www.bahn.de Open in urlscan Pro
2a02:26f0:3500:18::1724:a29e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6...
Effective URL:
https://www.bahn.de/service/ueber-uns/umwelt
Submission: On June 25 via api (June 25th 2024, 9:42:32 am UTC) from DE — Scanned from DE

Summary HTTP 75 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 75 HTTP transactions. The main IP is 2a02:26f0:3500:18::1724:a29e, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.bahn.de. The Cisco Umbrella rank of the primary domain is 43109.
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.

This is the only time www.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	217.175.192.38 217.175.192.38	199236 (EMARSYS-A...) (EMARSYS-AS Emarsys eMarketing Systems AG)
39	2a02:26f0:350... 2a02:26f0:3500:18::1724:a29e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2a02:26f0:ab0... 2a02:26f0:ab00::5c7a:d721	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2600:9000:20e... 2600:9000:20eb:4600:c:198:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a299	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:350... 2a02:26f0:3500:18::1724:a28d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2600:9000:275... 2600:9000:275d:cc00:1b:1f8f:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:3bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
75	9

2 217.175.192.38 (Austria)

ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT)

link.bahncard.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a02:26f0:3500:18::1724:a29e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:ab00::5c7a:d721 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.static-bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:20eb:4600:c:198:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cms.static-bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a299 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

accounts.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:18::1724:a28d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p11.techlab-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:275d:cc00:1b:1f8f:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ucm-eu.verint-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:3bd (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	bahn.de 1 redirects www.bahn.de — Cisco Umbrella Rank: 43109 accounts.bahn.de — Cisco Umbrella Rank: 80937	456 KB
21	static-bahn.de assets.static-bahn.de — Cisco Umbrella Rank: 109037 cms.static-bahn.de — Cisco Umbrella Rank: 109571	770 KB
7	verint-cdn.com ucm-eu.verint-cdn.com — Cisco Umbrella Rank: 107928	72 KB
4	techlab-cdn.com p11.techlab-cdn.com — Cisco Umbrella Rank: 3740	59 KB
2	bahncard.de link.bahncard.de	989 B
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 805	2 KB
75	6

	Domain	Requested by
39	www.bahn.de	www.bahn.de link.bahncard.de cms.static-bahn.de
14	assets.static-bahn.de	www.bahn.de
7	ucm-eu.verint-cdn.com	cms.static-bahn.de ucm-eu.verint-cdn.com
7	cms.static-bahn.de	www.bahn.de link.bahncard.de cms.static-bahn.de
4	p11.techlab-cdn.com	www.bahn.de
2	accounts.bahn.de	1 redirects www.bahn.de
2	link.bahncard.de
1	cdn.optimizely.com	www.bahn.de
75	8

This site contains links to these domains. Also see Links.

Domain
int.bahn.de
gruen.deutschebahn.com
karriere.deutschebahn.com
regional.bahn.de
em2024.bahn.de
bahnshop.de
www.deutschebahn.com

Subject Issuer	Validity	Valid
link.bahncard.de R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
www.bahn.de R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
subsites.bahn.de R11	`2024-06-20` - `2024-09-18`	3 months	crt.sh
cms.static-bahn.de Amazon RSA 2048 M02	`2023-09-23` - `2024-10-21`	a year	crt.sh
p11.techlab-cdn.com R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh
verint-cdn.com Amazon RSA 2048 M03	`2024-06-06` - `2025-07-06`	a year	crt.sh
cdn.optimizely.com GTS CA 1P5	`2024-05-10` - `2024-08-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.bahn.de/service/ueber-uns/umwelt
Frame ID: 648B8643F7C42A3213D6041E8E39D480
Requests: 82 HTTP requests in this frame

Frame: https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html
Frame ID: D3C6589907E08645AF8074217B5C9D6E
Requests: 6 HTTP requests in this frame

Frame: https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html
Frame ID: 1326C84ED944179BDE5A635EC6C04064
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Das ist grün.

Page URL History Show full URLs

https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160a... Page URL
https://www.bahn.de/service/ueber-uns/umwelt Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

vue[.-]([\d.]*\d)[^/]*\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

75
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

9
IPs

3
Countries

1613 kB
Transfer

2841 kB
Size

21
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://int.bahn.de/cs
Title: Český Sprache wechseln: Český

Search URL Search Domain Scan URL

URL: https://int.bahn.de/da
Title: Dansk Sprache wechseln: Dansk

Search URL Search Domain Scan URL

URL: https://int.bahn.de/en
Title: English Sprache wechseln: English

Search URL Search Domain Scan URL

URL: https://int.bahn.de/es
Title: Español Sprache wechseln: Español

Search URL Search Domain Scan URL

URL: https://int.bahn.de/fr
Title: Français Sprache wechseln: Français

Search URL Search Domain Scan URL

URL: https://int.bahn.de/it
Title: Italiano Sprache wechseln: Italiano

Search URL Search Domain Scan URL

URL: https://int.bahn.de/nl
Title: Nederlands Sprache wechseln: Nederlands

Search URL Search Domain Scan URL

URL: https://int.bahn.de/pl
Title: Polski Sprache wechseln: Polski

Search URL Search Domain Scan URL

URL: https://gruen.deutschebahn.com/de
Title: 150 Maßnahmen

Search URL Search Domain Scan URL

URL: https://karriere.deutschebahn.com/karriere-de
Title: Jobs & Karriere Weitere Informationen: Jobs & Karriere

Search URL Search Domain Scan URL

URL: https://regional.bahn.de/
Title: regional.bahn.de Weitere Informationen: regional.bahn.de

Search URL Search Domain Scan URL

URL: https://em2024.bahn.de/
Title: Deutsche Bahn & UEFA EURO 2024™ Weitere Informationen: Deutsche Bahn & UEFA EURO 2024™

Search URL Search Domain Scan URL

URL: https://bahnshop.de/
Title: Bahnshop Weitere Informationen: Bahnshop

Search URL Search Domain Scan URL

URL: https://www.deutschebahn.com/de
Title: Konzern Weitere Informationen: Konzern

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480 Page URL
https://www.bahn.de/service/ueber-uns/umwelt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/auth?redirect_uri=https%3A%2F%2Fwww.bahn.de%2F.resources%2Fbahn-common-light%2Fwebresources%2Fassets%2Fhtml%2Fauth.v1.html&client_id=kf_web&response_type=code&state=RM7cYNmLUG&scope=openid%20vendo&response_mode=fragment&prompt=none&code_challenge=Kr2CCOdIWjkQXKApw0Q9M6cC7bUsQfsEiIjPPPfpBBU&code_challenge_method=S256 HTTP 302
https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html

75 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK nrd.php Show response
link.bahncard.de/u/ 617 B
674 B 209ms
163ms Document
text/html 217.175.192.38
EMARSYS-AS Emarsy...

General

Check archive.org

Show headers Download Go to

Full URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.175.192.38 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),
Reverse DNS
Software: /
Resource Hash: 3df3c66e48b4bc4f2ddc78cd0d1459c25fc0bdcc30bef0073557a6a914c0dc98

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 361
content-type: text/html; charset=utf-8
date: Tue, 25 Jun 2024 09:42:27 GMT
pragma: no-cache
vary: Accept-Encoding
x-af: suite29-web01c
x-fe: suite29-web01c
x-hf: suite-haproxy01c

GET
H2 200 Primary Request umwelt Show response
www.bahn.de/service/ueber-uns/ 38 KB
10 KB 110ms
48ms Document
text/html 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

27293a4151096b9d3400ce7e12f216c091f3431cb2fa93d2b3e7b22fdafe24ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://link.bahncard.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=131
content-encoding: gzip
content-length: 8229
content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-type: text/html;charset=UTF-8
date: Tue, 25 Jun 2024 09:42:27 GMT
expires: Tue, 25 Jun 2024 09:44:38 GMT
server-timing: intid;desc=8ee735431ae4b2e1
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK favicon.ico
link.bahncard.de/ 0
315 B 49ms
48ms Other
text/html 217.175.192.38
EMARSYS-AS Emarsy...

General

Check archive.org

Show headers Download Go to

Full URL

https://link.bahncard.de/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.175.192.38 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 09:42:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-af: suite29-web01c
content-type: text/html; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-hf: suite-haproxy01c
content-length: 0

GET
H2 200 asyncServices-91cbb27b.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 350 B
3 KB 119ms
117ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/asyncServices-91cbb27b.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

46ce05d42c0ace6157a2a88e54fee3c5de0527ba259f3964c650f4c0b8114e9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Thu, 28 Mar 2024 09:15:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=2616318d31628b95
content-length: 219
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 auth-0c990e31.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 159 KB
49 KB 120ms
118ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-0c990e31.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82bfba4e788bd3a2b1eeb38fdeeb42a5e328e888361e6f529ab4e55f420cd6b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=43f81b5884a6d935
content-length: 47963
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 main-06037a75.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 242 KB
144 KB 71ms
70ms Stylesheet
text/css 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/main-06037a75.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

06037a7559ba7c82d53a88bc41635492d2185daaabf6451518196e4c62114abd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Fri, 10 May 2024 16:25:59 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=d6b882536f36e8f9
content-length: 144506
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 text-image-e0a05c7d.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 760 B
3 KB 110ms
109ms Stylesheet
text/css 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/text-image-e0a05c7d.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e0a05c7dfbfab6cac8e00a91f558242e72741a554a4cdc598d02c2e4dd038901

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 29 Jan 2024 21:43:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=6730acc859da0967
content-length: 291
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 slider-a1c1f1d9.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 9 KB
4 KB 112ms
110ms Stylesheet
text/css 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/slider-a1c1f1d9.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a1c1f1d901d7ce0576d7a7626b6262d032a6a9a746f255e3f5f7369fccfbaccd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=8e8065f0579a1a19
content-length: 1526
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 teaser-slider-640ef554.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 17 KB
5 KB 113ms
111ms Stylesheet
text/css 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/teaser-slider-640ef554.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

640ef554933689e61a680d82199608949b363bf77580592adde8dddfb6179a54

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Fri, 10 May 2024 16:25:59 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=529b8297d3d02d43
content-length: 2441
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 content-teaser-6307e6e6.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 6 KB
4 KB 147ms
145ms Stylesheet
text/css 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/content-teaser-6307e6e6.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6307e6e6c84cde07545cdb21bda06a1dfb60701588652d86653f1ccfa50b4297

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=5b662b2c46868c95
content-length: 1489
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 highlight-icon-ebd2c53d.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 29 KB
10 KB 114ms
113ms Stylesheet
text/css 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/highlight-icon-ebd2c53d.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ebd2c53dc1e1739c079620657c5ac09d27d9772bb325b972d1db0f354774fb19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 29 Jan 2024 21:43:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=9fbd985dd3e87b23
content-length: 8408
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 business-338ea626.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 3 KB
3 KB 115ms
114ms Stylesheet
text/css 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/business-338ea626.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

338ea6262fda802bb8facff37e4961a3162ab8b896a75bbe226838da5f5cc0ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=e2a0f26beccb5e3d
content-length: 966
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 db-logo.svg
assets.static-bahn.de/dam/jcr:47b6ca20-95d9-4102-bc5a-6ebb5634f009/ 828 B
2 KB 65ms
23ms Image
image/svg+xml 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:47b6ca20-95d9-4102-bc5a-6ebb5634f009/db-logo.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.secure.force.com; frame-ancestors 'self'; style-src 'self' https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.secure.force.com; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de;
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
content-encoding: gzip
content-disposition: attachment; filename="db-logo.svg"
server-timing: intid;desc=bc34ee8412aaaf8b
content-length: 480
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 14:18:43 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Thu, 25 Jul 2024 09:42:27 GMT

GET
H2 200 Header_Klimaschutz_1280x440.jpeg
assets.static-bahn.de/.imaging/focalpoint/1280x440/dam/jcr:34be3f5b-c71f-4fe2-a27d-c6033895d986/ 219 KB
221 KB 73ms
32ms Image
image/avif 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/1280x440/dam/jcr:34be3f5b-c71f-4fe2-a27d-c6033895d986/Header_Klimaschutz_1280x440.jpeg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6e531af4f2f943cdaec728c4148a30249da96b4051d2a3ae07856b7cc4ba8435

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 10 Jun 2024 20:25:49 GMT
server: Akamai Image Manager
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=1334657
content-length: 223961
expires: Wed, 10 Jul 2024 20:26:44 GMT

GET
H2 200 breadcrumb-068223b8.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 1 KB
3 KB 87ms
79ms Stylesheet
text/css 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/breadcrumb-068223b8.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

068223b8947c010e2cc330761f81c58a118ca30b624c4e09966f6db792ced0de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 29 Jan 2024 21:43:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=7231813490dbd36d
content-length: 622
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 CO2Uhr_Hintergrund_abgedunkelt%20(1).jpeg
assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:e21b6e1d-c3e8-4a94-ac24-25bfedb30fb2/ 11 KB
13 KB 40ms
28ms Image
image/avif 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:e21b6e1d-c3e8-4a94-ac24-25bfedb30fb2/CO2Uhr_Hintergrund_abgedunkelt%20(1).jpeg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fd9d45712efcbd84604dd9180d65e1edc999476617c5819c8aba8cde4b95ae8c

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Fri, 19 Apr 2024 11:35:30 GMT
server: Akamai Image Manager
x-serial: 1620
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=1234670
content-length: 10999
expires: Tue, 09 Jul 2024 16:40:17 GMT

GET
H2 200 CMS89_4c-Bilanzierung%20des%20Einsatzes%20Erneuerbarer%20Energien_DE.jpg
assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:bb4498a2-bd03-4a25-9523-17154afc536b/ 17 KB
19 KB 74ms
62ms Image
image/avif 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:bb4498a2-bd03-4a25-9523-17154afc536b/CMS89_4c-Bilanzierung%20des%20Einsatzes%20Erneuerbarer%20Energien_DE.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

be8bbf5cc0b121c3dd28ad59bbb3b71bdd8cd7796310036db3135f7d0c55a9e1

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 24 Jun 2024 08:46:50 GMT
server: Akamai Image Manager
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=2502193
content-length: 17358
expires: Wed, 24 Jul 2024 08:45:40 GMT

GET
H2 200 Header_Energieeffizienz_1280x440_c.jpg
assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:0384a479-199f-498d-b3b3-3dd29c3d686d/ 34 KB
36 KB 75ms
64ms Image
image/avif 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:0384a479-199f-498d-b3b3-3dd29c3d686d/Header_Energieeffizienz_1280x440_c.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

1c9e1766175351ae990c98a2e1b5740455615e788bce228dfceb71f910c01ad8

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Tue, 14 May 2024 16:44:38 GMT
server: Akamai Image Manager
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=1208492
content-length: 34484
expires: Tue, 09 Jul 2024 09:23:59 GMT

GET
H2 200 Slider_4z2_Klimaschutz.jpg
assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:5ea87437-9a8f-450a-980e-db3050bc35e4/ 81 KB
83 KB 77ms
66ms Image
image/avif 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:5ea87437-9a8f-450a-980e-db3050bc35e4/Slider_4z2_Klimaschutz.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

52e9ac219a4443694709c4e87d9a4d546d156b66d426200ca0c34889466b50b0

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Thu, 16 May 2024 15:06:09 GMT
server: Akamai Image Manager
x-serial: 614
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=1332157
content-length: 82805
expires: Wed, 10 Jul 2024 19:45:04 GMT

GET
H2 200 246237-327231.png
assets.static-bahn.de/dam/jcr:ff5db063-905a-4b25-999c-744d7834c28f/ 8 KB
8 KB 47ms
44ms Image
image/webp 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.static-bahn.de/dam/jcr:ff5db063-905a-4b25-999c-744d7834c28f/246237-327231.png
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: d93b6a6c4e9e25042ac578899c157da4536d85c7cd0d6e0eab4d306e26e496ae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Wed, 01 Jun 2022 13:23:53 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=2089966
content-length: 8502
expires: Fri, 19 Jul 2024 14:15:13 GMT

GET
H2 200 footer-image-bar-21839a74.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 2 KB
3 KB 96ms
89ms Stylesheet
text/css 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/footer-image-bar-21839a74.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

21839a7404f2f6c58da0e2eb4dd97153566ade111226822bc05813e05770cafa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=53aa080c07310187
content-length: 481
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 paypal.svg
assets.static-bahn.de/dam/jcr:41560da4-1f88-47f5-be6a-6a8db627f24f/ 11 KB
6 KB 47ms
45ms Image
image/svg+xml 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:41560da4-1f88-47f5-be6a-6a8db627f24f/paypal.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e349f08ef2bbd0b0cbf65b912d0d1a9a6409253b7ab8e979473e0c3ce5deea07

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de;
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
content-encoding: gzip
content-disposition: attachment; filename="paypal.svg"
server-timing: intid;desc=7f693fe7b337532f
content-length: 4621
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Feb 2023 10:49:07 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Thu, 25 Jul 2024 09:42:27 GMT

GET
H2 200 icon_action_credit-card_1z1_fix.svg
assets.static-bahn.de/dam/jcr:edff799a-7517-4bff-9655-e569cb1269d9/ 2 KB
3 KB 51ms
49ms Image
image/svg+xml 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:edff799a-7517-4bff-9655-e569cb1269d9/icon_action_credit-card_1z1_fix.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b61a0d1104a1e7143331130d523d2818cd93b466fbafd28034250ad09f7522

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
content-encoding: gzip
content-disposition: attachment; filename="icon_action_credit-card_1z1_fix.svg"
server-timing: intid;desc=1543e83e328edb91
content-length: 1156
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Dec 2023 12:07:29 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Thu, 25 Jul 2024 09:42:27 GMT

GET
H2 200 icon_action_SEPA_1z1_fix.svg
assets.static-bahn.de/dam/jcr:0850a93d-94a7-4d9c-88b4-23735103fa58/ 4 KB
4 KB 52ms
50ms Image
image/svg+xml 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:0850a93d-94a7-4d9c-88b4-23735103fa58/icon_action_SEPA_1z1_fix.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8d5865f67a25e1a395c3acff873f8a053bf8e1ee45028fce3de94348d92c8705

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
content-encoding: gzip
content-disposition: attachment; filename="icon_action_SEPA_1z1_fix.svg"
server-timing: intid;desc=ccfa302a821eadf1
content-length: 1567
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Dec 2023 12:07:51 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Thu, 25 Jul 2024 09:42:27 GMT

GET
H2 200 icon_action_giropay_1z1_fix.svg
assets.static-bahn.de/dam/jcr:65863c1f-5208-4136-9059-fa2be9eef038/ 7 KB
5 KB 53ms
52ms Image
image/svg+xml 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:65863c1f-5208-4136-9059-fa2be9eef038/icon_action_giropay_1z1_fix.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dfd2a379d47c84d2fb258a52c0dab620bccbb859e30d498946182208bbae2bc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
content-encoding: gzip
content-disposition: attachment; filename="icon_action_giropay_1z1_fix.svg"
server-timing: intid;desc=eac2ef74902ae73f
content-length: 2793
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Feb 2024 15:02:10 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Thu, 25 Jul 2024 09:42:27 GMT

GET
H2 200 icon_action_apple-pay_1z1_fix.svg
assets.static-bahn.de/dam/jcr:bf72ae9d-3274-4e8a-af14-1b5d88ca5ae7/ 3 KB
4 KB 55ms
53ms Image
image/svg+xml 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:bf72ae9d-3274-4e8a-af14-1b5d88ca5ae7/icon_action_apple-pay_1z1_fix.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b76a5e8ca4f9a0e58f9eb8b3c80c47dd7cf499386bfd8078f4e842b712324a6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
content-encoding: gzip
content-disposition: attachment; filename="icon_action_apple-pay_1z1_fix.svg"
server-timing: intid;desc=150afd989630a2ff
content-length: 1264
x-xss-protection: 1; mode=block
last-modified: Tue, 07 May 2024 07:26:41 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Thu, 25 Jul 2024 09:42:27 GMT

GET
H2 200 scripts-71811dec.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 59 KB
22 KB 121ms
121ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d439642113ef7eea4b885264c34eb595ced8a9183d124ff86f501847f6940489

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=8d79aebdbef6dd95
content-length: 19903
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
DATA 200
OK truncated
/ 364 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0c58646f6d51cae4b6a321a4cda8506061527ec8ed23b7bd6ecf3467e99a0e4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 455 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80da003d8010021f3babdeafc674e173263d44a224d742b2499ea57e5ef09b19

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8086f37b2fef5219c0b43c66e419e6e1825aabd68be129ed32a07ed15a5a594b

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc25addd219ee127babf8f983627baefcceb59f88331ca84d393b9fc619c5e7e

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 47 KB
47 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5584fe2257cfa5c4adb5512df868b82272393a03b87f977730f8084b5c393e2c

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H2 200 chunk-KYHCSOBP-9bc65aa2.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 20 KB
10 KB 52ms
51ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/chunk-KYHCSOBP-9bc65aa2.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a8fc18e5131b33cf1ab0d1ff1bddf5dcf3fbefded621ad62bcdab8e1603d8b55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-0c990e31.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=72bec795f8169c4f
content-length: 7939
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 initUserContextService-6f861d89.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 53 KB
19 KB 30ms
29ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/initUserContextService-6f861d89.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

440374abad31fa2c2e8210eb31aceeedf4f801465dcd2b79b73637a7473a809d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-0c990e31.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 10 Jun 2024 13:56:52 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=f166c420baaa310f
content-length: 17492
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 vid-7f44c63f.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 9 KB
6 KB 53ms
53ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/vid-7f44c63f.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

150109c9969aa06f96f15462ed4402300c5e62d589b3e732bdbd077ce92b1d49

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-0c990e31.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=17484242c09e8d0b
content-length: 4237
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 isGkAdmin-fc973a56.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 632 B
3 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/isGkAdmin-fc973a56.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f854314f53b4360b3482ed44988ddc657f5f62e365b474d1887d97b2f15451d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-0c990e31.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=510a62b3375cc9eb
content-length: 401
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 chunk-M3V43RYW-68f10927.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 147 B
2 KB 34ms
33ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/chunk-M3V43RYW-68f10927.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

220b416e922cf74f723ea3d607444f68e8237d0d5bebe2792b983afa53a2f0d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-0c990e31.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Thu, 28 Mar 2024 09:15:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=a7d6cd9d8637e481
content-length: 152
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
DATA 200
OK truncated
/ 516 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 740e763788b22973bf5f029252de4632b64052197e9d2f152154df02707869ec

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ba7319051bb586b77a46b5aa7a664f577f1e95a78be1129f12476deeef241c7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 516 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a60a6064ac1724bb0abd0c82cc440ed072cb972ec5262430b5b42c7c859d37d1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a30e6d88034ba9769cf08be9b3069814dfaf577fde4ad1d887b54abc2cdae057

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 initTracking-2068209e.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 11 KB
7 KB 43ms
43ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/initTracking-2068209e.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e85e18d31d41e0a1223bf940b52e152ee7f34265f458083806b309ed4ca30779

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=34f1e55936f2d453
content-length: 4554
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 accordion-c85ca012.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 3 KB
4 KB 30ms
29ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/accordion-c85ca012.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

338faf4228ab73edbd054e14994c995591c4ee788f8d1022a2cfe62e72bd7b45

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=4f102df86f098a5d
content-length: 1235
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 app-popup.vue-72bea3df.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 14 KB
7 KB 32ms
31ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-popup.vue-72bea3df.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

355b21e34ae41656c7a18166035430d2543780da1037b4ab86e703ce3c4d6ddc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=c971580350e35b33
content-length: 5015
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 slider-0b1ebd75.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 361 B
3 KB 33ms
32ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/slider-0b1ebd75.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d538f182d4d2cfaa089c300d45d994003d6f90486b8eb2d7c3664789fa567581

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=a23447226850eb89
content-length: 280
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 contentTeaserDropdown-bd7c98f0.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 1 KB
3 KB 65ms
64ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/contentTeaserDropdown-bd7c98f0.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4b74b758dfd44e887d3d43df059a4ad5113329024784a7bf36fe5fdc63cd17dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 29 Jan 2024 21:43:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=b37c1523941c0eed
content-length: 578
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 defineAuthButtonWebComponent-0b47e554.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 3 KB
4 KB 66ms
65ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/defineAuthButtonWebComponent-0b47e554.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2a9ca248ef40d991cbcecc86fceeeaf615c3405bb28c5115665e02e7d13eac34

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=8fab02e9548d5725
content-length: 1684
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 wcagContentLink-c742f10f.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 268 B
3 KB 67ms
66ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/wcagContentLink-c742f10f.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8746be007a504a31a049853ffde3017ea0e55c666a0395eda49f9a6b81bbcab7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=6851020f381dc89d
content-length: 212
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 index.html Show response
www.bahn.de/.resources/bahn-common/webresources/storage/ Frame D3C6 2 KB
1 KB 112ms
112ms Document
text/html 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/initTracking-2068209e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bebe151505aa602d164966fe2984c580faa727215be6c551b1ddb2b6ede9a29c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' p11.techlab-cdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' p11.techlab-cdn.com; frame-ancestors 'self' https:; img-src 'self' data:; object-src 'none';
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=300
content-encoding: gzip
content-length: 849
content-security-policy: default-src 'self' p11.techlab-cdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' p11.techlab-cdn.com; frame-ancestors 'self' https:; img-src 'self' data:; object-src 'none';
content-type: text/html;charset=UTF-8
date: Tue, 25 Jun 2024 09:42:27 GMT
expires: Tue, 25 Jun 2024 09:47:27 GMT
last-modified: Thu, 23 May 2024 07:50:20 GMT
server-timing: intid;desc=30c12b67646ce0ed
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 utag.js Show response
cms.static-bahn.de/tms/next-main/ 246 KB
66 KB 38ms
7ms Script
text/javascript 2600:9000:20eb:4600:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/tms/next-main/utag.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6b4f438b1f63855ada999324e2841f49a50a51271a72bb4dc275fa3ba6ce223

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 03:31:33 GMT
x-amz-version-id: 9iCSi2dk_bpQLBw59o.1n2evI6HztvVD
content-encoding: gzip
last-modified: Thu, 20 Jun 2024 07:11:22 GMT
server: AmazonS3
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"3fa9853e5b510d2885ad6ce08e2e2ed9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 22255
x-amz-cf-id: 5k3dQbE_zSkzF8cUyRCmRc4h7FzH7aF70D-oHhrKJKepX5_ueI7mMQ==

GET
DATA 200
OK truncated
/ 536 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d9306f5f844bdca438a99633a6ab1e553e33635d363c533897ceb536698d9e7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 runtime-dom.esm-bundler-4de7d66a.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 53 KB
24 KB 50ms
50ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/runtime-dom.esm-bundler-4de7d66a.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6af5c62754b90f06cf88206b2565efb9fb0eeb963cc8eab50d5c84f74bb4e5a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-popup.vue-72bea3df.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=db3ea02eb933b8e1
content-length: 22464
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 adjustArrowsComponent-746f7596.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 25 KB
10 KB 52ms
52ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/adjustArrowsComponent-746f7596.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d0ffca94b3afa87057243b6690239c445dc7bbb5d3610ab392844546e0c5133

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/slider-0b1ebd75.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=520a3e9d9860a9b9
content-length: 7678
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 consent-layer-loader.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 6 KB
3 KB 9ms
9ms Script
text/javascript 2600:9000:20eb:4600:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Requested by: Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51812a205b45faf148e12b37f0f9ecf1dce6d5e7296bbfec281262bf075e5c4a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 3Zpl8NsUE2pOaFCN8aIQqaREGxxOy5KP
content-encoding: gzip
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
date: Tue, 25 Jun 2024 07:13:36 GMT
last-modified: Wed, 19 Jun 2024 07:55:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 8932
x-amz-server-side-encryption: AES256
etag: W/"88d6da8a12c98ceddb6b0e500bcdb07f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: eN-YQ0U03mWR8BXuIUNX2pZSa7YXRlDcseaUrK_NiozSjD_gmpcdKQ==

GET
H2 200 utag.1.js Show response
cms.static-bahn.de/tms/next-main/ 70 KB
23 KB 15ms
15ms Script
text/javascript 2600:9000:20eb:4600:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/tms/next-main/utag.1.js?utv=ut4.51.202406051137
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f38aea07a4beee6d9e86b4150e5ae29fc4e0c59b98b4515d00591e77d20383b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 07:13:35 GMT
x-amz-version-id: 5MMIvtH89TwAJ_1aT8c5sz2TSik_aUKz
content-encoding: gzip
last-modified: Thu, 20 Jun 2024 07:11:21 GMT
server: AmazonS3
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"6ba319eb543d0056b820a3e19edf8d9e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 8933
x-amz-cf-id: kuOyCbZrPKWU3xdXpeHk65Q63AmkiHYwZUc6iTvfMUqq0pMmcXB_uQ==

GET
H2 200 utag.11.js Show response
cms.static-bahn.de/tms/next-main/ 3 KB
2 KB 16ms
16ms Script
text/javascript 2600:9000:20eb:4600:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/tms/next-main/utag.11.js?utv=ut4.51.202404230841
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e82d05131eef7b4a7f839c37914faa36d440b787fcb0ebd762af6ecb1f6246f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 07:13:35 GMT
x-amz-version-id: bbEofPbHz0LGXOaNSnUM35pUsmVYhJCi
content-encoding: gzip
last-modified: Thu, 20 Jun 2024 07:11:21 GMT
server: AmazonS3
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"bf920b91ad454f93777fb4ae5417aea7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 8933
x-amz-cf-id: j4hqd19Omro-WwZsbSjlY7Yw6NcULHBkUIGOeHkuGYLwsviJLhMa5w==

GET
H2 200 openid-configuration Show response
accounts.bahn.de/auth/realms/db/.well-known/ 9 KB
4 KB 127ms
65ms Fetch
application/json 2a02:26f0:3500:18::1724:a299
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bahn.de/auth/realms/db/.well-known/openid-configuration

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/initUserContextService-6f861d89.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a299 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dda307b0c1c3438c236780748f99384ed63683dc7265c4bf590d4644de535d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://*.hcaptcha.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
server-timing: intid;desc=3295c84e45a80279, intid;desc=3295c84e45a80279
content-length: 2190
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
vary: Origin, Accept-Encoding
x-frame-options: ALLOW-FROM https://*.hcaptcha.com
content-type: application/json
access-control-allow-origin: https://www.bahn.de
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
expires: Tue, 25 Jun 2024 09:42:27 GMT

GET
H2 200 index-d100db95.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 12 KB
8 KB 63ms
63ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/index-d100db95.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

00da2c70a6ab6633377ae4d387fcf151128ad470a82cc16cf59721e09365f282

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/defineAuthButtonWebComponent-0b47e554.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=a79c70e6580f4d41
content-length: 5345
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 userStore-6ac61c2a.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 1 KB
3 KB 35ms
35ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/userStore-6ac61c2a.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f7f8c0fb3a81517531af1f84402eab7aab031f2333cb415f3c0e231491444873

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/defineAuthButtonWebComponent-0b47e554.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=6f8c518b42c44817
content-length: 814
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 useAuth-f5c26370.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 499 B
3 KB 75ms
75ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/useAuth-f5c26370.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cbd9eb505b2bd83ee9334279641af7bbd21ce61602bc0245b365228f1ec8d3cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/defineAuthButtonWebComponent-0b47e554.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=8a3414b25e048c31
content-length: 340
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 emptyUser-2cfb3e3d.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 206 B
3 KB 69ms
69ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/emptyUser-2cfb3e3d.js

Requested by

Host: link.bahncard.de
URL: https://link.bahncard.de/u/nrd.php?p=twYT6qViQU_2153270_3468891_1_30&ems_l=5804989&_esuh=_11_3278160ac5df6f314aaa2ef8a6e6ed1b8a68520214c178e3fe10b84f4a9e5480

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cf2aceccd2bdc3ac7f08c6e5bf68715befdf2bfd8433bc9b8f1fc0ab6d2d4b5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/defineAuthButtonWebComponent-0b47e554.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Mon, 17 Jun 2024 14:42:33 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=c6b86a161d0f43c9
content-length: 194
x-xss-protection: 1; mode=block
expires: Wed, 25 Jun 2025 09:42:27 GMT

GET
H2 200 CO2Uhr_Hintergrund_abgedunkelt%20(1).jpeg
assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:e21b6e1d-c3e8-4a94-ac24-25bfedb30fb2/ 11 KB
0 0ms
0ms Image
image/avif 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:e21b6e1d-c3e8-4a94-ac24-25bfedb30fb2/CO2Uhr_Hintergrund_abgedunkelt%20(1).jpeg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fd9d45712efcbd84604dd9180d65e1edc999476617c5819c8aba8cde4b95ae8c

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Fri, 19 Apr 2024 11:35:30 GMT
server: Akamai Image Manager
x-serial: 1620
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=1234670
content-length: 10999
expires: Tue, 09 Jul 2024 16:40:17 GMT

GET
H2 200 Slider_4z2_Klimaschutz.jpg
assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:5ea87437-9a8f-450a-980e-db3050bc35e4/ 81 KB
0 4ms
4ms Image
image/avif 2a02:26f0:ab00::5c7a:d721
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:5ea87437-9a8f-450a-980e-db3050bc35e4/Slider_4z2_Klimaschutz.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/service/ueber-uns/umwelt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00::5c7a:d721 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

52e9ac219a4443694709c4e87d9a4d546d156b66d426200ca0c34889466b50b0

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Tue, 25 Jun 2024 09:42:27 GMT
last-modified: Thu, 16 May 2024 15:06:09 GMT
server: Akamai Image Manager
x-serial: 614
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=1332157
content-length: 82805
expires: Wed, 10 Jul 2024 19:45:04 GMT

GET
H2 200 302da9d01e46838cfd97566078369c14b6ed0011a38979 Show response
www.bahn.de/static/ Frame D3C6 155 KB
55 KB 53ms
53ms Script
application/javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/static/302da9d01e46838cfd97566078369c14b6ed0011a38979

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

085ab86e9b7c58da258f1889ec3487896df78fa4464412ea8861c18d8b415463

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: tealium:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: tealium: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 09:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: tealium:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: tealium: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
content-md5: 5tSoYDQElgqdjPADt8ytlg==
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 55885
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Oct 2023 10:52:30 GMT
etag: 0x8DBD0917E1AA63B
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
x-frame-options: SAMEORIGIN
timing-allow-origin: *
expires: Tue, 25 Jun 2024 09:52:27 GMT

GET
H2 200 consent-layer-standalone.41ba11d4beb2f1ae137d.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 177 KB
131 KB 8ms
7ms Script
text/javascript 2600:9000:20eb:4600:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-standalone.41ba11d4beb2f1ae137d.js
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40caaaad6a98cd6b7b37d35272af677708739579a0797368db15f3fa609a3575

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 07:13:36 GMT
x-amz-version-id: rhr1zti2Fc6aHvM5hbMWCeTMLQ.M8q2b
content-encoding: gzip
last-modified: Wed, 19 Jun 2024 07:55:01 GMT
server: AmazonS3
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"82a38d19f4dab861c6ce61c6cf583138"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 8932
x-amz-cf-id: akw3PlG0GOZNih8pbzjzssn-c8WZdD8CO60olQ7Gb9Lt1AtmHTUmNA==

GET
H2 200 consent-layer.335a32c5293d7e61b425.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 23 KB
7 KB 15ms
15ms Script
text/javascript 2600:9000:20eb:4600:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer.335a32c5293d7e61b425.js
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae51c5ee1b4a5955061cdf4c01bb915e88e00a777a9f727a714a7d1d330e9116

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: JVRxhExXprNnMy.Vytx6i8S6i3EYPXIb
content-encoding: gzip
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
date: Tue, 25 Jun 2024 05:01:35 GMT
last-modified: Wed, 19 Jun 2024 07:55:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 16853
x-amz-server-side-encryption: AES256
etag: W/"25b6d41e2997deab08516a4cddc69a9d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 0MV3SA-IA3qdIl3PrSPkw9Q6Uve_ax_xSWTvD7jcDrto_P0ahsxoCA==

GET
H2 200 4.7f7c9899e51bc06aab15.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 188 KB
134 KB 9ms
9ms Script
text/javascript 2600:9000:20eb:4600:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/4.7f7c9899e51bc06aab15.js
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02dc321a890f3f78f6e7e2b55a8895d11ff10801f5cc50d2c4b79b5696156cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 05:25:49 GMT
x-amz-version-id: lfRnl7NqCkfy0i.LwJ_6FWQO7Bnmy0AP
content-encoding: gzip
last-modified: Wed, 19 Jun 2024 07:55:01 GMT
server: AmazonS3
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"3a973ad2c1db6108119b58936dc5c196"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 15399
x-amz-cf-id: Wpi3G5FGsocnbSyR3tTd6ToBbstiNJlZmmOkTKhgJL8p4aJleYAUjA==

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8086f37b2fef5219c0b43c66e419e6e1825aabd68be129ed32a07ed15a5a594b

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc25addd219ee127babf8f983627baefcceb59f88331ca84d393b9fc619c5e7e

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 47 KB
47 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5584fe2257cfa5c4adb5512df868b82272393a03b87f977730f8084b5c393e2c

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H2 200 65319_1825202461.js Show response
p11.techlab-cdn.com/e/ Frame D3C6 54 KB
18 KB 74ms
24ms Fetch
application/javascript 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65319_1825202461.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/static/302da9d01e46838cfd97566078369c14b6ed0011a38979
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 09:42:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 14:24:26 GMT
content-md5: TBz6CQ/Qf16sF8+q5U3Ixg==
etag: "0x8DA7C6E5C88AF92"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
content-length: 18223
expires: Tue, 25 Jun 2024 09:52:28 GMT

GET
H2 200 65257_1825232097.js Show response
p11.techlab-cdn.com/e/ Frame D3C6 14 KB
6 KB 75ms
26ms Fetch
application/javascript 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65257_1825232097.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/static/302da9d01e46838cfd97566078369c14b6ed0011a38979
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 09:42:28 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 12:38:55 GMT
content-md5: 7rdGFe+/Y2zHt4sXxqkzxw==
etag: 0x8DAD39902829531
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 6061
expires: Tue, 25 Jun 2024 09:52:28 GMT

GET
H2 200 64885_1825202523.js Show response
p11.techlab-cdn.com/e/ Frame D3C6 3 KB
2 KB 77ms
27ms Fetch
application/javascript 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/64885_1825202523.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/static/302da9d01e46838cfd97566078369c14b6ed0011a38979
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 09:42:28 GMT
content-encoding: gzip
last-modified: Sun, 24 Apr 2022 12:00:07 GMT
content-md5: DnvBZTKTbXGPNtxH2P6zMg==
etag: "0x8DA25E9F9A41165"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1470
expires: Tue, 25 Jun 2024 09:52:28 GMT

GET
H2 200 65226_1825232035.js Show response
p11.techlab-cdn.com/e/ Frame D3C6 70 KB
33 KB 87ms
38ms Fetch
application/javascript 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p11.techlab-cdn.com/e/65226_1825232035.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/static/302da9d01e46838cfd97566078369c14b6ed0011a38979
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 724be3f7bc4ed3c63fc7680e963cc7c365190de82c1e00556d2ed89b35704c5c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 09:42:28 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 16:09:39 GMT
content-md5: 8btfM5t1CjV45yZpx6RBaA==
etag: 0x8DB99BC33706E1B
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
timing-allow-origin: *
content-length: 33063
expires: Tue, 25 Jun 2024 09:52:28 GMT

GET
H2 200 desktop Show response
www.bahn.de/.rest/navigation/ 7 KB
4 KB 34ms
34ms XHR
application/json 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.rest/navigation/desktop?root=a5a66ce9-1eaa-41d7-87d4-1c9e52ea2bb1&site=next-bahn-de&lang=de

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-71811dec.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0472df912b09b45e4aed6ff9083a4c33586773e8e22dd309bf19dcbfcb984494

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' p11.techlab-cdn.com; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com p11.techlab-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com p11.techlab-cdn.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' p11.techlab-cdn.com; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com p11.techlab-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://trk-api.crossengage.io https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com p11.techlab-cdn.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:28 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
cache-control: public, max-age=67
server-timing: intid;desc=a63a8605d54979b5, intid;desc=a63a8605d54979b5
content-length: 1574
x-xss-protection: 1; mode=block
expires: Tue, 25 Jun 2024 09:43:35 GMT

GET
H2

200

auth.v1.html Show response
www.bahn.de/.resources/bahn-common-light/webresources/assets/html/ Frame 1326
Redirect Chain

https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/auth?redirect_uri=https%3A%2F%2Fwww.bahn.de%2F.resources%2Fbahn-common-light%2Fwebresources%2Fassets%2Fhtml%2Fauth.v1.html&client_id=...
https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html

0
2 KB

40ms
40ms

Document
text/html

2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/initUserContextService-6f861d89.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-type: text/html;charset=UTF-8
date: Tue, 25 Jun 2024 09:42:28 GMT
expires: Wed, 25 Jun 2025 09:42:28 GMT
last-modified: Fri, 22 Sep 2023 07:01:04 GMT
server-timing: intid;desc=d3ec31d3ddc00697
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 25 Jun 2024 09:42:28 GMT
expires: Tue, 25 Jun 2024 09:42:28 GMT
location: https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html#error=login_required&state=RM7cYNmLUG
pragma: no-cache
referrer-policy: no-referrer
server-timing: intid;desc=bc5f9a3b4bdf2b88 intid;desc=bc5f9a3b4bdf2b88
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
www.bahn.de/ 5 KB
3 KB 56ms
55ms Other
image/x-icon 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ae0400d6155fbbd61c93d4f5546e8a2e6c96f6aed576f5728f8500e8e9f6f816

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 09:42:28 GMT
last-modified: Thu, 22 Feb 2024 12:59:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: "1536-611f804b81b40"
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=2261879
accept-ranges: bytes
content-length: 1002
x-xss-protection: 1; mode=block
expires: Sun, 21 Jul 2024 14:00:27 GMT

GET
H2 200 user-context-data Show response
www.bahn.de/web/api/kundenkonto/ 90 B
881 B 83ms
83ms Fetch
application/json 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/kundenkonto/user-context-data

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/initUserContextService-6f861d89.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

efb6f8479192826d16401c81a6d66e06b75793cf696d4cd917084715316a4df8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: tealium:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: tealium: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-correlation-id: 75671862-4f11-4b56-be42-9632c26c2cc5_ec45c4bc-ff55-4151-8326-df0c4d6c5770
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json;charset=utf-8
accept: application/json;charset=utf-8
Referer: https://www.bahn.de/service/ueber-uns/umwelt
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 09:42:28 GMT
content-security-policy: default-src 'self' https: tealium:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: tealium: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"5a-g3GO6Iib84nBrmVNuRHICMdTzDM"
vary: accept,authorization,cookie
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=60
server-timing: intid;desc=8edb5473b7dda6d0, intid;desc=8edb5473b7dda6d0
content-length: 90
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 448 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c24dba7a46112b0f5d36478b8329b6cb76304b48a1b8395b2c4b32b838ac1f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 id Show response
www.bahn.de/st/ 48 B
751 B 60ms
60ms XHR
application/x-javascript 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/st/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&mid=13384509953708456828821569708378708191&ts=1719308548331

Requested by

Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

jag /

Resource Hash

db7418f001826f07351d85b29af31ac7d49375fe39e485ebbed294734816390d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: tealium:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: tealium: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Jun 2024 09:42:28 GMT
content-security-policy: default-src 'self' https: tealium:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: tealium: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
server: jag
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: application/x-javascript;charset=utf-8
cache-control: private, no-cache, no-store, no-transform
content-length: 48
x-xss-protection: 1; mode=block
expires: Tue, 25 Jun 2024 09:42:28 GMT

GET
H2 200 sdk.js Show response
ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/ 60 KB
18 KB 54ms
8ms Script
application/javascript 2600:9000:275d:cc00:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Requested by

Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.11.js?utv=ut4.51.202404230841

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:cc00:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

91d41722669cebe9c974d9a3eb39185f6e1777d4bd71eb6f312a2ab888965504

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 08:48:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 3215
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: BnFht0bg9FR5aLwcb83yattG6rTQ7f2mIs60DrR8MyzwvnPboK6HAw==

GET
H2 200 config.json Show response
ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/ 68 KB
6 KB 7ms
7ms Fetch
application/json 2600:9000:275d:cc00:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/config.json

Requested by

Host: ucm-eu.verint-cdn.com
URL: https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:cc00:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

c12acf59860d465d175a2fcfe79e289d2efd8df4172d28ed41bde5562472f4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 09:10:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 1895
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: YXNzEdS4vmi5Jy_uZCYRhlap6ssZF3C0aE3ZKQKfaHXry2VKUkHQwg==

GET
H2 200 customcode.js Show response
ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/ 15 KB
4 KB 11ms
10ms Script
application/javascript 2600:9000:275d:cc00:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/customcode.js

Requested by

Host: ucm-eu.verint-cdn.com
URL: https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:cc00:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

6be89c46dd1a97f676060ac6d860434eedaef7acdf276a0c0c2c2b1c504d6ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 09:23:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 1146
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: le0uqm1-HfbNqzNl8uV8eZyKOQeoB2tNzOtBWkeTI_1QEBbf4GjngA==

GET
H2 200 visitor.js Show response
ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/ 40 KB
13 KB 8ms
7ms Script
application/javascript 2600:9000:275d:cc00:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/visitor.js

Requested by

Host: ucm-eu.verint-cdn.com
URL: https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:cc00:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

ef52bcd5bc87b8fe86531a53766cd1349e122786526091a096a8387ba8862df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:44:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 1202294
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000;
x-amz-cf-id: i7Zf7HDIrmvfgJ5vl97S3k6CKB5R7kw66ZaDUe23CvjlPKmwY_pqiA==

GET
H2 200 rules-engine.js Show response
ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/ 45 KB
14 KB 12ms
11ms Script
application/javascript 2600:9000:275d:cc00:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/rules-engine.js

Requested by

Host: ucm-eu.verint-cdn.com
URL: https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:cc00:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

0286f646346070dab11f2a95f2a2a8b9239bcb0b7e55d31b2840299937801338

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 23:51:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 1331478
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000;
x-amz-cf-id: UjBSwaQyaMW9A7RnyeUj56iTz95yJtTEO5XHfNoZ-XgrNQscaJg9uw==

GET
H2 200 database.js Show response
ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/ 3 KB
1 KB 7ms
6ms Script
application/javascript 2600:9000:275d:cc00:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/database.js

Requested by

Host: ucm-eu.verint-cdn.com
URL: https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:cc00:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

e395304ac374c0ff547768dfbafecd0aa3f7dc3c7556a66e35d957934ff6768b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:14:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 2503698
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000;
x-amz-cf-id: EKVIWhpSKsJFRhBuoADdP-R5ZO4DBTc7E7kxw6ezZALlaAr3sJmJMw==

GET
H2 200 recording-engine.js Show response
ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/ 50 KB
16 KB 8ms
7ms Script
application/javascript 2600:9000:275d:cc00:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/recording-engine.js

Requested by

Host: ucm-eu.verint-cdn.com
URL: https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:cc00:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

f6c8a9e6257342b548d2f75fc969bbf253f4b3c7c5dd089abefb1623d73d6a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:14:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 2503698
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000;
x-amz-cf-id: 74M948BCpF93uq_eUPOQj20eQfuwuqerAaC5J-udJH16bMdCTWvN9g==

GET
H2 200 s57162085707345
www.bahn.de/st/b/ss/dbbahnprod/1/JS-2.23.0/ 43 B
806 B 147ms
147ms Image
image/gif 2a02:26f0:3500:18::1724:a29e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/st/b/ss/dbbahnprod/1/JS-2.23.0/s57162085707345?AQB=1&ndh=1&pf=1&t=25%2F5%2F2024%2011%3A42%3A28%202%20-120&sdid=4058655034B8E3A2-6294DFC6E45CF2A2&mid=13384509953708456828821569708378708191&ce=UTF-8&ns=deutschebahn&cdp=2&pageName=bahn-de_service_ueber-uns_umwelt&g=https%3A%2F%2Fwww.bahn.de%2Fservice%2Fueber-uns%2Fumwelt&r=https%3A%2F%2Flink.bahncard.de%2F&cc=EUR&ch=Content&c3=Anonym&v3=Anonym&c4=Content&v4=Content&c22=https%3A%2F%2Fwww.bahn.de%2Fservice%2Fueber-uns%2Fumwelt&v22=https%3A%2F%2Fwww.bahn.de%2Fservice%2Fueber-uns%2Fumwelt&c24=bahn-de_service_ueber-uns_umwelt&v24=bahn-de_service_ueber-uns_umwelt&c69=Logout&v69=Logout&c74=bahn-de_service_ueber-uns_umwelt&v74=bahn-de_service_ueber-uns_umwelt&c75=https%3A%2F%2Fwww.bahn.de%2Fservice%2Fueber-uns%2Fumwelt&v75=https%3A%2F%2Fwww.bahn.de%2Fservice%2Fueber-uns%2Fumwelt&v106=None&v110=bahn-de&v111=www.bahn.de&v112=service_ueber-uns_umwelt&v113=Content&v115=https%3A%2F%2Fwww.bahn.de%2Fservice%2Fueber-uns%2Fumwelt&v116=https%3A%2F%2Flink.bahncard.de%2F&v117=de&v118=Landscape&v119=Desktop&v120=service_ueber-uns_umwelt&v121=Logout&v122=Anonym&v126=false&v186=view%3Eut4.51.202406191330&v187=prd--default&v199=next-main&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a29e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: tealium:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: tealium: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/service/ueber-uns/umwelt
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 09:42:28 GMT
content-security-policy: default-src 'self' https: tealium:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: tealium: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 26 Jun 2024 09:42:28 GMT
server: jag
etag: 3692186993285660672-4618547192193013940
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, no-transform
expires: Tue, 25 Jun 2024 09:42:28 GMT

GET
H2 200 2VwfARuJAzeMmnZHy6KR3.json Show response
cdn.optimizely.com/datafiles/ 7 KB
2 KB 79ms
27ms XHR
application/json 2606:4700::6812:3bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/datafiles/2VwfARuJAzeMmnZHy6KR3.json
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-0c990e31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:3bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29f261d2e0828f8395000abd521ed17b095a139e3eb7cfc8430b062bd33b1b5a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-pci_enabled: False
date: Tue, 25 Jun 2024 09:42:28 GMT
content-encoding: gzip
x-amz-version-id: NndEjTct_DCJZyR7EAYrBCrYLi4WMZJ3
cf-cache-status: HIT
x-amz-request-id: YHBKQ7M5H60TPD47
age: 6
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 235
x-amz-replication-status: COMPLETED
content-length: 1406
x-amz-id-2: RmQKB6mzzFqByOiO/cl4ZRnoqlzCzKTBKP1XfWBIvfczfxw9ziMzz06OYIvhNGzNMA3MRHbsirQ=
last-modified: Wed, 19 Jun 2024 06:36:54 GMT
server: cloudflare
etag: "71051bc83c8e24cb7810e6ebdcafb35c"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length
cache-control: max-age=120
access-control-allow-credentials: false
access-control-max-age: 604800
accept-ranges: bytes
cf-ray: 899401fe7c5f9769-FRA
access-control-allow-headers: *

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: ca1b66c9-5a22-496d-be43-24bd348578ea.rh-sso-5c4c4f5749-ndg6d
accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: ca1b66c9-5a22-496d-be43-24bd348578ea.rh-sso-5c4c4f5749-ndg6d
accounts.bahn.de/auth/realms/db/	1970-01-20 21:35:10	Name: IDM_SID Value: b0d94cd6-7922-4287-8a72-2532a5c6eb51
accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: TS0135fa4a Value: 0144e11a91206844aeb74cde6dd3337f962319177ba07da4ae7dfcc721f442e93df24ccc117213158d5c69c9694909d54e0ca3f0f2
.bahn.de/	1970-01-21 06:20:44	Name: request_consent_v Value: 3
.accounts.bahn.de/	1969-12-31 23:59:59	Name: TS016c400a Value: 0144e11a91206844aeb74cde6dd3337f962319177ba07da4ae7dfcc721f442e93df24ccc117213158d5c69c9694909d54e0ca3f0f2
accounts.bahn.de/	1969-12-31 23:59:59	Name: TS51bc32fa027 Value: 0850f34bcdab200064887d19cb5fbd7b8df6bbfbde6b055de5cf90a29e5966d4cc80f22753db75360820cf29831130008424cdfe7bea3a11bb59d756c3b43164a83f654abe2cdd15972e6f823c906ccea7feb3d05b04c8549f5183d361feae58
.bahn.de/	1970-01-21 06:20:44	Name: _abck Value: BE98D4654D3556F9A6781B9317278B93~-1~YAAQmaAkF7IrPT2QAQAAGnjGTgyhu4jgvPrSojmLBRbAaKM6mF2JU10oiFSvNLqRgGwtBLBassRE7peKvW85dTWwzj/sz6eCmEiFm2/WNXFJkqV7sEciE0Cd2neWHHDtVHLUCOVukunn+s2M17oHsCXO25qD8h8LA3PIy/8h14qmdfT6mtTtBnmYv4ICqcbO9NmHnMqLF1fix0rsDUBv12E88IdTJ6hefWUjVUdzq3ES+BN0FpZqGUQw+KqQ3GwYqJo9lDsUjYxLgMh1A1bhp/T9+TWKbot+YGlrxQecJ3y4BZiFyqnpIsyXIJRvkRz+0243FalYvGQr5R6SEKNjdetyAspvfuUVzAePvMjQ+1z75rzn/ztGo/s=~-1~-1~-1
.bahn.de/	1970-01-20 21:35:22	Name: bm_sz Value: D6DAECCD1EE495901FA9475936F756D4~YAAQmaAkF7MrPT2QAQAAGnjGThhIea1cVCkXeALEp10JiyaZ/b/UI7sTOIoM2a8zcBh5w0f8oeGTHcK+UEd/kp9X0NooF6OvLI6fYTRPUGY57mKKj/onnuuWYJWd83w50TetlHbeu7Ey/KaWMARxX25ib9la+fzSzMadTtZApTug7dxbnrhh883B0CZaO7OjyFn1Va9ufZSz3pihjX+MEVKlw4BM3wScNGmTsOrUv46mZg/dy2K7q2uEGXiuvAS+H3HBqhHC0DzWTiXsSivWZEkO05K6wVfcEFnEvmXUgUJT776/1h0yKtxKXIiN5UDs8xoL3NOC6IJ0BRqdNZy4g5uyyhP+tlvifn+TAGyHX3uyP90OAViBBaTt~3289394~4272436
www.bahn.de/	1969-12-31 23:59:59	Name: TS01309da6 Value: 0144e11a911e499fda230986603f2ec2adb46ab5b1eb97cd6392396d03494499292db62c7326a22c2e21230898fe3a963adc7fe5d4
.bahn.de/	1970-01-21 06:20:44	Name: utag_main Value: v_id:01904ec676d0000c63297a0330430506f002c06700b08$_sn:1$_se:1%3Bexp-session$_ss:1%3Bexp-session$_st:1719310347793%3Bexp-session$ses_id:1719308547793%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:bahn.de
.bahn.de/	1970-01-21 07:11:08	Name: s_ecid Value: MCMID%7C13384509953708456828821569708378708191
.bahn.de/	1969-12-31 23:59:59	Name: AMCVS_5FA50A5953FB37E50A4C98BC%40AdobeOrg Value: 1
.bahn.de/	1970-01-21 07:11:08	Name: AMCV_5FA50A5953FB37E50A4C98BC%40AdobeOrg Value: 179643557%7CMCIDTS%7C19900%7CMCMID%7C13384509953708456828821569708378708191%7CMCAID%7CNONE%7CMCOPTOUT-1719315748s%7CNONE%7CvVersion%7C5.5.0
.bahn.de/	1970-01-20 21:35:10	Name: uws_session Value: %7B%22start%22%3A1719308548427%2C%22count%22%3A1%2C%22referrer%22%3A%22link.bahncard.de%2F%22%7D%7Csession_timeout
.bahn.de/	1970-01-20 21:35:10	Name: uws_rate_comparators Value: %7B%22global%22%3A0.0275246715430133%7D%7Csession_timeout
.bahn.de/	1970-01-20 21:45:13	Name: uws_visitor Value: %7B%22vid%22%3A%22171930854842755508%22%2C%22start%22%3A1719308548427%2C%22count%22%3A1%7D%7C1727084548436
.bahn.de/	1970-01-20 21:35:10	Name: uws_story_Start_Server_Recording Value: %7B%22done%22%3Afalse%2C%22stopped%22%3Atrue%7D%7Csession_timeout
.bahn.de/	1970-01-20 21:35:10	Name: uws_recording Value: %7B%22status%22%3A%22recording%22%2C%22conditional%22%3Atrue%2C%22sessionActivated%22%3Afalse%2C%22recordingType%22%3Anull%7D%7Csession_timeout
.bahn.de/	1970-01-20 21:35:10	Name: uws_story_Start_Buffer_Recording Value: %7B%22done%22%3Atrue%2C%22stopped%22%3Afalse%7D%7Csession_timeout
.bahn.de/	1969-12-31 23:59:59	Name: s_cc Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.bahn.de
assets.static-bahn.de
cdn.optimizely.com
cms.static-bahn.de
link.bahncard.de
p11.techlab-cdn.com
ucm-eu.verint-cdn.com
www.bahn.de
217.175.192.38
2600:9000:20eb:4600:c:198:5740:93a1
2600:9000:275d:cc00:1b:1f8f:6780:93a1
2606:4700::6812:3bd
2a02:26f0:3500:18::1724:a28d
2a02:26f0:3500:18::1724:a299
2a02:26f0:3500:18::1724:a29e
2a02:26f0:ab00::5c7a:d721
00da2c70a6ab6633377ae4d387fcf151128ad470a82cc16cf59721e09365f282
0286f646346070dab11f2a95f2a2a8b9239bcb0b7e55d31b2840299937801338
0472df912b09b45e4aed6ff9083a4c33586773e8e22dd309bf19dcbfcb984494
06037a7559ba7c82d53a88bc41635492d2185daaabf6451518196e4c62114abd
068223b8947c010e2cc330761f81c58a118ca30b624c4e09966f6db792ced0de
085ab86e9b7c58da258f1889ec3487896df78fa4464412ea8861c18d8b415463
0e82d05131eef7b4a7f839c37914faa36d440b787fcb0ebd762af6ecb1f6246f
150109c9969aa06f96f15462ed4402300c5e62d589b3e732bdbd077ce92b1d49
1c9e1766175351ae990c98a2e1b5740455615e788bce228dfceb71f910c01ad8
21839a7404f2f6c58da0e2eb4dd97153566ade111226822bc05813e05770cafa
220b416e922cf74f723ea3d607444f68e8237d0d5bebe2792b983afa53a2f0d7
27293a4151096b9d3400ce7e12f216c091f3431cb2fa93d2b3e7b22fdafe24ec
29f261d2e0828f8395000abd521ed17b095a139e3eb7cfc8430b062bd33b1b5a
2a9ca248ef40d991cbcecc86fceeeaf615c3405bb28c5115665e02e7d13eac34
338ea6262fda802bb8facff37e4961a3162ab8b896a75bbe226838da5f5cc0ff
338faf4228ab73edbd054e14994c995591c4ee788f8d1022a2cfe62e72bd7b45
355b21e34ae41656c7a18166035430d2543780da1037b4ab86e703ce3c4d6ddc
3df3c66e48b4bc4f2ddc78cd0d1459c25fc0bdcc30bef0073557a6a914c0dc98
40caaaad6a98cd6b7b37d35272af677708739579a0797368db15f3fa609a3575
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529
440374abad31fa2c2e8210eb31aceeedf4f801465dcd2b79b73637a7473a809d
46ce05d42c0ace6157a2a88e54fee3c5de0527ba259f3964c650f4c0b8114e9c
4b74b758dfd44e887d3d43df059a4ad5113329024784a7bf36fe5fdc63cd17dd
4d0ffca94b3afa87057243b6690239c445dc7bbb5d3610ab392844546e0c5133
51812a205b45faf148e12b37f0f9ecf1dce6d5e7296bbfec281262bf075e5c4a
52e9ac219a4443694709c4e87d9a4d546d156b66d426200ca0c34889466b50b0
5584fe2257cfa5c4adb5512df868b82272393a03b87f977730f8084b5c393e2c
5d9306f5f844bdca438a99633a6ab1e553e33635d363c533897ceb536698d9e7
6307e6e6c84cde07545cdb21bda06a1dfb60701588652d86653f1ccfa50b4297
640ef554933689e61a680d82199608949b363bf77580592adde8dddfb6179a54
6af5c62754b90f06cf88206b2565efb9fb0eeb963cc8eab50d5c84f74bb4e5a1
6be89c46dd1a97f676060ac6d860434eedaef7acdf276a0c0c2c2b1c504d6ff6
6e531af4f2f943cdaec728c4148a30249da96b4051d2a3ae07856b7cc4ba8435
724be3f7bc4ed3c63fc7680e963cc7c365190de82c1e00556d2ed89b35704c5c
740e763788b22973bf5f029252de4632b64052197e9d2f152154df02707869ec
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb
8086f37b2fef5219c0b43c66e419e6e1825aabd68be129ed32a07ed15a5a594b
80da003d8010021f3babdeafc674e173263d44a224d742b2499ea57e5ef09b19
82bfba4e788bd3a2b1eeb38fdeeb42a5e328e888361e6f529ab4e55f420cd6b7
8746be007a504a31a049853ffde3017ea0e55c666a0395eda49f9a6b81bbcab7
8d5865f67a25e1a395c3acff873f8a053bf8e1ee45028fce3de94348d92c8705
91d41722669cebe9c974d9a3eb39185f6e1777d4bd71eb6f312a2ab888965504
9ba7319051bb586b77a46b5aa7a664f577f1e95a78be1129f12476deeef241c7
a1c1f1d901d7ce0576d7a7626b6262d032a6a9a746f255e3f5f7369fccfbaccd
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a30e6d88034ba9769cf08be9b3069814dfaf577fde4ad1d887b54abc2cdae057
a60a6064ac1724bb0abd0c82cc440ed072cb972ec5262430b5b42c7c859d37d1
a8fc18e5131b33cf1ab0d1ff1bddf5dcf3fbefded621ad62bcdab8e1603d8b55
ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258
ae0400d6155fbbd61c93d4f5546e8a2e6c96f6aed576f5728f8500e8e9f6f816
ae51c5ee1b4a5955061cdf4c01bb915e88e00a777a9f727a714a7d1d330e9116
b76a5e8ca4f9a0e58f9eb8b3c80c47dd7cf499386bfd8078f4e842b712324a6f
bc25addd219ee127babf8f983627baefcceb59f88331ca84d393b9fc619c5e7e
be8bbf5cc0b121c3dd28ad59bbb3b71bdd8cd7796310036db3135f7d0c55a9e1
bebe151505aa602d164966fe2984c580faa727215be6c551b1ddb2b6ede9a29c
c12acf59860d465d175a2fcfe79e289d2efd8df4172d28ed41bde5562472f4b7
cbd9eb505b2bd83ee9334279641af7bbd21ce61602bc0245b365228f1ec8d3cd
cf2aceccd2bdc3ac7f08c6e5bf68715befdf2bfd8433bc9b8f1fc0ab6d2d4b5f
d439642113ef7eea4b885264c34eb595ced8a9183d124ff86f501847f6940489
d538f182d4d2cfaa089c300d45d994003d6f90486b8eb2d7c3664789fa567581
d6b4f438b1f63855ada999324e2841f49a50a51271a72bb4dc275fa3ba6ce223
d93b6a6c4e9e25042ac578899c157da4536d85c7cd0d6e0eab4d306e26e496ae
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
db7418f001826f07351d85b29af31ac7d49375fe39e485ebbed294734816390d
dda307b0c1c3438c236780748f99384ed63683dc7265c4bf590d4644de535d87
dfd2a379d47c84d2fb258a52c0dab620bccbb859e30d498946182208bbae2bc6
e0a05c7dfbfab6cac8e00a91f558242e72741a554a4cdc598d02c2e4dd038901
e0c58646f6d51cae4b6a321a4cda8506061527ec8ed23b7bd6ecf3467e99a0e4
e349f08ef2bbd0b0cbf65b912d0d1a9a6409253b7ab8e979473e0c3ce5deea07
e395304ac374c0ff547768dfbafecd0aa3f7dc3c7556a66e35d957934ff6768b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b61a0d1104a1e7143331130d523d2818cd93b466fbafd28034250ad09f7522
e85e18d31d41e0a1223bf940b52e152ee7f34265f458083806b309ed4ca30779
ebd2c53dc1e1739c079620657c5ac09d27d9772bb325b972d1db0f354774fb19
ef52bcd5bc87b8fe86531a53766cd1349e122786526091a096a8387ba8862df0
efb6f8479192826d16401c81a6d66e06b75793cf696d4cd917084715316a4df8
f02dc321a890f3f78f6e7e2b55a8895d11ff10801f5cc50d2c4b79b5696156cd
f38aea07a4beee6d9e86b4150e5ae29fc4e0c59b98b4515d00591e77d20383b2
f6c8a9e6257342b548d2f75fc969bbf253f4b3c7c5dd089abefb1623d73d6a09
f7c24dba7a46112b0f5d36478b8329b6cb76304b48a1b8395b2c4b32b838ac1f
f7f8c0fb3a81517531af1f84402eab7aab031f2333cb415f3c0e231491444873
f854314f53b4360b3482ed44988ddc657f5f62e365b474d1887d97b2f15451d4
fd9d45712efcbd84604dd9180d65e1edc999476617c5819c8aba8cde4b95ae8c

www.bahn.de Open in urlscan Pro 2a02:26f0:3500:18::1724:a29e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

100 %HTTPS

88 %IPv6

6 Domains

8 Subdomains

9 IPs

3 Countries

1613 kBTransfer

2841 kBSize

21 Cookies

14 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bahn.de Open in urlscan Pro
2a02:26f0:3500:18::1724:a29e Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

9
IPs

3
Countries

1613 kB
Transfer

2841 kB
Size

21
Cookies

75 HTTP transactions
14 data transactions