwXHC8W1cBqCHDAfuL2aI1cNkfXkpE/zZ+BJZG7LudJg8CilWxF2ka+9m6/Ivm627KuQDc6dSrNh7Zygk9ePKPJu/ZOfsRK0uX5oG6A79DOkbRCV8vBwfm8EtnFCSFlStx3hmg==~4405301~3163457

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/registrations?client_id=kf_gkweb&kc_locale=de&redirect_uri=https*3A*2F*2Fwww.bahn.de*2Fbahnbusiness*2Fmein-unternehmen*2Fgeschaeftsreisender-registrierung*3FtransportId*3D4526c6b7-b2d9-4159-8474- Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self' https://*.hcaptcha.com https://*.optimizely.com; frame-ancestors 'self' https://*.db.de https://*.next-bahn.de https://*.bahn.de; object-src 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://*.hcaptcha.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.bahn.de
2a02:26f0:1700:11::b856:678b
3e2f37edabf95675ce888c06bd9556bfdc8214e294142754b2fa23e2bc66f20a
48c2ba90249e2a38de895c1cbf9e60fdd0ccc4e117278a937d0c527b212db141
5408c06c6828d7ced2bceabf3ee81370d2483d75c8526ca123d4b2b6dd2f2a4d
632a187052ceecb0d5899697e166dd320b86dd9483952bdd274207f4f86c31ca
6fa8697afe6dc66d7a3e3bf89d44a3997391c075a4f1d312c21541a69c487e69
7360f35533032f9da795397c4154159b62a643afacbd78560267b37b9a717898
811474933e4f21c464435d2d58fcd38d81dc4a60b6df5b69e372b5cc57f9efc0
85da4126d4814e4d8d77e78d23796f7b63a4ebe75f20ad9cce3b771e5163f6dd
8b64394fc211f27a0ec0850a5770377267bd06ce8e3d33d84c90b181724f59fa
931eae35d197eecfd542f56e0dfe42ab60ee2e6344f345d3a22eec5864e1dbe0
95f25ecaaf5049804cd21260440945e75d04330bbd804a192ceae714080f509e
9b9cd111389bd34d56f70d6a43d425e0c20aaf9b4c7f624fd6491bfc3ad84daa
abba06f12854ebceabf68c299b908f069c1d222024df8768f774a518815a2e30
bb6309d608f56139293f3a609aedda1d5da8b30d09e94352ae39670a976a7fdd
bfb0efb3b452348f8d2bc9a74e18ea6f908a3160744a2b7d470a514ae6a61124
c876757c560b8a1f89c5ae08e9be41cfa04d1608a2365e79a2d7e1c06166a26b
cc1f0de12874d3e7374dc5b659ce472287b28bf30b64451d9d040386a9e23261
cdfc9afa2561a04bf751b84716170a047d286a80689b63dbdf31bb2028b522b1
d308a251ccee2c3067c72d0bef7b7a64ee528f4d3e5287c6769ae5098bfac2a7
db9c07c17b2865756f296e718227bae207a57887cadbc13aabb0ec115996ad18
df070b5e7438db460e0cd870a9560e346b93797c590abb69c6eec2c32d6272ef
e9ff99457a432afb9a92740b5b2e841410e12383b6981d2d6cce0c75d2734b6e
fbcdd5917bcc42c07ad849f8d651c63d61fac93b2170cd7015cefae2696a24ed
fc324abeb57d7febaa78bf67a5e6efa6cb230b3322b70f650a56674ea89d7d2c