abo.bahn.de Open in urlscan Pro
81.200.196.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aboinfo.newsletter.deutschebahn.com/c/43261787/23ea68443548f6-s2ond5
Effective URL:
https://abo.bahn.de/portal/
Submission: On October 18 via manual (October 18th 2023, 1:02:20 pm UTC) from DE — Scanned from DE

Summary HTTP 10 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 81.200.196.35, located in Frankfurt am Main, Germany and belongs to BAHN-AS-BLN, DE. The main domain is abo.bahn.de. The Cisco Umbrella rank of the primary domain is 531887.
TLS certificate: Issued by R3 on October 18th 2023. Valid for: 3 months.

This is the only time abo.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.42.96.24 194.42.96.24	16509 (AMAZON-02) (AMAZON-02)
2 2	95.101.148.133 95.101.148.133	16625 (AKAMAI-AS) (AKAMAI-AS)
10	81.200.196.35 81.200.196.35	34156 (BAHN-AS-BLN) (BAHN-AS-BLN)
10	1

1 194.42.96.24 (Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ssl.cleverreach.com

aboinfo.newsletter.deutschebahn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.148.133 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-133.deploy.static.akamaitechnologies.com

www.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 81.200.196.35 (Frankfurt am Main, Germany)

ASN34156 (BAHN-AS-BLN, DE)

abo.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	bahn.de 2 redirects www.bahn.de — Cisco Umbrella Rank: 39156 abo.bahn.de — Cisco Umbrella Rank: 531887	914 KB
1	deutschebahn.com 1 redirects aboinfo.newsletter.deutschebahn.com	492 B
10	2

	Domain	Requested by
10	abo.bahn.de	abo.bahn.de
2	www.bahn.de	2 redirects
1	aboinfo.newsletter.deutschebahn.com	1 redirects
10	3

This site contains links to these domains. Also see Links.

Domain
www.bahn.de
www.db-vertrieb.com
www.deutschebahn.com

Subject Issuer	Validity	Valid
dig-aboprod.noncd.db.de R3	`2023-10-18` - `2024-01-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://abo.bahn.de/portal/
Frame ID: 632FCE768F7CC33EA7021F9DA64B3A0F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aboportal

Page URL History Show full URLs

https://aboinfo.newsletter.deutschebahn.com/c/43261787/23ea68443548f6-s2ond5 HTTP 302
http://www.bahn.de/aboportal HTTP 301
https://www.bahn.de/aboportal HTTP 301
https://abo.bahn.de/portal/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

913 kB
Transfer

2642 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bahn.de/

Search URL Search Domain Scan URL

URL: https://www.bahn.de/impressum
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.bahn.de/agb
Title: Beförderungsbedingungen

Search URL Search Domain Scan URL

URL: https://www.bahn.de/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.db-vertrieb.com/datenschutz/datenschutz-abo
Title: Datenschutz Abo

Search URL Search Domain Scan URL

URL: https://www.bahn.de/nutzungsbedingungen
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://www.bahn.de/kontakt/kuendigungsformular
Title: Vertrag kündigen

Search URL Search Domain Scan URL

URL: https://www.bahn.de/info/lieferkettensorgfaltspflichtengesetz
Title: LkSG

Search URL Search Domain Scan URL

URL: https://www.deutschebahn.com/de
Title: Konzern

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aboinfo.newsletter.deutschebahn.com/c/43261787/23ea68443548f6-s2ond5 HTTP 302
http://www.bahn.de/aboportal HTTP 301
https://www.bahn.de/aboportal HTTP 301
https://abo.bahn.de/portal/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
abo.bahn.de/portal/
Redirect Chain

https://aboinfo.newsletter.deutschebahn.com/c/43261787/23ea68443548f6-s2ond5
http://www.bahn.de/aboportal
https://www.bahn.de/aboportal
https://abo.bahn.de/portal/

2 KB
1 KB

73ms
15ms

Document
text/html

81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/portal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

6bbfc90b683741b3030df66baae177cb1da896824c5ce27fc2076c82914a1c41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestor 'none';
Content-Type: text/html
Date: Wed, 18 Oct 2023 13:02:14 GMT
ETag: W/"6529259a-94e"
Last-Modified: Fri, 13 Oct 2023 11:10:18 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block

Redirect headers

cache-control: max-age=0
content-length: 0
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
date: Wed, 18 Oct 2023 13:02:14 GMT
expires: Wed, 18 Oct 2023 13:02:14 GMT
location: https://abo.bahn.de/portal/#/
server: AkamaiGHost
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK main.00f0d767.js Show response
abo.bahn.de/static/js/ 2 MB
624 KB 17ms
16ms Script
application/javascript 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/static/js/main.00f0d767.js

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/portal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

04103705129cb710c4a3bb320df1dc36aab13a6e4e534d678fc8dbc0a5c3c91a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abo.bahn.de/portal/
Origin: https://abo.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 13:02:14 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 13 Oct 2023 11:20:40 GMT
Content-Encoding: gzip
ETag: W/"65292808-227ecc"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: application/javascript
Transfer-Encoding: chunked
Cache-Control: public, max-age=300
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK index-d146e88d.css
abo.bahn.de/assets/ 30 KB
6 KB 41ms
23ms Stylesheet
text/css 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/assets/index-d146e88d.css

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/portal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

d146e88daf12b0a1fad887902541227040304750bff3ddbd4834a7813d31bde3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abo.bahn.de/portal/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 13:02:14 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 13 Oct 2023 11:10:18 GMT
Content-Encoding: gzip
ETag: W/"6529259a-76a4"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: text/css
Transfer-Encoding: chunked
Cache-Control: public, max-age=300
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 abosystemInfo Show response
abo.bahn.de/ 7 B
603 B 33ms
32ms Fetch
application/json 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/abosystemInfo

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/static/js/main.00f0d767.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

9b2590d0862cbe762c65be5079cee23d5c9892edf74e6ba85138ad5b98f7e9c3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-user-agent: com.deutschebahn.abo.web
cache-control: no-cache
Referer: https://abo.bahn.de/portal/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 13:02:15 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'none'
Referrer-Policy: strict-origin-when-cross-origin
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK DB-547a06c1.svg
abo.bahn.de/assets/ 1 KB
1 KB 34ms
20ms Image
image/svg+xml 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abo.bahn.de/assets/DB-547a06c1.svg

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/portal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

547a06c1134017db9ca2f72a54724908f5bf2b05baeab93d1c232044bc78f5fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abo.bahn.de/portal/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 13:02:15 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 13 Oct 2023 11:10:18 GMT
Content-Encoding: gzip
ETag: W/"6529259a-4a1"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Cache-Control: public, max-age=300
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Account-24dp-rot-ca912c7b.svg
abo.bahn.de/assets/ 825 B
969 B 94ms
57ms Image
image/svg+xml 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abo.bahn.de/assets/Account-24dp-rot-ca912c7b.svg

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/portal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

ca912c7b36101e1f400dc9658e4a3e571ab433b88957e3bfea7a0dce0fc3747a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abo.bahn.de/portal/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 13:02:15 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 13 Oct 2023 11:10:18 GMT
Content-Encoding: gzip
ETag: W/"6529259a-339"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Cache-Control: public, max-age=300
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Bahn_S-Bahn_1389693_Hpgruesen_Pixabay-9f468faa.jpg
abo.bahn.de/assets/ 144 KB
145 KB 103ms
66ms Image
image/jpeg 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abo.bahn.de/assets/Bahn_S-Bahn_1389693_Hpgruesen_Pixabay-9f468faa.jpg

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/portal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

9f468faae5ed32aa2de747ea30acbaeb57647e6335d250137ece232dfedbd2f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abo.bahn.de/portal/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 13:02:15 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 13 Oct 2023 11:10:18 GMT
ETag: "6529259a-241da"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 147930
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK DBScreenSans-109e8b63.ttf
abo.bahn.de/assets/ 120 KB
64 KB 34ms
20ms Font
text/plain 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/assets/DBScreenSans-109e8b63.ttf

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/portal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

85456a6fd7ae30956663c3a67ff3408cc169bc220d174c0c9afab6157455b2aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abo.bahn.de/portal/
Origin: https://abo.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 13:02:15 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 13 Oct 2023 11:10:18 GMT
Content-Encoding: gzip
ETag: W/"6529259a-1dfc8"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: text/plain
Transfer-Encoding: chunked
Cache-Control: public, max-age=300
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK DBScreenSansBold-76893807.ttf
abo.bahn.de/assets/ 135 KB
69 KB 75ms
38ms Font
text/plain 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/assets/DBScreenSansBold-76893807.ttf

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/portal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

14a0d80ce207ba7c9cd2b8dca9e2e233a1a11f78197fe39acd99d5e3b89e46bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abo.bahn.de/portal/
Origin: https://abo.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 13:02:15 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 13 Oct 2023 11:10:18 GMT
Content-Encoding: gzip
ETag: W/"6529259a-21d34"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: text/plain
Transfer-Encoding: chunked
Cache-Control: public, max-age=300
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 049_Achtung_orange-1d31cfcf.svg
abo.bahn.de/assets/ 798 B
907 B 14ms
13ms Image
image/svg+xml 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abo.bahn.de/assets/049_Achtung_orange-1d31cfcf.svg

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/portal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

1d31cfcf233db25ef35e3b6f1b587308e3303f3044a7362a17cda71128a7920d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abo.bahn.de/portal/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 13:02:15 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 13 Oct 2023 11:10:18 GMT
Content-Encoding: gzip
ETag: W/"6529259a-31e"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Cache-Control: public, max-age=300
Connection: keep-alive
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			aboinfo.newsletter.deutschebahn.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5fHRYXEDIhDTmQ5lKvKbyaip1hA9Yw4rkTl1kSUC0OZ1l98V

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://abo.bahn.de/portal/#/ Message: Unrecognized Content-Security-Policy directive 'frame-ancestor'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abo.bahn.de
aboinfo.newsletter.deutschebahn.com
www.bahn.de
194.42.96.24
81.200.196.35
95.101.148.133
04103705129cb710c4a3bb320df1dc36aab13a6e4e534d678fc8dbc0a5c3c91a
14a0d80ce207ba7c9cd2b8dca9e2e233a1a11f78197fe39acd99d5e3b89e46bc
1d31cfcf233db25ef35e3b6f1b587308e3303f3044a7362a17cda71128a7920d
547a06c1134017db9ca2f72a54724908f5bf2b05baeab93d1c232044bc78f5fb
6bbfc90b683741b3030df66baae177cb1da896824c5ce27fc2076c82914a1c41
85456a6fd7ae30956663c3a67ff3408cc169bc220d174c0c9afab6157455b2aa
9b2590d0862cbe762c65be5079cee23d5c9892edf74e6ba85138ad5b98f7e9c3
9f468faae5ed32aa2de747ea30acbaeb57647e6335d250137ece232dfedbd2f7
ca912c7b36101e1f400dc9658e4a3e571ab433b88957e3bfea7a0dce0fc3747a
d146e88daf12b0a1fad887902541227040304750bff3ddbd4834a7813d31bde3

abo.bahn.de Open in urlscan Pro 81.200.196.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

1 IPs

1 Countries

913 kBTransfer

2642 kBSize

1 Cookies

9 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

abo.bahn.de Open in urlscan Pro
81.200.196.35 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

913 kB
Transfer

2642 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions