urlscan.io logo urlscan.io
SecurityTrails logo

sso2.service.deutschebahn.com Open in urlscan Pro
81.200.194.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://db-planet.deutschebahn.com/search
Effective URL: https://sso2.service.deutschebahn.com/my.policy
Submission: On August 03 via api from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 35 HTTP transactions. The main IP is 81.200.194.6, located in Germany and belongs to BAHN-AS-BLN, DE. The main domain is sso2.service.deutschebahn.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 27th 2020. Valid for: 3 months.
This is the only time sso2.service.deutschebahn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20 194.233.207.2 6659 (NEXINTO-)
1 52.219.75.157 16509 (AMAZON-02)
1 17 81.200.194.6 34156 (BAHN-AS-BLN)
35 4
Domain Requested by
20 db-planet.deutschebahn.com 2 redirects db-planet.deutschebahn.com
17 sso2.service.deutschebahn.com 1 redirects db-planet.deutschebahn.com
sso2.service.deutschebahn.com
1 540942430142-dbplanet-eu-central-1-dbplanet-prod-cssfile.s3.amazonaws.com
35 3

This site contains links to these domains. Also see Links.

Domain
db.de
www.dbsystel.de
Subject Issuer Validity Valid
db-planet.deutschebahn.com
DigiCert Global CA G2		 2020-03-09 -
2021-04-24		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2021-03-12		 a year crt.sh
sso2.service.deutschebahn.com
Let's Encrypt Authority X3		 2020-05-27 -
2020-08-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sso2.service.deutschebahn.com/my.policy
Frame ID: A9B51F142560164EE919E8ED0A7D9FB0
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://db-planet.deutschebahn.com/search Page URL
  2. https://db-planet.deutschebahn.com/web/sso/login/dbahn-sso HTTP 302
    https://db-planet.deutschebahn.com/web/saml/login/alias/dbahn-sso?idp=https://sso2.service.deutschebahn.com/idp HTTP 302
    https://sso2.service.deutschebahn.com/saml/idp/profile/redirectorpost/sso?SAMLRequest=jZLRT8IwEMb%2FlaXvW2uHig2DoI... HTTP 302
    https://sso2.service.deutschebahn.com/my.policy Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Unix/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

35
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

1
Countries

3894 kB
Transfer

11284 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://db-planet.deutschebahn.com/search Page URL
  2. https://db-planet.deutschebahn.com/web/sso/login/dbahn-sso HTTP 302
    https://db-planet.deutschebahn.com/web/saml/login/alias/dbahn-sso?idp=https://sso2.service.deutschebahn.com/idp HTTP 302
    https://sso2.service.deutschebahn.com/saml/idp/profile/redirectorpost/sso?SAMLRequest=jZLRT8IwEMb%2FlaXvW2uHig2DoIRogpHA8MG30h2sZmtnr0P%2FfOsAxZgQHy%2F33ff17tfB6KOuoh041NZk5CJhJAKjbKHNNiOrfBr3yWg4QFlXvBHj1pdmAW8toI%2FCoEGx72SkdUZYiRqFkTWg8Eosx48zwRMmGme9VbYi0RgRnA9Rd9ZgW4NbgttpBavFLCOl9w0KSot13FTSgE8KaD2qEtayNImyNX2HNf1KpIiWykpLDOrQjENNokl4ljbSd6sc3UKHJ7iP%2BWvYmemioeGNG10BdVBoB8pb11j0tPOdWqeg2z0jG1khkOhhkhHJL16v%2B0pxKMpe2tNclWXJgW1ZL1UbFUQ4l4h6Bz9jiC08GPTS%2BIxwxlnM%2BjFLc3Yj0htxeZ2kV%2ByFRPPDxW612ZM4d971XoTiPs%2Fn8fxpmZPo%2BUg0CMiBn%2BjS3Sm488bySIsM%2F8smYPkGMqCnscND%2BfsXDT8B&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=aie6v%2BIaDStxx0ki7Gd2v4VhLgLHBwl6NtcpfX5kiFh8nDTpa97IV6aPfgC2x4RhJQkUQJF8G1rewrSur2nyWPI9UG%2F7V5aeL7q64sE9jp7GlVudTrBnpGp5Jcuv3mdOx6I2n0HqDTmcaWftQ9fhyE7QEc%2FjlxnyCCafl6%2Fs7267O12f8Wmerzk5Jm9rhFUPeXC9ahtVm8uUAjfBsGWQmV4mrJ1GAASIKXoelxkUM1D2pAUYBr9F8Loo96a9IGcYnldP3D04S5sl%2BqVV2pGvlYkgzVdjvWE7ecr7mU6SblcQAi3pl575zObFZWwj470TvKGgaluyCOvMscStxciaqg%3D%3D HTTP 302
    https://sso2.service.deutschebahn.com/my.policy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set search
db-planet.deutschebahn.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/search
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
4e10a22deeaed3f868ffabd0331f7ec862b8d19fa620141ceb0240e5196a31e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN ALLOW-FROM https://wap.service.deutschebahn.com ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Host
db-planet.deutschebahn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:51 GMT
Server
Apache/2.4.28 (Unix)
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Tue, 30 Jun 2020 14:09:17 GMT
ETag
"afe-5a94db8873d40"
Accept-Ranges
bytes
Content-Length
1352
X-Frame-Options
SAMEORIGIN ALLOW-FROM https://wap.service.deutschebahn.com ALLOW-FROM https://wap.service.deutschebahn.com
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=90
Connection
Keep-Alive
Content-Type
text/html
Set-Cookie
BIGipServercoyo-frontend-8081=!701aIxxFDFKTTZog1xlOvHMuNeIPoeN8W82ky3Gs7b8kNy2iDCrrvvDxPEf1ud4GeBPx8LzvitaA1lY=; expires=Mon, 03-Aug-2020 10:09:51 GMT; path=/; Httponly; Secure
C
141
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Vary
origin, Accept-Encoding
X-Access-Control-Policy
DBAHN20190909
Content-Encoding
gzip
config.js
db-planet.deutschebahn.com/ 		272 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/config.js
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/search
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
5514c3f2081d33e832ef0b6be0e274957d672cd0b784cd1059a19a77180ae129
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:52 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
141
Vary
origin
Content-Length
272
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
Last-Modified
Thu, 09 Jul 2020 20:19:42 GMT
Server
Apache/2.4.28 (Unix)
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
ETag
"110-5aa07f1d2d202"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
application/javascript
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
styles.939db32bd28ff82daaa0.css
db-planet.deutschebahn.com/ 		850 KB
197 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/styles.939db32bd28ff82daaa0.css
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/search
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
7b9c9995fb6033fd055cc93e836ddd05e25e006c56179c3751b97f21dbbb4fe6
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
C
141
Vary
origin, Accept-Encoding
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
Last-Modified
Tue, 30 Jun 2020 14:09:16 GMT
Server
Apache/2.4.28 (Unix)
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
ETag
"d46b1-5a94db877fb00"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
text/css
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
runtime.f01ee4a9e7e3db78e80a.js
db-planet.deutschebahn.com/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/runtime.f01ee4a9e7e3db78e80a.js
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/search
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
444fca89e12c0873b1001f2d6aab62df1169f66755e665328bd4404bcefc21f1
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
141
Vary
origin, Accept-Encoding
Content-Length
2360
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
Last-Modified
Tue, 30 Jun 2020 14:09:16 GMT
Server
Apache/2.4.28 (Unix)
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
ETag
"f75-5a94db877fb00"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
application/javascript
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
polyfills.3ce1fc988b769bfd14db.js
db-planet.deutschebahn.com/ 		126 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/polyfills.3ce1fc988b769bfd14db.js
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/search
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
0d55f25a094f0d1fae54ca5d12258bb4d87b22f0307c5cce6736400c5fc5527d
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
141
Vary
origin, Accept-Encoding
Content-Length
55279
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
Last-Modified
Tue, 30 Jun 2020 14:09:16 GMT
Server
Apache/2.4.28 (Unix)
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
ETag
"1f7c3-5a94db877fb00"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
application/javascript
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
scripts.aec73615c237274fe84b.js
db-planet.deutschebahn.com/ 		257 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/scripts.aec73615c237274fe84b.js
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/search
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
91f37e01c09ee6ca95a92e7e8f15e396ec42e70fe4d414d6e5efc016ca1baa21
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
141
Vary
origin, Accept-Encoding
Content-Length
103983
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
Last-Modified
Tue, 30 Jun 2020 14:09:16 GMT
Server
Apache/2.4.28 (Unix)
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
ETag
"4022e-5a94db877fb00"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
application/javascript
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=78
main.e3ebc7435cfc5f47c644.js
db-planet.deutschebahn.com/ 		8 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/main.e3ebc7435cfc5f47c644.js
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/search
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
f7607141d36f0ee7b65c01d25707220acabac81fe4f4723390f6d2f9402ff1d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
C
141
Vary
origin, Accept-Encoding
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
Last-Modified
Tue, 30 Jun 2020 14:09:16 GMT
Server
Apache/2.4.28 (Unix)
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
ETag
"846459-5a94db877fb00"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
application/javascript
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
SourceSansPro-Regular.788a2bcde2b056195512.woff
db-planet.deutschebahn.com/ 		130 KB
131 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/SourceSansPro-Regular.788a2bcde2b056195512.woff
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/search
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
154564c20eb3bd31c8212f6994482f59adfd00531be9509b0f52d310d623b26e
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://db-planet.deutschebahn.com

Response headers

Date
Mon, 03 Aug 2020 09:39:52 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
141
Vary
origin
Content-Length
133352
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
Last-Modified
Tue, 30 Jun 2020 14:09:16 GMT
Server
Apache/2.4.28 (Unix)
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
ETag
"208e8-5a94db877fb00"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
13.05b4ed618037e1e3f107.js
db-planet.deutschebahn.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/13.05b4ed618037e1e3f107.js
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/runtime.f01ee4a9e7e3db78e80a.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
4090c976baf00e5763ee6c20e650cd2d44132500dcceed1da218d069241ee4af
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
141
Vary
origin, Accept-Encoding
Content-Length
785
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
Last-Modified
Tue, 30 Jun 2020 14:09:16 GMT
Server
Apache/2.4.28 (Unix)
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
ETag
"4f8-5a94db877fb00"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
application/javascript
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
translations
db-planet.deutschebahn.com/web/languages/public/EN/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/web/languages/public/EN/translations
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/polyfills.3ce1fc988b769bfd14db.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
/
Resource Hash
b83517a94ba38163bd90a55ba7184ee819e55a975540790b11b5dff46b5ab12b
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
X-Coyo-Client-ID
81092cf2-b61e-bc77-6a6a-9867d09be744
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json
Cache-Control
no-cache, no-store
Referer
X-Coyo-Frontend-Version
21.8.0-RELEASE
If-Modified-Since
0

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
107
Content-Length
1024
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
Date
Mon, 03 Aug 2020 09:39:53 GMT
vary
accept-encoding, origin, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
public
db-planet.deutschebahn.com/web/settings/ 		448 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/web/settings/public
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/polyfills.3ce1fc988b769bfd14db.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
/
Resource Hash
9c07da0236dc3a9461652f3ff559244e204ecb50f9cec30d98ea00b16f2e57d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
X-Coyo-Client-ID
81092cf2-b61e-bc77-6a6a-9867d09be744
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json
Cache-Control
no-cache, no-store
Referer
X-Coyo-Frontend-Version
21.8.0-RELEASE
If-Modified-Since
0

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
108
Content-Length
275
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
Date
Mon, 03 Aug 2020 09:39:53 GMT
vary
accept-encoding, origin, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
public
db-planet.deutschebahn.com/web/themes/ 		87 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/web/themes/public
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/polyfills.3ce1fc988b769bfd14db.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
/
Resource Hash
b5e5bcd50aa7d3717a0c6cae21df9ed93589d81e1f02a98ffe65c6298fc231ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Pragma
no-cache
Cache-Control
no-cache, no-store
X-Coyo-Client-ID
81092cf2-b61e-bc77-6a6a-9867d09be744
If-Modified-Since
0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
ETag
"0193e5b450a3f2bbd024f65f18d89fb9d"
Connection
Keep-Alive
C
106
Content-Length
40868
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
Date
Mon, 03 Aug 2020 09:39:53 GMT
vary
accept-encoding, origin, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
X-Content-Type-Options
nosniff
public
db-planet.deutschebahn.com/web/auth/providers/ 		652 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/web/auth/providers/public
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/polyfills.3ce1fc988b769bfd14db.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
/
Resource Hash
756fbb3dd2e8f71906e4bd65a4172fc4848e3cff5ea572bfa889bcc13cbeeec2
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
X-Coyo-Client-ID
81092cf2-b61e-bc77-6a6a-9867d09be744
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json
Cache-Control
no-cache, no-store
Referer
X-Coyo-Frontend-Version
21.8.0-RELEASE
If-Modified-Since
0

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
101
Content-Length
320
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
Date
Mon, 03 Aug 2020 09:39:53 GMT
vary
accept-encoding, origin, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
public
db-planet.deutschebahn.com/web/maintenance/ 		0
1020 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/web/maintenance/public
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/polyfills.3ce1fc988b769bfd14db.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
X-Coyo-Client-ID
81092cf2-b61e-bc77-6a6a-9867d09be744
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json
Cache-Control
no-cache, no-store
Referer
X-Coyo-Frontend-Version
21.8.0-RELEASE
If-Modified-Since
0

Response headers

X-Access-Control-Policy
DBAHN20190909
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Referrer-Policy
no-referrer
Date
Mon, 03 Aug 2020 09:39:53 GMT
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
C
103
Vary
origin
Content-Length
0
X-XSS-Protection
1; mode=block
check
db-planet.deutschebahn.com/web/setup/ 		14 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/web/setup/check
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/polyfills.3ce1fc988b769bfd14db.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
/
Resource Hash
81c6b87982572eb73da59dd43b0928549e6b071f423753201a69386513de14ed
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
X-Coyo-Client-ID
81092cf2-b61e-bc77-6a6a-9867d09be744
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
application/json
Cache-Control
no-cache, no-store
Referer
X-Coyo-Frontend-Version
21.8.0-RELEASE
If-Modified-Since
0

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
106
Content-Length
34
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
Date
Mon, 03 Aug 2020 09:39:53 GMT
vary
accept-encoding, origin, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
logo-coyo-inversed-front.png
db-planet.deutschebahn.com/assets/images/logos/coyo/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://db-planet.deutschebahn.com/assets/images/logos/coyo/logo-coyo-inversed-front.png
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/main.e3ebc7435cfc5f47c644.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
547c5041711dcb718fa2cb7c1f122e00009fda6f4b565306f4e33bdadc339b9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
C
141
Vary
origin
Content-Length
7412
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
Last-Modified
Tue, 30 Jun 2020 14:09:16 GMT
Server
Apache/2.4.28 (Unix)
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
ETag
"1cf4-5a94db877fb00"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
styles.939db32bd28ff82daaa0.css
db-planet.deutschebahn.com/ 		850 KB
197 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://db-planet.deutschebahn.com/styles.939db32bd28ff82daaa0.css
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/polyfills.3ce1fc988b769bfd14db.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
Apache/2.4.28 (Unix) /
Resource Hash
7a165602cc4de0945778bb498457e8519053950778f60f28026cd1b5c602fb10
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
C
141
Vary
origin, Accept-Encoding
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
Last-Modified
Tue, 30 Jun 2020 14:09:16 GMT
Server
Apache/2.4.28 (Unix)
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
ETag
"d46b1-5a94db877fb00"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
text/css
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
bc08532e-1b0d-43d4-83da-9fed239cb0be
db-planet.deutschebahn.com/web/themes/public/files/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://db-planet.deutschebahn.com/web/themes/public/files/bc08532e-1b0d-43d4-83da-9fed239cb0be
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.233.207.2 , Germany, ASN6659 (NEXINTO-, DE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
ETag
"0d9258f166575152fa1a0954fc5fd860b"
X-Cnection
close
Content-Disposition
inline; filename="bc08532e-1b0d-43d4-83da-9fed239cb0be.png"; filename*=utf-8''bc08532e-1b0d-43d4-83da-9fed239cb0be.png
C
107
Content-Length
30987
X-XSS-Protection
1; mode=block
X-Access-Control-Policy
DBAHN20190909
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN, ALLOW-FROM https://wap.service.deutschebahn.com, ALLOW-FROM https://wap.service.deutschebahn.com
Date
Mon, 03 Aug 2020 09:39:56 GMT
Vary
origin
Content-Type
image/png
Access-Control-Allow-Origin
https://wap.service.deutschebahn.com
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors self https://wap.service.deutschebahn.com;
X-Content-Type-Options
nosniff
DBScreenSans-Regular.woff
540942430142-dbplanet-eu-central-1-dbplanet-prod-cssfile.s3.amazonaws.com/fontBinaries/20190814/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://540942430142-dbplanet-eu-central-1-dbplanet-prod-cssfile.s3.amazonaws.com/fontBinaries/20190814/DBScreenSans-Regular.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.75.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://db-planet.deutschebahn.com

Response headers

Date
Mon, 03 Aug 2020 09:39:58 GMT
ETag
"4a71fa4c1a0c32ed3a1cf7aca66b4d06"
Last-Modified
Wed, 14 Aug 2019 07:56:27 GMT
Server
AmazonS3
x-amz-request-id
879F74EEE5099190
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
x-amz-version-id
GR4G1DHg5o3YUUCw9yw6uSIuZqvwOIhS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Type
application/octet-stream
Content-Length
60304
x-amz-id-2
LxtLXwveHm4hlMitQ1NpWUkol6UeckpVC4oAVylQui02lNV4LxZ9vObx3M9Sn9hNJap1VuaQXuU=
Primary Request Cookie set my.policy
sso2.service.deutschebahn.com/
Redirect Chain
  • https://db-planet.deutschebahn.com/web/sso/login/dbahn-sso
  • https://db-planet.deutschebahn.com/web/saml/login/alias/dbahn-sso?idp=https://sso2.service.deutschebahn.com/idp
  • https://sso2.service.deutschebahn.com/saml/idp/profile/redirectorpost/sso?SAMLRequest=jZLRT8IwEMb%2FlaXvW2uHig2DoIRogpHA8MG30h2sZmtnr0P%2FfOsAxZgQHy%2F33ff17tfB6KOuoh041NZk5CJhJAKjbKHNNiOrfBr3yWg4Q...
  • https://sso2.service.deutschebahn.com/my.policy
31 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/my.policy
Requested by
Host: db-planet.deutschebahn.com
URL: https://db-planet.deutschebahn.com/main.e3ebc7435cfc5f47c644.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
fc1a66c350939c59b63d783b0d2b72908ff7ee2a960872e9cedee66f011b0c74
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

Host
sso2.service.deutschebahn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
LastMRH_Session=b1389be2; MRHSession=798e74f2d14de1dc8cbcd14eb1389be2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://db-planet.deutschebahn.com/f/login

Response headers

Date
Mon, 03 Aug 2020 09:39:57 GMT
Server
BigIP
Connection
close
Content-Type
text/html; charset=utf-8
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Frame-Options
DENY
Pragma
no-cache
Cache-Control
no-cache, must-revalidate
Content-Length
31704
Set-Cookie
LastMRH_Session=b1389be2;path=/;secure MRHSession=76bcbfffe9d4e2a0d3c0af81b1389be2;path=/;secure

Redirect headers

Server
BigIP
Connection
Close
Content-Length
0
Location
/my.policy
Strict-Transport-Security
max-age=16070400; includeSubDomains
Set-Cookie
LastMRH_Session=b1389be2;path=/;secure MRHSession=798e74f2d14de1dc8cbcd14eb1389be2;path=/;secure MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
apm.css
sso2.service.deutschebahn.com/public/include/css/ 		57 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/public/include/css/apm.css
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
ecbb70af2e6a8657b767ca945e3a3b2545a2db75e04ae691104fd51bdf6086b3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:57 GMT
Server
BigIP
X-Frame-Options
DENY
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=3600
Connection
close
Content-Length
58720
session_check.js
sso2.service.deutschebahn.com/public/include/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/public/include/js/session_check.js?v=13
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
a5ea9b6d1aa661f4df9f86ec4cd271bff35c6c1f243b49ad3b9ee4986f9ac8ff
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:57 GMT
Last-Modified
Fri, 23 Sep 2016 00:53:19 GMT
Server
BigIP
Age
3385
ETag
"1dd6-53d223449fdc0"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7638
agent_common.js
sso2.service.deutschebahn.com/public/include/js/ 		899 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/public/include/js/agent_common.js
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
be8d30e8dc85ed41a63a231766adaac8e301ddb3ec9237d02ceed9f73989e9f5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Mon, 25 Apr 2016 22:29:01 GMT
Server
BigIP
Age
1923
ETag
"383-53156b4092540"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=3600, must-revalidate
Date
Mon, 03 Aug 2020 09:39:57 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
899
web_host.js
sso2.service.deutschebahn.com/public/include/js/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/public/include/js/web_host.js
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
1ecfafb468fd9fc0adc1c714b32058d65190da19abccc6985312f44fc4aa6d61
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Wed, 31 May 2017 21:27:00 GMT
Server
BigIP
Age
3428
ETag
"39d9-550d8949c9100"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=3600, must-revalidate
Date
Mon, 03 Aug 2020 09:39:57 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
14809
logo.svg
sso2.service.deutschebahn.com/public/share/db_v1.0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso2.service.deutschebahn.com/public/share/db_v1.0/logo.svg
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
dccf7dc8c34e9b70b8b2d3c5cfc087d0bcbc854aa7cca6beffe9245d4a457e9d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:58 GMT
Last-Modified
Wed, 24 Jun 2020 12:32:29 GMT
Server
BigIP
Age
25312
ETag
"b07-5a8d3ab4bf140"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2823
schatten_header.png
sso2.service.deutschebahn.com/public/share/db_v1.0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso2.service.deutschebahn.com/public/share/db_v1.0/schatten_header.png
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
cedc733efc375f05081f9f960ff5d3925b8b6933f5923ced2b686034d8281bdc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:58 GMT
Last-Modified
Wed, 24 Jun 2020 12:32:29 GMT
Server
BigIP
Age
20405
ETag
"73d-5a8d3ab4bf140"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1853
logo.png
sso2.service.deutschebahn.com/public/share/db_planet/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso2.service.deutschebahn.com/public/share/db_planet/logo.png
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
2042d4344011c07ac367f5ef8bd20df92e89a2de5bdabba8f18e6541f33ececb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:57 GMT
Last-Modified
Wed, 24 Jun 2020 13:28:20 GMT
Server
BigIP
Age
26358
ETag
"9059-5a8d473082500"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
36953
tr.gif
sso2.service.deutschebahn.com/public/images/my/ 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso2.service.deutschebahn.com/public/images/my/tr.gif
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:58 GMT
Last-Modified
Sat, 10 Mar 2007 05:11:20 GMT
Server
BigIP
Age
3034
ETag
"2b-42b4b92116e00"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43
jquery-1.11.3.min.js
sso2.service.deutschebahn.com/public/share/db_v1.0/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/public/share/db_v1.0/jquery-1.11.3.min.js
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Wed, 24 Jun 2020 12:32:29 GMT
Server
BigIP
Age
35319
ETag
"176d5-5a8d3ab4bf140"
X-Frame-Options
DENY
Content-Type
text/plain
Date
Mon, 03 Aug 2020 09:39:57 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
95957
bootstrap.min.js
sso2.service.deutschebahn.com/public/share/db_v1.0/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/public/share/db_v1.0/bootstrap.min.js
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Wed, 24 Jun 2020 12:32:29 GMT
Server
BigIP
Age
11797
ETag
"8fd0-5a8d3ab4bf140"
X-Frame-Options
DENY
Content-Type
text/plain
Date
Mon, 03 Aug 2020 09:39:57 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
36816
bootstrap-hover-dropdown.min.js
sso2.service.deutschebahn.com/public/share/db_v1.0/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/public/share/db_v1.0/bootstrap-hover-dropdown.min.js
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
a19529e542e1f688a45a02f83c9fdc7947551f114fd2fd85d704010bb88bb8e4
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Wed, 24 Jun 2020 12:32:29 GMT
Server
BigIP
Age
10748
ETag
"6ed-5a8d3ab4bf140"
X-Frame-Options
DENY
Content-Type
text/plain
Date
Mon, 03 Aug 2020 09:39:57 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1773
jquery.matchHeight.js
sso2.service.deutschebahn.com/public/share/db_v1.0/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/public/share/db_v1.0/jquery.matchHeight.js
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
32a2429ec4ae425ff205d6c0bcc082c4e01881b1dcd654c974265d8dfebcce1b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://sso2.service.deutschebahn.com/my.policy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 09:39:58 GMT
Last-Modified
Wed, 24 Jun 2020 12:32:29 GMT
Server
BigIP
Age
300
ETag
"143b-5a8d3ab4bf140"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
text/plain
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5179
truncated
/ 		767 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca0023c8239f6187336b53d41c00bb44fe0a0a6463cd1890cc551ef831a3ae77

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
dboff03.woff
sso2.service.deutschebahn.com/public/share/db_v1.0/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/public/share/db_v1.0/dboff03.woff
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
b2adc8dce64e484294519363ae648d08ebbf98923486ccfb1efcb362cb973abb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sso2.service.deutschebahn.com/public/include/css/apm.css
Origin
https://sso2.service.deutschebahn.com

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Wed, 24 Jun 2020 12:32:29 GMT
Server
BigIP
Age
35994
ETag
"c8d4-5a8d3ab4bf140"
X-Frame-Options
DENY
Content-Type
application/octet-stream
Date
Mon, 03 Aug 2020 09:39:57 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
51412
dboff06.woff
sso2.service.deutschebahn.com/public/share/db_v1.0/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso2.service.deutschebahn.com/public/share/db_v1.0/dboff06.woff
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
59ed66b0d428ca1e737dd88a9aee1cdce259e754458828701ec6dda619c8c13c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sso2.service.deutschebahn.com/public/include/css/apm.css
Origin
https://sso2.service.deutschebahn.com

Response headers

Date
Mon, 03 Aug 2020 09:39:57 GMT
Last-Modified
Wed, 24 Jun 2020 12:32:29 GMT
Server
BigIP
Age
10906
ETag
"efb4-5a8d3ab4bf140"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/octet-stream
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
61364
schatten_footer.png
sso2.service.deutschebahn.com/public/share/db_v1.0/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso2.service.deutschebahn.com/public/share/db_v1.0/schatten_footer.png
Requested by
Host: sso2.service.deutschebahn.com
URL: https://sso2.service.deutschebahn.com/my.policy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.194.6 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
BigIP /
Resource Hash
21679aa3fdb523c36be547cb67b439f62be3c308e1f5944fa7f85b6115bfe56e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://sso2.service.deutschebahn.com/public/include/css/apm.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Wed, 24 Jun 2020 12:32:29 GMT
Server
BigIP
Age
8891
ETag
"d58-5a8d3ab4bf140"
X-Frame-Options
DENY
Content-Type
image/png
Date
Mon, 03 Aug 2020 09:39:57 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3416

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getHTTPRequestObject function| APMSessionTimeout function| parseQueryParams function| setFormAttributeByQueryParams string| mobileOS function| getMobileOperatingSystem function| DefaultExternalWebHostImpl function| AndroidExternalWebHostImpl function| iOSExternalWebHostImpl object| externalWebHost function| SessionExpired_CustomizedScreenGet boolean| globalRestartOnSubmit function| sessionTimedOut boolean| doAutoSubmit string| globalFormId string| globalTableId string| globalSubmitTrId object| globalSavePasswordCheckbox boolean| logonFormCompatible object| softTokenInput string| softTokenFieldId string| softTokenState string| softTokenNewPIN boolean| softTokenPINAutoPopulate boolean| challengeMode function| getInputField function| getSoftTokenInput function| getUsernameInput function| getPasswordInput function| edgeClientSoftTokenSupport function| getSoftTokenPrompt function| OnSubmitEdgeRSASoftToken function| getFormCompatibility function| setOrigUriLink function| OnLoad function| disableSubmit function| challengeAutoSubmit function| weblogonAutoSubmit function| checkExternalAddCheckbox function| OnSubmit function| verifyNewPassword function| masterSubmit function| setViewport function| delete_cookie function| getCookie function| onorientationchange function| dontChangePasswordClick object| finitvalues object| sessionLogonCustomizations object| sessionLogonCustomizationPairs object| pairs number| j object| pair object| sessionLogonValuesets object| inpx undefined| options undefined| initValue undefined| radio undefined| div undefined| elmdef undefined| input undefined| label undefined| anyChecked object| sessionTimeout function| $ function| jQuery object| jQuery111308821935017720475 function| F5_include_JS undefined| f5VirtualKeyboardMove undefined| f5VirtualKeyboardForceBlur undefined| f5VirtualKeyboardMessageText undefined| f5VirtualKeyboardHideText undefined| VirtualKeyboard_CustomizedMessageTextGet undefined| VirtualKeyboard_CustomizedHideTextGet

2 Cookies

Domain/Path Name / Value
sso2.service.deutschebahn.com/ Name: MRHSession
Value: 76bcbfffe9d4e2a0d3c0af81b1389be2
sso2.service.deutschebahn.com/ Name: LastMRH_Session
Value: b1389be2

4 Console Messages

Source Level URL
Text
console-api log URL: https://db-planet.deutschebahn.com/main.e3ebc7435cfc5f47c644.js(Line 1)
Message:
Running in browser, starting COYO now.
console-api info URL: https://db-planet.deutschebahn.com/main.e3ebc7435cfc5f47c644.js(Line 1)
Message:
[backendUrlService] Using backend URL strategy: relative
console-api info URL: https://db-planet.deutschebahn.com/main.e3ebc7435cfc5f47c644.js(Line 1)
Message:
Running version: [object Object]
console-api warning URL: https://db-planet.deutschebahn.com/main.e3ebc7435cfc5f47c644.js(Line 1)
Message:
[socketService] Connection failed for good: Not authenticated.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors self https://wap.service.deutschebahn.com;
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN ALLOW-FROM https://wap.service.deutschebahn.com ALLOW-FROM https://wap.service.deutschebahn.com
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

540942430142-dbplanet-eu-central-1-dbplanet-prod-cssfile.s3.amazonaws.com
db-planet.deutschebahn.com
sso2.service.deutschebahn.com
194.233.207.2
52.219.75.157
81.200.194.6
0d55f25a094f0d1fae54ca5d12258bb4d87b22f0307c5cce6736400c5fc5527d
154564c20eb3bd31c8212f6994482f59adfd00531be9509b0f52d310d623b26e
1ecfafb468fd9fc0adc1c714b32058d65190da19abccc6985312f44fc4aa6d61
2042d4344011c07ac367f5ef8bd20df92e89a2de5bdabba8f18e6541f33ececb
21679aa3fdb523c36be547cb67b439f62be3c308e1f5944fa7f85b6115bfe56e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32a2429ec4ae425ff205d6c0bcc082c4e01881b1dcd654c974265d8dfebcce1b
4090c976baf00e5763ee6c20e650cd2d44132500dcceed1da218d069241ee4af
444fca89e12c0873b1001f2d6aab62df1169f66755e665328bd4404bcefc21f1
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4e10a22deeaed3f868ffabd0331f7ec862b8d19fa620141ceb0240e5196a31e6
547c5041711dcb718fa2cb7c1f122e00009fda6f4b565306f4e33bdadc339b9c
5514c3f2081d33e832ef0b6be0e274957d672cd0b784cd1059a19a77180ae129
59ed66b0d428ca1e737dd88a9aee1cdce259e754458828701ec6dda619c8c13c
756fbb3dd2e8f71906e4bd65a4172fc4848e3cff5ea572bfa889bcc13cbeeec2
7a165602cc4de0945778bb498457e8519053950778f60f28026cd1b5c602fb10
7b9c9995fb6033fd055cc93e836ddd05e25e006c56179c3751b97f21dbbb4fe6
81c6b87982572eb73da59dd43b0928549e6b071f423753201a69386513de14ed
91f37e01c09ee6ca95a92e7e8f15e396ec42e70fe4d414d6e5efc016ca1baa21
9c07da0236dc3a9461652f3ff559244e204ecb50f9cec30d98ea00b16f2e57d6
a19529e542e1f688a45a02f83c9fdc7947551f114fd2fd85d704010bb88bb8e4
a5ea9b6d1aa661f4df9f86ec4cd271bff35c6c1f243b49ad3b9ee4986f9ac8ff
b2adc8dce64e484294519363ae648d08ebbf98923486ccfb1efcb362cb973abb
b5e5bcd50aa7d3717a0c6cae21df9ed93589d81e1f02a98ffe65c6298fc231ab
b83517a94ba38163bd90a55ba7184ee819e55a975540790b11b5dff46b5ab12b
be8d30e8dc85ed41a63a231766adaac8e301ddb3ec9237d02ceed9f73989e9f5
ca0023c8239f6187336b53d41c00bb44fe0a0a6463cd1890cc551ef831a3ae77
cedc733efc375f05081f9f960ff5d3925b8b6933f5923ced2b686034d8281bdc
dccf7dc8c34e9b70b8b2d3c5cfc087d0bcbc854aa7cca6beffe9245d4a457e9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ecbb70af2e6a8657b767ca945e3a3b2545a2db75e04ae691104fd51bdf6086b3
f7607141d36f0ee7b65c01d25707220acabac81fe4f4723390f6d2f9402ff1d6
fc1a66c350939c59b63d783b0d2b72908ff7ee2a960872e9cedee66f011b0c74