urlscan.io logo urlscan.io
SecurityTrails logo

vat.db-app.de Open in urlscan Pro
2606:4700:10::6814:f34d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trainticket.messe-essen.de/
Effective URL: https://vat.db-app.de/certify?event=1236&language=en
Submission: On September 07 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 5 domains to perform 43 HTTP transactions. The main IP is 2606:4700:10::6814:f34d, located in United States and belongs to CLOUDFLARENET, US. The main domain is vat.db-app.de.
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 3rd 2020. Valid for: 2 years.
This is the only time vat.db-app.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 145.253.168.103 3209 (VODANET I...)
36 2606:4700:10:... 13335 (CLOUDFLAR...)
2 104.109.90.218 20940 (AKAMAI-ASN1)
1 3 34.243.136.226 16509 (AMAZON-02)
1 54.154.62.31 16509 (AMAZON-02)
2 15.188.154.177 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
43 5
1    145.253.168.103 (Kirchhain, Germany)

ASN3209 (VODANET International IP-Backbone of Vodafone, DE)
PTR: bahnticket.messe-essen.de
trainticket.messe-essen.de
36    2606:4700:10::6814:f34d (United States)

ASN13335 (CLOUDFLARENET, US)
vat.db-app.de
2    104.109.90.218 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-90-218.deploy.static.akamaitechnologies.com
www.bahn.de
3    34.243.136.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-136-226.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.154.62.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-62-31.eu-west-1.compute.amazonaws.com
deutschebahn.demdex.net
2    15.188.154.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-154-177.eu-west-3.compute.amazonaws.com
st.bahn.de
1    66.117.28.86 (United States)

ASN15224 (OMNITURE, US)
cm.everesttech.net
Apex Domain
Subdomains		 Transfer
36 db-app.de
vat.db-app.de
862 KB
4 demdex.net
dpm.demdex.net
deutschebahn.demdex.net
3 KB
4 bahn.de
www.bahn.de
st.bahn.de
704 B
1 everesttech.net
cm.everesttech.net
554 B
1 messe-essen.de
trainticket.messe-essen.de
356 B
43 5
Domain Requested by
36 vat.db-app.de vat.db-app.de
3 dpm.demdex.net 1 redirects
2 st.bahn.de vat.db-app.de
2 www.bahn.de vat.db-app.de
1 cm.everesttech.net 1 redirects
1 deutschebahn.demdex.net vat.db-app.de
1 trainticket.messe-essen.de 1 redirects
43 7

This site contains links to these domains. Also see Links.

Domain
www.bahn.de
www.bahn.com
www.messe-essen.de
Subject Issuer Validity Valid
*.db-app.de
Thawte TLS RSA CA G1		 2020-01-03 -
2022-01-02		 2 years crt.sh
www.bahn.de
DigiCert SHA2 Extended Validation Server CA		 2020-01-10 -
2021-04-07		 a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
st.bahn.de
DigiCert SHA2 High Assurance Server CA		 2020-03-02 -
2021-06-09		 a year crt.sh

This page contains 2 frames:

Primary Page: https://vat.db-app.de/certify?event=1236&language=en
Frame ID: 7E7E8F677CD66F307A5DE727B3AFAC5F
Requests: 42 HTTP requests in this frame

Frame: https://deutschebahn.demdex.net/dest5.html?d_nsid=0
Frame ID: DBA905BD1EE13D0B540E15073B5DB96E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://trainticket.messe-essen.de/ HTTP 301
    https://vat.db-app.de/certify?event=1236&language=en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

43
Requests

100 %
HTTPS

14 %
IPv6

5
Domains

7
Subdomains

5
IPs

5
Countries

864 kB
Transfer

2928 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trainticket.messe-essen.de/ HTTP 301
    https://vat.db-app.de/certify?event=1236&language=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&d_nsid=0&ts=1599438917124 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&d_nsid=0&ts=1599438917124
Request Chain 40
  • https://cm.everesttech.net/cm/dd?d_uuid=35007877343489102101289738755217685060 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1WARQAABFFBWS3-

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request certify
vat.db-app.de/
Redirect Chain
  • https://trainticket.messe-essen.de/
  • https://vat.db-app.de/certify?event=1236&language=en
100 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
281f5b3383400313e2b474d66c2b59530c2b915bb772da1605a3e4e1ac3559b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

:method
GET
:authority
vat.db-app.de
:scheme
https
:path
/certify?event=1236&language=en
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 07 Sep 2020 00:35:11 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=d9d0262fe05c026688b1209221378c5b91599438910; expires=Wed, 07-Oct-20 00:35:10 GMT; path=/; domain=.db-app.de; HttpOnly; SameSite=Lax; Secure JSESSIONID=E232C0F7963A31421F4CD59D78E87307; Path=/; Secure; HttpOnly;HttpOnly;Secure __cflb=04dToYm78pax4qT6xYN8k7typEsiCVCPuWs24jnTtH; SameSite=None; Secure; path=/; expires=Mon, 07-Sep-20 01:05:11 GMT; HttpOnly
strict-transport-security
max-age=2592000; includeSubDomains
x-xss-protection
1;mode=block
x-content-type-options
nosniff
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0507960d780000c2bd38a82200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5cec5928cf31c2bd-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Mon, 07 Sep 2020 00:35:10 GMT
Server
Apache/2.4.7 (Ubuntu)
Location
https://vat.db-app.de/certify?event=1236&language=en
Cache-Control
max-age=500
Expires
Mon, 07 Sep 2020 00:43:30 GMT
Content-Length
356
Keep-Alive
timeout=2, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
portal.min.local.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/ 		462 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/portal.min.local.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=css
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc0941890fcc3d559682a1e3481312360177d57f874d06f91a3d00dcb39ab91
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38ab4200000001
last-modified
Fri, 04 Sep 2020 13:49:18 GMT
server
cloudflare
etag
W/"472877-1599227358000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300e85c2bd-FRA
expires
Mon, 14 Sep 2020 00:35:00 GMT
components.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/ 		91 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/components.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=primefaces&v=7.0.11
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea05e06d03c962bc0e3796c830bb74662851a6e7d43107ca8bf93d5427f82746
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38ab5200000001
last-modified
Tue, 24 Dec 2019 13:05:40 GMT
server
cloudflare
etag
W/"93238-1577192740000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300e88c2bd-FRA
expires
Mon, 14 Sep 2020 00:35:00 GMT
core.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/css/default/ 		133 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/css/default/core.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=bsf
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22517763c989254c5f785b2732e73824f5a26e731bb178fe3385e184c7de7d03
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38ab6200000001
last-modified
Thu, 30 Apr 2020 11:06:46 GMT
server
cloudflare
etag
W/"136330-1588244806000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300e8ac2bd-FRA
expires
Mon, 14 Sep 2020 00:35:00 GMT
bsf.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/css/bsf.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=bsf
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af2fc93c0f756bf0476a3a7874d279d6460378389d0147cccc9169b65c09ecc6
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38ab7200000001
last-modified
Thu, 30 Apr 2020 11:06:46 GMT
server
cloudflare
etag
W/"10087-1588244806000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300e8dc2bd-FRA
expires
Mon, 14 Sep 2020 00:35:00 GMT
jquery.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/jquery/jquery.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=primefaces&v=7.0.11
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38ab9200000001
last-modified
Tue, 24 Dec 2019 13:05:40 GMT
server
cloudflare
etag
W/"88144-1577192740000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300e90c2bd-FRA
expires
Mon, 14 Sep 2020 00:35:00 GMT
jquery-plugins.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/jquery/ 		261 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/jquery/jquery-plugins.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=primefaces&v=7.0.11
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e0ba5adbf9866007b03b87c20a3ed817530960d091e557aad3b95533ab1d77
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38aba200000001
last-modified
Tue, 24 Dec 2019 13:05:40 GMT
server
cloudflare
etag
W/"267202-1577192740000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300e91c2bd-FRA
expires
Mon, 14 Sep 2020 00:35:00 GMT
core.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/core.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=primefaces&v=7.0.11
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba284b56addb08418de2563d888768ce374386e8708253036a8f27533892b155
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38abb200000001
last-modified
Tue, 24 Dec 2019 13:05:40 GMT
server
cloudflare
etag
W/"37717-1577192740000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300e93c2bd-FRA
expires
Mon, 14 Sep 2020 00:35:00 GMT
components.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/ 		420 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/components.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=primefaces&v=7.0.11
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4df7094eb47f4b6f406bbfd7d79c8fb7dda4a68c68b28801f5de7a92e3e089ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38abc200000001
last-modified
Tue, 24 Dec 2019 13:05:40 GMT
server
cloudflare
etag
W/"429996-1577192740000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300e9dc2bd-FRA
expires
Mon, 14 Sep 2020 00:35:01 GMT
jsf.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/jsf.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=javax.faces
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c8056983cb42fa3a0cddc123730ae9a4ad37e8bc1e5cf6f9821ac322952c1b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38abd200000001
last-modified
Mon, 12 Mar 2018 13:43:58 GMT
server
cloudflare
etag
W/"44344-1520862238000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300ea3c2bd-FRA
expires
Mon, 14 Sep 2020 00:35:01 GMT
tooltip.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/js/tooltip.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=bsf
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf631ca4a1b40dfa687300121d091d4f2be1aae212eaa74e7f4398d63329f79
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38abe200000001
last-modified
Thu, 30 Apr 2020 11:06:46 GMT
server
cloudflare
etag
W/"15363-1588244806000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300ea4c2bd-FRA
expires
Mon, 14 Sep 2020 00:35:02 GMT
tooltip.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/ 		2 KB
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/tooltip.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=css
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf9dc769d01434a085b906594cf6a726f46ff53fb53f974c31c24fc07ca66ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38ab8200000001
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"2020-1586448850000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300e8fc2bd-FRA
expires
Mon, 14 Sep 2020 00:35:00 GMT
bsf.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/js/bsf.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=bsf
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c93abe1ce2d0a894dbc5e67ee2aa3e0bc05796973fc51a2a4cdfd7a5a4fbd938
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38abf200000001
last-modified
Thu, 30 Apr 2020 11:06:46 GMT
server
cloudflare
etag
W/"5251-1588244806000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300ea5c2bd-FRA
expires
Mon, 14 Sep 2020 00:35:00 GMT
modernizr-2.8.3.min.js
www.bahn.de/common/view/static/52419c2a/js/lib/modernizr/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/52419c2a/js/lib/modernizr/modernizr-2.8.3.min.js
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.90.218 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-90-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
portal-index.local-mod.js
vat.db-app.de/resources/js/ 		220 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/resources/js/portal-index.local-mod.js
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e605cf80f9f17662013355cb74749c37d6a63b95b5f6aed685763b1bfb2eddf
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38ac0200000001
last-modified
Mon, 25 May 2020 09:23:10 GMT
server
cloudflare
etag
W/"224811-1590398590000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300ea6c2bd-FRA
expires
Mon, 07 Sep 2020 01:05:13 GMT
jquery-ui.js
vat.db-app.de/resources/js/ 		527 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/resources/js/jquery-ui.js
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38ac1200000001
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"539419-1586448850000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300ea7c2bd-FRA
expires
Mon, 07 Sep 2020 01:05:15 GMT
datepicker_de.js
vat.db-app.de/resources/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/resources/js/datepicker_de.js?v=1599438899312
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da66fbe06a1e993da6821393618415497d6ec231d0d8dd2272522e811c143ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079612050000c2bd38ac2200000001
last-modified
Thu, 30 Apr 2020 12:55:54 GMT
server
cloudflare
etag
W/"4286-1588251354000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59300ea9c2bd-FRA
expires
Mon, 07 Sep 2020 01:05:15 GMT
db_em_rgb_100px.svg
vat.db-app.de/img/ 		1 KB
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vat.db-app.de/img/db_em_rgb_100px.svg
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1264080f8b5a148faf4f18dce04ba709fee4e9e388a08033d6e8d6ba05ead4b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2709
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079621180000c2bd38b5a200000001
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"1303-1586448850000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
x-xss-protection
1;mode=block
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59482e2ac2bd-FRA
expires
Mon, 07 Sep 2020 01:05:15 GMT
images
vat.db-app.de/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vat.db-app.de/images?event=1236
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
633e2e609309c05269f8b94b070ce2a70423666454f316f6b8c10e45b2f3b844
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 07 Sep 2020 00:35:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/png
status
200
x-xss-protection
1;mode=block
cf-ray
5cec59482e2cc2bd-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4522
cf-request-id
05079621180000c2bd38b5b200000001
DB_eM_rgb_200px.png
vat.db-app.de/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vat.db-app.de/img/DB_eM_rgb_200px.png
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f6cab5158dfaedaf0deda5ac29f9fb08887409b717f715df3ce7c5fab0adacc
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
etag
W/"2656-1586448848000"
cf-cache-status
HIT
age
2709
cf-polished
origFmt=png, origSize=2656
status
200
content-disposition
inline; filename="DB_eM_rgb_200px.webp"
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1026
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:08 GMT
server
cloudflare
date
Mon, 07 Sep 2020 00:35:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 07 Sep 2020 01:05:15 GMT
cache-control
public, max-age=1800
cf-request-id
05079621180000c2bd38b5c200000001
accept-ranges
bytes
cf-ray
5cec59482e2ec2bd-FRA
x-content-type-options
nosniff
cf-bgj
imgq:100,h2pri,csam-hash
wait.gif
vat.db-app.de/img/ 		941 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vat.db-app.de/img/wait.gif
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c2db0207722d2ea726a5365855d2a35eb115f859cd13b29361f5368bf28807
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:16 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=1008, status=webp_bigger
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
941
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"1008-1586448850000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
expires
Mon, 07 Sep 2020 01:05:16 GMT
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-request-id
05079621180000c2bd38b5d200000001
accept-ranges
bytes
cf-ray
5cec59482e2fc2bd-FRA
cf-bgj
imgq:100,h2pri
kk_g.jpg
vat.db-app.de/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vat.db-app.de/img/kk_g.jpg
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66d00070267b75ac65d50ca214daa78f32054f0825acc9a67e4e4ff6eef4f33a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:17 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
status=format_not_supported
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4066
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"4066-1586448850000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Mon, 07 Sep 2020 01:05:17 GMT
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-request-id
05079621180000c2bd38b5e200000001
accept-ranges
bytes
cf-ray
5cec59482e30c2bd-FRA
cf-bgj
imgq:100,h2pri
kk_g2.jpg
vat.db-app.de/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vat.db-app.de/img/kk_g2.jpg
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f511f5fa7d80f2cd6cb9c8e63d0c1acb31718b01fdd9e432f86f6744635d6137
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:17 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
status=format_not_supported
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14502
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"14502-1586448850000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Mon, 07 Sep 2020 01:05:17 GMT
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-request-id
05079621180000c2bd38b5f200000001
accept-ranges
bytes
cf-ray
5cec59482e31c2bd-FRA
cf-bgj
imgq:100,h2pri
index.js
vat.db-app.de/resources/js/ 		55 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/resources/js/index.js?v=1599438899312
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5de9ab2a9f8b6e53b0f4b0914629fcf7ef76c47289093dc8d9b90642c0004f07
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0507961e460000c2bd38b36200000001
last-modified
Thu, 30 Apr 2020 13:47:54 GMT
server
cloudflare
etag
W/"56093-1588254474000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec5943a9f6c2bd-FRA
expires
Mon, 07 Sep 2020 01:05:16 GMT
styleguide.css
vat.db-app.de/resources/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/resources/css/styleguide.css?v=1599438899312
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182e15b3b7c79bd5a3508831c652b50a5683dada78e497711788d712d9ee07ef
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079621140000c2bd38b56200000001
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"15039-1586448850000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1;mode=block
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59482e1fc2bd-FRA
expires
Mon, 07 Sep 2020 01:05:17 GMT
blueits.css
vat.db-app.de/resources/css/ 		61 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/resources/css/blueits.css?v=1599438899312
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157cb1e4419ee6aa647cb3d79e0163d5f6baa0fa3036cdb70bdfc1ab97701240
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079621180000c2bd38b57200000001
last-modified
Wed, 08 Jul 2020 09:04:10 GMT
server
cloudflare
etag
W/"62685-1594199050000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1;mode=block
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59482e25c2bd-FRA
expires
Mon, 07 Sep 2020 01:05:16 GMT
ajax-loader.gif
vat.db-app.de/resources/img/ 		768 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vat.db-app.de/resources/img/ajax-loader.gif
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c07aee04c3eab8acdeef6eda848dcc188f73c44a8b135f3e6586999a479ec42
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:16 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=3951, status=webp_bigger
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
768
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"3951-1586448850000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
expires
Mon, 07 Sep 2020 01:05:16 GMT
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-request-id
05079621180000c2bd38b60200000001
accept-ranges
bytes
cf-ray
5cec59482e32c2bd-FRA
cf-bgj
imgq:100,h2pri
s_code_2017-05-08.min.js
vat.db-app.de/resources/js/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/resources/js/s_code_2017-05-08.min.js
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f9a49f7c54cf7a6a2d06d8778e5288e1b6c4120da76e12daba028dfc6e799e
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079621180000c2bd38b58200000001
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"80026-1586448850000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
cache-control
public, max-age=1800
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59482e27c2bd-FRA
expires
Mon, 07 Sep 2020 01:05:16 GMT
collapse.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/javax.faces.resource/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/javax.faces.resource/js/collapse.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=bsf
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6064eb3dff7a5ecbd2c0b8e35312a69915a29a8f83815310ca148bb99237225b
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05079621180000c2bd38b59200000001
last-modified
Thu, 30 Apr 2020 11:06:46 GMT
server
cloudflare
etag
W/"4764-1588244806000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-ray
5cec59482e28c2bd-FRA
expires
Mon, 14 Sep 2020 00:35:03 GMT
modernizr-2.8.3.min.js
www.bahn.de/common/view/static/52419c2a/js/lib/modernizr/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/52419c2a/js/lib/modernizr/modernizr-2.8.3.min.js
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/certify?event=1236&language=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.90.218 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-90-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
dbsan03-webfont.woff
vat.db-app.de/resources/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/resources/fonts/dbsan03-webfont.woff
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/resources/css/styleguide.css?v=1599438899312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Origin
https://vat.db-app.de
Referer
https://vat.db-app.de/resources/css/styleguide.css?v=1599438899312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
2709
status
200
date
Mon, 07 Sep 2020 00:35:17 GMT
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48820
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"48820-1586448850000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=1800
cf-request-id
05079625d00000c2bd38b92200000001
accept-ranges
bytes
cf-ray
5cec594fbd41c2bd-FRA
expires
Mon, 07 Sep 2020 01:05:17 GMT
dbsan06-webfont.woff
vat.db-app.de/resources/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/resources/fonts/dbsan06-webfont.woff
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/resources/css/styleguide.css?v=1599438899312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Origin
https://vat.db-app.de
Referer
https://vat.db-app.de/resources/css/styleguide.css?v=1599438899312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
2709
status
200
date
Mon, 07 Sep 2020 00:35:17 GMT
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48880
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"48880-1586448850000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=1800
cf-request-id
05079625d00000c2bd38b93200000001
accept-ranges
bytes
cf-ray
5cec594fbd42c2bd-FRA
expires
Mon, 07 Sep 2020 01:05:17 GMT
db-icons.woff
vat.db-app.de/resources/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/resources/fonts/db-icons.woff
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/resources/css/styleguide.css?v=1599438899312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Origin
https://vat.db-app.de
Referer
https://vat.db-app.de/resources/css/styleguide.css?v=1599438899312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
2709
status
200
date
Mon, 07 Sep 2020 00:35:17 GMT
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29320
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
etag
W/"29320-1586448850000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=1800
cf-request-id
05079625e80000c2bd38b9c200000001
accept-ranges
bytes
cf-ray
5cec594fdd6fc2bd-FRA
expires
Mon, 07 Sep 2020 01:05:17 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&d_nsid=0&ts=1599438917124
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&d_nsid=0&ts=1599438917124
371 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&d_nsid=0&ts=1599438917124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.136.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-136-226.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c8d4d644317f14fdfafdd48d62545ff5b136af56c06e6060f7a05da1b630af2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v080-0b5c56be5.edge-irl1.demdex.com 5.77.1.20200831093501 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
BFvlAfdiT38=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://vat.db-app.de
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
307
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://vat.db-app.de
X-TID
wSrH2zJ1QvQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&d_nsid=0&ts=1599438917124
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
db-icons.woff
vat.db-app.de/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/fonts/db-icons.woff?de5f8900bd1b6298cc0ca94466418537
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/javax.faces.resource/portal.min.local.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Origin
https://vat.db-app.de
Referer
https://vat.db-app.de/javax.faces.resource/portal.min.local.css.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
2708
status
200
date
Mon, 07 Sep 2020 00:35:17 GMT
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29320
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:08 GMT
server
cloudflare
etag
W/"29320-1586448848000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=1800
cf-request-id
050796260c0000c2bd38b9d200000001
accept-ranges
bytes
cf-ray
5cec59501da4c2bd-FRA
expires
Mon, 07 Sep 2020 01:05:17 GMT
icon-sprite.png
vat.db-app.de/resources/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vat.db-app.de/resources/img/icon-sprite.png
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/resources/css/blueits.css?v=1599438899312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbf57a266037a80f2da96787104fc04b8e56431244f903c181c3a70fc2e3352d
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/resources/css/blueits.css?v=1599438899312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
etag
W/"17197-1586448850000"
cf-cache-status
HIT
age
2709
cf-polished
origFmt=png, origSize=17197
status
200
content-disposition
inline; filename="icon-sprite.webp"
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10168
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
date
Mon, 07 Sep 2020 00:35:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 07 Sep 2020 01:05:17 GMT
cache-control
public, max-age=1800
cf-request-id
050796261a0000c2bd38b9f200000001
accept-ranges
bytes
cf-ray
5cec59502dbec2bd-FRA
x-content-type-options
nosniff
cf-bgj
imgq:100,h2pri,csam-hash
icon-s73bc5bf69c.png
vat.db-app.de/resources/img/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vat.db-app.de/resources/img/icon-s73bc5bf69c.png
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/resources/css/blueits.css?v=1599438899312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9c637039b3ee0c2969c0d8fc6567564ac18b138dc490410078a5d22fe9ecfd
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/resources/css/blueits.css?v=1599438899312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
etag
W/"54236-1586448850000"
cf-cache-status
HIT
age
2709
cf-polished
origFmt=png, origSize=54236
status
200
content-disposition
inline; filename="icon-s73bc5bf69c.webp"
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31794
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
date
Mon, 07 Sep 2020 00:35:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 07 Sep 2020 01:05:17 GMT
cache-control
public, max-age=1800
cf-request-id
050796261a0000c2bd38ba0200000001
accept-ranges
bytes
cf-ray
5cec59502dbfc2bd-FRA
x-content-type-options
nosniff
cf-bgj
imgq:100,h2pri,csam-hash
index.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/ 		209 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vat.db-app.de/index.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/javax.faces.resource/jquery/jquery.js.xhtml;jsessionid=E232C0F7963A31421F4CD59D78E87307?ln=primefaces&v=7.0.11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c595e3050041f87d63f23d75f59938896e8a92756942e3780c37baf8fac881a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://vat.db-app.de/certify?event=1236&language=en
X-Requested-With
XMLHttpRequest
Faces-Request
partial/ajax
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 07 Sep 2020 00:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1;mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
text/xml;charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
cf-request-id
05079626240000c2bd38ba1200000001
cf-ray
5cec59503dd0c2bd-FRA
banner_vat.jpg
vat.db-app.de/resources/img/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vat.db-app.de/resources/img/banner_vat.jpg
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/resources/css/blueits.css?v=1599438899312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4a2b781c172957b99df9c53ed41a90383053149a79a9dac02b29f7668c60d2a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://vat.db-app.de/resources/css/blueits.css?v=1599438899312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
etag
W/"178135-1586448850000"
cf-cache-status
HIT
age
2709
cf-polished
origFmt=jpeg, origSize=178135
status
200
content-disposition
inline; filename="banner_vat.webp"
strict-transport-security
max-age=2592000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79412
x-xss-protection
1;mode=block
last-modified
Thu, 09 Apr 2020 16:14:10 GMT
server
cloudflare
date
Mon, 07 Sep 2020 00:35:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 07 Sep 2020 01:05:17 GMT
cache-control
public, max-age=1800
cf-request-id
05079626250000c2bd38ba2200000001
accept-ranges
bytes
cf-ray
5cec59503dd1c2bd-FRA
x-content-type-options
nosniff
cf-bgj
imgq:100,h2pri,csam-hash
Cookie set dest5.html
deutschebahn.demdex.net/ Frame DBA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://deutschebahn.demdex.net/dest5.html?d_nsid=0
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/resources/js/s_code_2017-05-08.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.62.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-62-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
deutschebahn.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vat.db-app.de/certify?event=1236&language=en
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=35007877343489102101289738755217685060
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://vat.db-app.de/certify?event=1236&language=en

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 03 Sep 2020 13:42:57 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=35007877343489102101289738755217685060;Path=/;Domain=.demdex.net;Expires=Sat, 06-Mar-2021 00:35:17 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
6bQlR6NCSWU=
Content-Length
2785
Connection
keep-alive
id
st.bahn.de/ 		48 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.bahn.de/id?d_visid_ver=2.1.0&d_fieldgroup=A&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&mid=35037600428671292511291550421775142757&ts=1599438917502
Requested by
Host: vat.db-app.de
URL: https://vat.db-app.de/resources/js/s_code_2017-05-08.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-154-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
bda6e3ccf4912c0204dced0e8bfb73bf86d2a426fd42da1e0dd9a50336c996c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Mon, 07 Sep 2020 00:35:17 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-59f68889dd-pzqkd
vary
Origin
x-c
master-1347.Ibe097b.M0-443
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://vat.db-app.de
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=X1WARQAABFFBWS3-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=35007877343489102101289738755217685060
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1WARQAABFFBWS3-
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1WARQAABFFBWS3-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.136.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-136-226.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v080-0e73e4a94.edge-irl1.demdex.com 5.77.1.20200831093501 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
dO2qTOw7Q/o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 07 Sep 2020 00:35:16 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X1WARQAABFFBWS3-
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
s6575065195960
st.bahn.de/b/ss/dbbahnprod/1/JS-2.1.0/ 		43 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.bahn.de/b/ss/dbbahnprod/1/JS-2.1.0/s6575065195960?AQB=1&ndh=1&pf=1&t=7%2F8%2F2020%202%3A35%3A17%201%20-120&mid=35037600428671292511291550421775142757&aamlh=6&ce=UTF-8&ns=deutschebahn&cdp=2&pageName=BAHN_IBE_DEU_EN_EVT_Suche&g=https%3A%2F%2Fvat.db-app.de%2Fcertify%3Fevent%3D1236%26language%3Den&c.&page_info=0%7C0%2C0x0%2C0x0%2C0%2C&first_page_of_visit=true&load_time=63&.c&cc=EUR&ch=BAHN_IBE_DEU_EN_EVT&events=event1%2Cevent45%2Cevent46&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c10=BAHN_IBE_DEU_EN_EVT&v10=D%3Dc10&c24=D%3DpageName&v24=D%3DpageName&c75=D%3Dv75&v75=https%3A%2F%2Fvat.db-app.de%2Fcertify&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-154-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vat.db-app.de/certify?event=1236&language=en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 00:35:17 GMT
x-content-type-options
nosniff
x-c
master-1347.Ibe097b.M0-443
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 08 Sep 2020 00:35:17 GMT
server
jag
xserver
anedge-59f68889dd-rfqxt
etag
3434768920317624320-4614334243355071595
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 06 Sep 2020 00:35:17 GMT

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| autosize function| PF object| PrimeFaces function| Class object| jsf object| mojarra object| process function| generateHTML_orig function| jq object| BsF object| breakpoints function| TabNav function| Stage function| Tabs function| Folder function| TimeInput function| ResponsiveImage function| ResponsiveLink function| MainNav function| Datepicker string| view function| raiseTime function| lowerTime function| intUhrzeitRueck function| initDatepicker function| setzeKKTyp function| updateZahlungsArt function| setPositionAutocompleteList function| getUrlParameter function| loadJQueryPluginBrowseruebergreifendeBestimmungDerHoeheEinesElements function| setDatePickerReadOnly function| toolTipDisplayCorrection function| discountCardCorrection function| wrongCharsInString function| preventCopyEmail function| scrollToTop number| fortschrittsanzeige_schritt function| svg_fortschrittsanzeige_true function| findOutKkType function| setKKType function| showZahlung function| showReservierung function| showAngebote function| clear_errors boolean| formFieldSucheError boolean| formFieldSucheAlterError function| validateSearchFields function| checkIfSucheFieldEmpty function| checkReisenderVorname function| checkReisenderNachname function| checkIfZahlungFieldEmpty function| checkKkExpiry function| resetRadioTarifAuswahl function| setRadioTarifAuswahl function| setRadioTarifAuswahlRueck function| setRadioTarifAuswahlKamineHin function| setRadioTarifAuswahlKamineRueck boolean| formFieldZahlungError function| validateZahlungFields boolean| formFieldPruefenError function| validatePruefenFields function| checkBonusCard function| showGutscheineIfNotEmpty function| showBahnBonus function| showBahnBonusInitial function| checkKkPruefziffer function| validateEmail function| checkEmail function| isNumber function| checkKkNumber function| scrollToRueckfahrten function| backToConnections function| forwardToPruefenUndBuchen function| showReiseauskunft function| showPruefenUndBuchen function| checkSearchError function| onSearchComplete function| verbindungAendern function| checkRueckfahrtVorHinfahrtError function| checkAngebotsdetailsError function| verbindungenOnComplete function| scrollToAdressedesReisenden function| scrollToZahlungsdaten function| scrollToError function| startDatumDatePickerCustomCSS function| zielDatumDatePickerCustomCSS function| zielDatumDatePickerValidation function| initializeTooltip function| openTooltip2 function| openTooltip function| detailsEinblenden function| bahnbonusEinblenden function| gutscheinEinblenden function| showAllGutscheinFields function| setVerbindungsstrichVerbindungsanzeige function| setDateHin function| setDateRueck function| setActiveSiteToSuche function| setActiveSiteToSucheNoRender function| setActiveSiteToVerbindungen function| setActiveSiteToAngebote function| setActiveSiteToReservierung function| setActiveSiteToReisender function| setActiveSiteToPruefen function| rc_switchBahnhoefe function| angebotssucheRequest function| forwardToOffers function| validateGutscheine function| commitZahlungsart function| truncate_pcidss function| render_fingerprint function| show_weiterleitung function| show_weiterleitung_url string| s_account function| Visitor object| visitor number| inHeadTS object| s function| s_getLoadTime function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in number| s_loadT number| s_objectID number| s_giq object| utag_cfg_ovrd undefined| s_code object| timeTo object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt string| max_initial_percent string| screen_res string| browser_dim number| pixel_dens string| device_ort object| optimizely object| s_i_dbbahnprod

4 Cookies

Domain/Path Name / Value
.db-app.de/ Name: AMCV_5FA50A5953FB37E50A4C98BC%40AdobeOrg
Value: 1099438348%7CMCIDTS%7C18513%7CvVersion%7C2.1.0
vat.db-app.de/ Name: JSESSIONID
Value: E232C0F7963A31421F4CD59D78E87307
vat.db-app.de/ Name: __cflb
Value: 04dToYm78pax4qT6xYN8k7typEsiCVCPuWs24jnTtH
.db-app.de/ Name: __cfduid
Value: d9d0262fe05c026688b1209221378c5b91599438910

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *;default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
deutschebahn.demdex.net
dpm.demdex.net
st.bahn.de
trainticket.messe-essen.de
vat.db-app.de
www.bahn.de
104.109.90.218
145.253.168.103
15.188.154.177
2606:4700:10::6814:f34d
34.243.136.226
54.154.62.31
66.117.28.86
08f9a49f7c54cf7a6a2d06d8778e5288e1b6c4120da76e12daba028dfc6e799e
09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377
0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67
0bf631ca4a1b40dfa687300121d091d4f2be1aae212eaa74e7f4398d63329f79
1264080f8b5a148faf4f18dce04ba709fee4e9e388a08033d6e8d6ba05ead4b1
157cb1e4419ee6aa647cb3d79e0163d5f6baa0fa3036cdb70bdfc1ab97701240
182e15b3b7c79bd5a3508831c652b50a5683dada78e497711788d712d9ee07ef
22517763c989254c5f785b2732e73824f5a26e731bb178fe3385e184c7de7d03
281f5b3383400313e2b474d66c2b59530c2b915bb772da1605a3e4e1ac3559b4
28c2db0207722d2ea726a5365855d2a35eb115f859cd13b29361f5368bf28807
298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7
3f6cab5158dfaedaf0deda5ac29f9fb08887409b717f715df3ce7c5fab0adacc
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4c8056983cb42fa3a0cddc123730ae9a4ad37e8bc1e5cf6f9821ac322952c1b2
4df7094eb47f4b6f406bbfd7d79c8fb7dda4a68c68b28801f5de7a92e3e089ff
5de9ab2a9f8b6e53b0f4b0914629fcf7ef76c47289093dc8d9b90642c0004f07
6064eb3dff7a5ecbd2c0b8e35312a69915a29a8f83815310ca148bb99237225b
633e2e609309c05269f8b94b070ce2a70423666454f316f6b8c10e45b2f3b844
66d00070267b75ac65d50ca214daa78f32054f0825acc9a67e4e4ff6eef4f33a
6c07aee04c3eab8acdeef6eda848dcc188f73c44a8b135f3e6586999a479ec42
6da66fbe06a1e993da6821393618415497d6ec231d0d8dd2272522e811c143ad
6e605cf80f9f17662013355cb74749c37d6a63b95b5f6aed685763b1bfb2eddf
6fc0941890fcc3d559682a1e3481312360177d57f874d06f91a3d00dcb39ab91
8c595e3050041f87d63f23d75f59938896e8a92756942e3780c37baf8fac881a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74
aaf9dc769d01434a085b906594cf6a726f46ff53fb53f974c31c24fc07ca66ba
ad9c637039b3ee0c2969c0d8fc6567564ac18b138dc490410078a5d22fe9ecfd
af2fc93c0f756bf0476a3a7874d279d6460378389d0147cccc9169b65c09ecc6
ba284b56addb08418de2563d888768ce374386e8708253036a8f27533892b155
bbf57a266037a80f2da96787104fc04b8e56431244f903c181c3a70fc2e3352d
bda6e3ccf4912c0204dced0e8bfb73bf86d2a426fd42da1e0dd9a50336c996c8
c3e0ba5adbf9866007b03b87c20a3ed817530960d091e557aad3b95533ab1d77
c8d4d644317f14fdfafdd48d62545ff5b136af56c06e6060f7a05da1b630af2a
c93abe1ce2d0a894dbc5e67ee2aa3e0bc05796973fc51a2a4cdfd7a5a4fbd938
ea05e06d03c962bc0e3796c830bb74662851a6e7d43107ca8bf93d5427f82746
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a2b781c172957b99df9c53ed41a90383053149a79a9dac02b29f7668c60d2a
f511f5fa7d80f2cd6cb9c8e63d0c1acb31718b01fdd9e432f86f6744635d6137