abo.bahn.de Open in urlscan Pro
81.200.196.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.fahrkarte.fsnw.de/
Effective URL:
https://abo.bahn.de/bestellen/?tarifid=112
Submission: On July 13 via automatic, source certstream-suspicious (July 13th 2023, 1:15:03 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 81.200.196.35, located in Frankfurt am Main, Germany and belongs to BAHN-AS-BLN, DE. The main domain is abo.bahn.de. The Cisco Umbrella rank of the primary domain is 966988.
TLS certificate: Issued by R3 on June 18th 2023. Valid for: 3 months.

This is the only time abo.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.13.161.86 85.13.161.86	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
14	81.200.196.35 81.200.196.35	34156 (BAHN-AS-BLN) (BAHN-AS-BLN)
14	2

1 85.13.161.86 (Germany) 1 redirects

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd27204.kasserver.com

www.fahrkarte.fsnw.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 81.200.196.35 (Frankfurt am Main, Germany)

ASN34156 (BAHN-AS-BLN, DE)

abo.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dig-aboprod.noncd.db.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bahn.de abo.bahn.de — Cisco Umbrella Rank: 966988	2 MB
6	db.de dig-aboprod.noncd.db.de — Cisco Umbrella Rank: 637838	8 KB
1	fsnw.de 1 redirects www.fahrkarte.fsnw.de	131 B
14	3

	Domain	Requested by
8	abo.bahn.de	abo.bahn.de
6	dig-aboprod.noncd.db.de	abo.bahn.de
1	www.fahrkarte.fsnw.de	1 redirects
14	3

This site contains links to these domains. Also see Links.

Domain
www.bahn.de

Subject Issuer	Validity	Valid
dig-aboprod.noncd.db.de R3	`2023-06-18` - `2023-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://abo.bahn.de/bestellen/?tarifid=112
Frame ID: 0C57450F3DD8D277434611CEE8C8E0DD
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Abo bestellen

Page URL History Show full URLs

https://www.fahrkarte.fsnw.de/ HTTP 301
https://abo.bahn.de/bestellen/?tarifid=112 Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

2501 kB
Transfer

2496 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bahn.de/p/view/home/info/impressum.shtml
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.bahn.de/p/view/home/agb/agb.shtml
Title: Beförderungsbedingungen

Search URL Search Domain Scan URL

URL: https://www.bahn.de/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.bahn.de/p/view/home/agb/nutzungsbedingungen.shtml
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.fahrkarte.fsnw.de/ HTTP 301
https://abo.bahn.de/bestellen/?tarifid=112 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
abo.bahn.de/bestellen/
Redirect Chain

https://www.fahrkarte.fsnw.de/
https://abo.bahn.de/bestellen/?tarifid=112

720 B
1 KB

250ms
46ms

Document
text/html

81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/bestellen/?tarifid=112

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

0cabbc8c8e26a999d993e409b3125c1d37c6c7835820318d152c386c49145385

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Connection: keep-alive
Content-Length: 720
Content-Security-Policy: frame-ancestor 'none';
Content-Type: text/html
Date: Thu, 13 Jul 2023 13:14:56 GMT
ETag: "64a67e25-2d0"
Last-Modified: Thu, 06 Jul 2023 08:41:09 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block

Redirect headers

content-length: 279
content-type: text/html; charset=iso-8859-1
date: Thu, 13 Jul 2023 13:14:56 GMT
location: https://abo.bahn.de/bestellen/?tarifid=112#/bestellportal/authorisation
server: Apache

GET
H/1.1 200
OK index.css
abo.bahn.de/bestellen/ 217 B
701 B 44ms
43ms Stylesheet
text/css 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/bestellen/index.css

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/bestellen/?tarifid=112

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

76e12d8d14edc534b7e150e087d962a4f5a83bd829731409aa1501ac3f9e878c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abo.bahn.de/bestellen/?tarifid=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 13:14:56 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Thu, 06 Jul 2023 08:41:06 GMT
ETag: "64a67e22-d9"
X-Frame-Options: deny
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 217
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.07469bc5.js Show response
abo.bahn.de/bestellen/static/js/ 2 MB
2 MB 90ms
45ms Script
application/javascript 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/bestellen/static/js/main.07469bc5.js

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/bestellen/?tarifid=112

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

feefdcf9f97ec105602b7ea3dd9d2281db490fe0d84c95c6075b9bdece58faa9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abo.bahn.de/bestellen/?tarifid=112
Origin: https://abo.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 13:14:56 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Thu, 06 Jul 2023 09:37:22 GMT
ETag: "64a68b52-20f146"
X-Frame-Options: deny
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2158918
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 tarife Show response
dig-aboprod.noncd.db.de/ 2 KB
3 KB 81ms
81ms Fetch
application/json 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://dig-aboprod.noncd.db.de/tarife?tarife=112&bestellportalToken=

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/bestellen/static/js/main.07469bc5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

5ce62a7ddaf8b24c9f4cf3b5545a16d1282c259e6a0bfd4282bd298ecb28884c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-user-agent: com.deutschebahn.abo.web
cache-control: no-cache
Referer: https://abo.bahn.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Thu, 13 Jul 2023 13:14:59 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://abo.bahn.de
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: 0

GET
DATA 200
OK truncated
/ 353 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 910d42773de429538b60f2bd714ebd734dd66dea33fcd52845228ea0daa77fe1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/jpeg

OPTIONS
H/1.1 200 tarife
dig-aboprod.noncd.db.de/ 0
0 182ms
47ms Preflight 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://dig-aboprod.noncd.db.de/tarife?tarife=112&bestellportalToken=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,x-user-agent
Access-Control-Request-Method: GET
Origin: https://abo.bahn.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: cache-control, content-type, x-user-agent
Access-Control-Allow-Methods: GET,HEAD,POST
Access-Control-Allow-Origin: https://abo.bahn.de
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 13 Jul 2023 13:14:59 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 metaConfigTarif
dig-aboprod.noncd.db.de/abobestellen/ 0
0 46ms
46ms Preflight 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://dig-aboprod.noncd.db.de/abobestellen/metaConfigTarif?tarifId=112&bestellportalToken=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,x-user-agent
Access-Control-Request-Method: GET
Origin: https://abo.bahn.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: cache-control, content-type, x-user-agent
Access-Control-Allow-Methods: GET,HEAD,POST
Access-Control-Allow-Origin: https://abo.bahn.de
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 13 Jul 2023 13:14:59 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 metaConfigTarif Show response
dig-aboprod.noncd.db.de/abobestellen/ 617 B
1 KB 49ms
48ms Fetch
application/json 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://dig-aboprod.noncd.db.de/abobestellen/metaConfigTarif?tarifId=112&bestellportalToken=

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/bestellen/static/js/main.07469bc5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

cd906dd608fcf3ac5c93353bcf93862a96d6e8b0260a4bc6fd38f5826020ed1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-user-agent: com.deutschebahn.abo.web
cache-control: no-cache
Referer: https://abo.bahn.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Thu, 13 Jul 2023 13:14:59 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://abo.bahn.de
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK DB-1d13287f.svg
abo.bahn.de/bestellen/assets/ 1 KB
2 KB 45ms
44ms Image
image/svg+xml 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abo.bahn.de/bestellen/assets/DB-1d13287f.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

1d13287fe5b45e638409e0de0047316cc625cd4ba26534cb3ca7f027509da74e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abo.bahn.de/bestellen/?tarifid=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 13:14:59 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Thu, 06 Jul 2023 08:41:09 GMT
ETag: "64a67e25-4a2"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1186
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK PaymentMethods-020f5830.svg
abo.bahn.de/bestellen/assets/ 11 KB
11 KB 50ms
49ms Image
image/svg+xml 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abo.bahn.de/bestellen/assets/PaymentMethods-020f5830.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

020f5830c677908ea17d40a6e9e046c6188220b7cebf6995a53ac56899d4fc2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abo.bahn.de/bestellen/?tarifid=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 13:14:59 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Thu, 06 Jul 2023 08:41:09 GMT
ETag: "64a67e25-2afc"
X-Frame-Options: deny
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11004
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK DBScreenSans-109e8b63.ttf
abo.bahn.de/bestellen/assets/ 120 KB
120 KB 92ms
47ms Font
text/plain 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/bestellen/assets/DBScreenSans-109e8b63.ttf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

85456a6fd7ae30956663c3a67ff3408cc169bc220d174c0c9afab6157455b2aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abo.bahn.de/bestellen/?tarifid=112
Origin: https://abo.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 13:14:59 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Thu, 06 Jul 2023 08:41:09 GMT
ETag: "64a67e25-1dfc8"
X-Frame-Options: deny
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122824
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK DBScreenSansBold-76893807.ttf
abo.bahn.de/bestellen/assets/ 135 KB
136 KB 98ms
48ms Font
text/plain 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/bestellen/assets/DBScreenSansBold-76893807.ttf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

14a0d80ce207ba7c9cd2b8dca9e2e233a1a11f78197fe39acd99d5e3b89e46bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abo.bahn.de/bestellen/?tarifid=112
Origin: https://abo.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 13:14:59 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Thu, 06 Jul 2023 08:41:09 GMT
ETag: "64a67e25-21d34"
X-Frame-Options: deny
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138548
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK DBScreenHeadBlack-766a4555.ttf
abo.bahn.de/bestellen/assets/ 113 KB
114 KB 195ms
105ms Font
text/plain 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://abo.bahn.de/bestellen/assets/DBScreenHeadBlack-766a4555.ttf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

93554bca8b0a343a79d60bb10ba36b4f22868465f4f35401c070e79f345c5607

Security Headers

Name	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abo.bahn.de/bestellen/?tarifid=112
Origin: https://abo.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 13 Jul 2023 13:14:59 GMT
Content-Security-Policy: frame-ancestor 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Thu, 06 Jul 2023 08:41:09 GMT
ETag: "64a67e25-1c448"
X-Frame-Options: deny
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115784
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 bestelltexte
dig-aboprod.noncd.db.de/tarife/112/ 0
0 48ms
48ms Preflight 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://dig-aboprod.noncd.db.de/tarife/112/bestelltexte

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,x-user-agent
Access-Control-Request-Method: GET
Origin: https://abo.bahn.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: cache-control, content-type, x-user-agent
Access-Control-Allow-Methods: GET,HEAD,POST
Access-Control-Allow-Origin: https://abo.bahn.de
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 13 Jul 2023 13:14:59 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 bestelltexte Show response
dig-aboprod.noncd.db.de/tarife/112/ 3 KB
4 KB 51ms
51ms Fetch
application/json 81.200.196.35
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://dig-aboprod.noncd.db.de/tarife/112/bestelltexte

Requested by

Host: abo.bahn.de
URL: https://abo.bahn.de/bestellen/static/js/main.07469bc5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.196.35 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

306e8ed02bdc131229a4c27b9c8e7938be93921290e73705877bae9e9e1b0100

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-user-agent: com.deutschebahn.abo.web
cache-control: no-cache
Referer: https://abo.bahn.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Thu, 13 Jul 2023 13:14:59 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://abo.bahn.de
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: 0

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://abo.bahn.de/bestellen/?tarifid=112#/bestellportal/authorisation Message: Unrecognized Content-Security-Policy directive 'frame-ancestor'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestor 'none';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abo.bahn.de
dig-aboprod.noncd.db.de
www.fahrkarte.fsnw.de
81.200.196.35
85.13.161.86
020f5830c677908ea17d40a6e9e046c6188220b7cebf6995a53ac56899d4fc2e
0cabbc8c8e26a999d993e409b3125c1d37c6c7835820318d152c386c49145385
14a0d80ce207ba7c9cd2b8dca9e2e233a1a11f78197fe39acd99d5e3b89e46bc
1d13287fe5b45e638409e0de0047316cc625cd4ba26534cb3ca7f027509da74e
306e8ed02bdc131229a4c27b9c8e7938be93921290e73705877bae9e9e1b0100
5ce62a7ddaf8b24c9f4cf3b5545a16d1282c259e6a0bfd4282bd298ecb28884c
76e12d8d14edc534b7e150e087d962a4f5a83bd829731409aa1501ac3f9e878c
85456a6fd7ae30956663c3a67ff3408cc169bc220d174c0c9afab6157455b2aa
910d42773de429538b60f2bd714ebd734dd66dea33fcd52845228ea0daa77fe1
93554bca8b0a343a79d60bb10ba36b4f22868465f4f35401c070e79f345c5607
cd906dd608fcf3ac5c93353bcf93862a96d6e8b0260a4bc6fd38f5826020ed1e
feefdcf9f97ec105602b7ea3dd9d2281db490fe0d84c95c6075b9bdece58faa9

abo.bahn.de Open in urlscan Pro 81.200.196.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

2501 kBTransfer

2496 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

abo.bahn.de Open in urlscan Pro
81.200.196.35 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

2501 kB
Transfer

2496 kB
Size

0
Cookies

14 HTTP transactions
1 data transactions